Why Did India Fail to Discover the ISIS Twitter Handle?

Why Did India Fail to Discover the ISIS Twitter Handle? is a Business Standard report published on 26 December 2014 by Anita Babu. The article examines India’s surveillance and intelligence capabilities following the revelation that Bengaluru-based Mehdi Masroor Biswas operated a prominent pro-ISIS Twitter account, featuring commentary from Sunil Abraham, then Executive Director of the Centre for Internet and Society, and cyber law expert Pavan Duggal on targeted surveillance approaches, data management challenges, and jurisdictional constraints affecting India’s cyber intelligence operations.

Contents

  1. Article Details
  2. Full Text
  3. Context and Background
  4. External Link

Article Details

📰 Published in:
Business Standard
📅 Date:
26 December 2014
👤 Authors:
Anita Babu
📄 Type:
News Report
📰 Article Link:
Read Online

Full Text

Back in 2009, after the investigation team, probing into the 26/11 Mumbai terror attacks, almost cracked the case, it was the US's Federal Bureau of Investigation (FBI) which connected the missing links by arresting David Headley, the mastermind.

Five years later, India is staring at a similar situation, when Bengaluru-based Mehdi Masroor Biswas, was allegedly found to be operating a pro-ISIS (Islamic State) Twitter handle. It was a British broadcaster, Channel 4, which blew the lid off Biswas's activity. Soon after the report, Indian authorities swung into action. Last year, when communal violence broke out in some parts of Uttar Pradesh, a Pakistani news organisation reported that a fake video was being circulated to fan sentiments.

But, why have Indian agencies failed to detect such activities which pose a threat to the national security? A senior government official said intelligence agencies in the country scan the internet for leads. But, in the light of increased threats, systems need to be beefed up significantly. Perhaps, as a first step towards this, the home ministry on Wednesday formed a committee to prepare a road map for tackling cyber crimes in the country.

It will give suitable recommendations on all facets of cyber crime, apart from suggesting possible partnerships with public and private sector, non-governmental organisations and international bodies.

According to Sunil Abraham, executive director of a Bengaluru-based research organisation, the Centre for Internet and Society, it's time we move closer towards intelligent and targeted surveillance, rather than mass surveillance. This will require monitoring a selected accounts or profiles, instead of tapping information from across the population. Old-fashioned detective work is also very important, as it has helped zero in on Biswas.

Another problem the country faces is that a lot of data is being pooled in by multiple agencies, but of little use. "We must free up our law enforcement agencies and intelligence services from the curse of having too much data," Abraham adds. Since most of the internet companies are headquartered outside India, the authorities face a lot of difficulties in accessing information from these networks.

"India's surveillance system fails to track the servers of internet giants like Google or Facebook because these do not have servers in the country. Our system is only confined within the country," says Pavan Duggal, a leading cyber law expert.

Since the US has the capability to access information from telecom companies, service providers such as Twitter and Facebook and the consortia that run submarine cables, these companies cooperate in a much more effective and immediate manner, adds Abraham. "But these are things that we will never be able to do in India," he adds.

For instance, India follows the mutual legal assistance treaty procedure, to gather and exchange information in an effort to enforce public laws or criminal laws. However, this is a time-consuming process and often takes up to two years before we get any data from these companies.

But due to the threat of cyber-terrorism being shared by both companies and governments, companies such as Google, Twitter and Facebook are cooperating more than before, experts say.

Internet and Jurisdiction Project, an international group that works towards ensuring digital coexistence, tries to get a procedural law between two countries in a harmonised manner and includes collection, storage, handling and processing of evidence.

More lubricating efforts should be undertaken internationally on these lines, say experts. Hopefully, the new committee will take steps in this direction.

Back to Top ⇧

Context and Background

This article appeared on 26 December 2014, shortly after British broadcaster Channel 4 revealed that Mehdi Masroor Biswas, a Bengaluru-based employee at an Indian conglomerate, operated the Twitter account @ShamiWitness—one of the Islamic State’s most influential English-language propaganda channels with approximately 17,800 followers. The account disseminated ISIS recruitment materials, battlefield updates, and ideological content, serving as a key information node connecting prospective foreign fighters with handlers. Biswas’s arrest by Karnataka Police on 13 December 2014 highlighted significant intelligence gaps, as Indian agencies had not independently identified the account despite its prominence amongst terrorism researchers and counter-extremism practitioners.

