appin – Techdirt (original) (raw)
A Win For Press Freedom: Court Allows Reuters To Republish Story On Shady Indian Firm
from the anti-suppression dept
You may recall last December when we wrote about the somewhat shocking news that an Indian court had ordered Reuters to take down an entire article investigating a company, Appin and its founder Rajat Khare, that were accused of running a giant “hacking for hire” operation. Ten months later, that article is back online with a new editor’s note:
Editor’s note: This article, originally published on Nov. 16, 2023, was removed from Reuters.com in response to a temporary injunction issued by a New Delhi district court on Dec. 4, 2023. Before publication, a group calling itself the Association of Appin Training Centers had filed suit to prevent the report from running. The association accused Reuters of damaging the reputations of training centers and their students, an allegation Reuters disputes. After publication, the court granted a temporary injunction, and Reuters took down the story while it appealed. On Oct. 3, 2024, the district court vacated its injunction. The article has now been reposted here, with an update in paragraph 14 to note that there’s no suggestion that bona fide students of the training centers were involved in hacking.
Appin had gone around using various law firms (including the infamous speech suppressors at US law firm Clare Locke) to demand publications remove articles or mentions of Khare. Some, such as Lawfare (which absolutely knows better), caved and took down or redacted their stories. Others (like us) refused to be bullied.
I was able to get my hands on the recent Indian court order that dismissed the original injunction. Experts in Indian law had told me last year that the kind of injunction that forced Reuters to take down its story were unfortunately common. They were based not on a full review of the situation, but rather the courts were often willing to take an “injunction first, investigate later” approach to things, which could take some time, given how busy the courts are.
It appears that’s what happened. Once the court finally looked at the issue (albeit nearly a year after forcing the article down), they realized that it did not make sense to suppress it and allowed it to come back.
The court here even notes that the Indian Supreme Court has more or less said that courts shouldn’t issue an injunction against publication, so long as the journalism organization “intends to justify” what they wrote, and that what they wrote is “a matter of public interest.”
Quoting from some English decisions, the Hon’ble Supreme Court further indicated that the Court will not restrain the publication of an article, even though it is defamatory, when the defendant says he intends to justify it or to make fair comment on a matter of public interest.
The court then notes that since some of the concerns are about students of the Appin training centers feeling maligned, and Reuters agreed (as in the note above) to clarify that they were not implying actual students of the training centers were involved in any hack-for-hire scheme, the court deemed that the injunction should be dismissed and the article could be put back online:
From the arguments of parties and also from the available record I am unable to find any justification to issue interim injunction against publication of articles or published articles. However, during the course of arguments, Ld. Counsel for defendant no.1 to 4 (i.e. the main contesting parties) have assured that his clients are not interested in maligning the reputation of students and also the plaintiff association which came into being only in the year 2022 and that the articles will have necessary clarificatory massage incorporated therein. In such circumstances, binding such defendants with the assurances so given, it is held that as at present, the plaintiff has not been able to show any prima facie case to make interference in the process of journalism.
The interim injunction application of the plaintiff is dismissed.
It does seem somewhat crazy, though, that this article was unavailable for nearly a year when the court is saying that it can’t “find any justification” for an injunction, and that the Supreme Court has already established that the courts should not restrain the publication of an article.
And yet, the courts did exactly that for almost a year.
Of course, now that the article is back again, it seems likely to get renewed attention to the whole thing. So, if Rajat Khare’s lawyers want to contact us and reveal other things they insist he had nothing to do with (even things no one was reporting on), feel free to reach out.
Or maybe Khare and his lawyers can just respond to the allegations, rather than trying to suppress speech.
Attacking the media through lawfare techniques (yes, it’s ironic that a publication named Lawfare caved to this nonsense) is unfortunately common. It’s ridiculous, stressful, and resource-intensive for the publications and reporters involved. Thus, it’s good to celebrate and highlight the victories when they come through. Congrats to Reuters for succeeding here.
Filed Under: defamation, free speech, india, prior restraint, rajat khare, reporting, speech supression
Companies: appin, clare locke, reuters
Maybe Your Lawyers Shouldn’t Tell Reporters You Did Not Engage In ‘Conspiracy To Or Complicity In Murder’ When No One Was Claiming Otherwise
from the get-better-lawyers? dept
Sometimes my “I have not participated in any conspiracy to or complicity in murder” t-shirt raises a lot of questions already answered by my shirt.