The case paralleled the David Headley episode referenced in the article’s opening, when FBI investigations following the November 2008 Mumbai attacks revealed that an American citizen of Pakistani origin had conducted reconnaissance missions for Lashkar-e-Taiba whilst Indian intelligence agencies failed to detect his activities. Both instances illustrated India’s dependence on foreign intelligence services and media organisations to identify domestic terrorism threats operating in digital domains, raising questions about surveillance infrastructure adequacy and analytical capabilities.

Abraham’s advocacy for “intelligent and targeted surveillance, rather than mass surveillance” challenged the prevailing policy trajectory emphasising expansive collection capabilities. The Central Monitoring System, operationalised in 2013, enabled real-time lawful interception of telecommunications and internet traffic, whilst the National Intelligence Grid (Natgrid) aimed to integrate databases across agencies. However, Abraham’s diagnosis identified the problem as analytical deficiency rather than collection insufficiency—agencies accumulated vast data volumes but lacked capacity to extract actionable intelligence from these holdings, creating “the curse of having too much data” that overwhelmed analysts rather than empowering investigations.

This critique resonated with international debates about signals intelligence effectiveness following Edward Snowden’s 2013 revelations about NSA mass surveillance programmes. Privacy advocates and some intelligence professionals argued that indiscriminate collection generated “noise” that obscured genuine threats, whilst supporters maintained that comprehensive data repositories enabled retrospective analysis after suspects were identified. Abraham’s position sided with the former camp, suggesting that focused monitoring of identified accounts combined with “old-fashioned detective work” would prove more effective than dragnet approaches.

The jurisdictional challenges highlighted by both Abraham and Pavan Duggal stemmed from India’s limited leverage over technology companies headquartered in the United States. Whilst US authorities could compel cooperation through legal process backed by companies’ domestic presence and potential penalties, Indian requests required Mutual Legal Assistance Treaty procedures involving diplomatic channels and formal evidence presentation that “often takes up to two years.” This asymmetry meant that US-based platforms cooperated promptly with American agencies whilst Indian investigations faced substantial delays, creating operational disadvantages for Indian law enforcement pursuing time-sensitive terrorism investigations.

Duggal’s observation that “India’s surveillance system fails to track the servers of internet giants like Google or Facebook because these do not have servers in the country” reflected technical and jurisdictional realities. Data localisation requirements—mandating that companies store Indian users’ data within India’s territorial boundaries—had been proposed as solutions enabling domestic legal process to compel data access without international cooperation. However, such proposals faced resistance from technology companies citing increased costs and operational complexity, whilst civil liberties organisations warned that localisation could facilitate authoritarian surveillance by eliminating cross-border legal protections.

Sunil Abraham’s assertion that India would “never be able to” achieve US-style access to submarine cable consortia and platform infrastructure acknowledged geopolitical realities. The United States’ intelligence apparatus benefited from technology companies’ domestic incorporation, physical infrastructure concentration in American territory, and intelligence community relationships cultivated through decades of national security cooperation and legal frameworks like the Foreign Intelligence Surveillance Act. India lacked equivalent structural advantages, suggesting that effective cyber intelligence required developing alternative approaches rather than attempting to replicate American capabilities.

The home ministry’s formation of a committee to “prepare a road map for tackling cyber crimes” represented official acknowledgment of institutional deficiencies. However, such committees frequently produced reports recommending surveillance expansion and platform regulation without addressing analytical capacity building, inter-agency coordination failures, or accountability mechanisms that might improve intelligence effectiveness whilst safeguarding civil liberties. The article’s conclusion expressing hope that “the new committee will take steps in this direction” regarding international cooperation frameworks suggested optimism about multilateral approaches, though subsequent years demonstrated limited progress on harmonising cross-border evidence gathering procedures.

The @ShamiWitness case also illustrated challenges in identifying online extremism when actors maintain operational security and avoid explicitly illegal content. Biswas tweeted propaganda supporting ISIS without directly inciting violence or recruiting fighters, operating within ambiguous legal boundaries that complicated prosecution even after identification. This highlighted gaps in Indian law, where Information Technology Act provisions addressed specific offences like hacking or cyber terrorism but struggled to encompass propaganda dissemination and ideological radicalisation conducted through lawful speech protected by constitutional guarantees.

📄 This page was created on 9 January 2026. You can view its history on GitHub, preview the fileTip: Press Alt+Shift+G, or inspect the .