Remember Rajat Khare? He’s the guy associated with Appin Technologies in India, and there’s a pattern of stories mentioning his name suddenly disappearing (or his name disappearing from them) after his various lawyers get involved. Could be a coincidence. Might not be.
We had written about Appin successfully getting an Indian court to order Reuters and Google to remove a story about Appin last year based on a preliminary court ruling. Then we received a bunch of emails from Appin demanding we remove our article. A few weeks ago, we (with help from EFF) told Appin that we were under no obligation to do so.
Reporter Andy Greenberg at Wired wrote about all of this the day we released our response. Now, a couple of weeks later, Wired has updated their story to note that Khare’s lawyers had contacted them two weeks after the story had gone up (despite Greenberg having reached out to Appin and receiving no response) to complain about not having been asked for comment, calling Wired’s story defamatory, and demanding a retraction.
There was something else too:
Neither Appin Training Centers nor Rajat Khare responded to WIRED’s request for comment. However, two weeks after this story was initially published, lawyers from the firm Clare Locke sent a letter to WIRED on Khare’s behalf, calling this story defamatory and demanding a retraction. WIRED stands by its reporting. The letter claimed that WIRED did not reach out to Khare for comment, which is false. It demanded that WIRED include a statement from Khare, which we’ve added as an update below. In addition, it denied that Khare had participated in any “conspiracy to or complicity in murder”—an allegation that was not made in this article.
So, noted.
Filed Under: andy greenberg, rajat khare, streisand effect, threats
Companies: appin
Sorry Appin, We’re Not Taking Down Our Article About Your Attempts To Silence Reporters
from the we-stand-by-our-reporting dept
Back in December, we wrote about Appin. We were not writing about the reports (of which there have been many) that the organization that started as a sort of cybersecurity training school, but morphed into a kind of “hack-for-hire” scheme was involved in all sorts of nefarious activity. Rather we wrote about their (ab)use of the Indian court system to order Reuters to remove a big, detailed, investigative report on the company.
The history of Appin, and reporting on its involvement in hacking schemes, goes back a over a decade. Reports of Appin trying to hide and suppress such stories is a bit shorter but are abundant. And Appin has, at times, been quite successful, especially in trying to remove the name of the guy regularly accused of being behind Appin, Rajat Khare. See this SwissInfo report on how Qatar “spied on the world of football,” which was forced to remove Khare’s name while leaving in Appin’s.
Or how about the Bureau of Investigative Journalism story published in 2022, Inside the Global Hack-for-Hire Industry. An earlier version of that report names Khare. In April of 2023, the article was updated, and all mentions of Khare disappeared. There are many more examples as well.
Back in December, the Daily Beast finally had an article entitled “Who is Killing all These Stories About a Controversial Tech Mogul?” highlighting how stories about Khare and Appin have a noticeable history of suddenly disappearing.
In a move that has press freedom campaigners troubled, Rajat Khare, co-founder of Appin, an India-based tech company, has used a variety of law firms in a number of different jurisdictions to threaten these U.S., British, Swiss, Indian, and French-language media organizations.
On Nov. 16, Reuters published a special investigation under the headline “How an Indian startup hacked the world,” detailing how Appin allegedly became a “hack for hire powerhouse that stole secrets from executives, politicians, military officials and wealthy elites around the globe”—a claim that Khare strongly denies. Khare retained the powerhouse “media assassin” firm Clare Locke LLP, which boasts on its website about “killing stories,” to send Reuters several legal threats over the past year about the story, according to two people familiar with the matter.
After the removal of the Reuters story, which at least involved an actual court order, others appeared to be bullied into submission as well. Perhaps most shockingly, Lawfare (who, of anyone, should understand how ridiculous this is) redacted their version of the story about Reuters pulling down its article, saying that they did so after receiving “a letter notifying us that the Reuters story summarized in this article had been taken down pursuant to court order in response to allegations that it is false and defamatory. The letter demanded that we retract this post as well.” And they did so, despite no legal basis:
Unsurprisingly, we also received similar demands. We received multiple emails claiming to represent “Association of Appin Training Centers” legal department, and claiming (falsely) that by quoting the Reuters article (which we did not even do) we were also liable for violating the court order. Similar demands were also sent to our CDN provider, our domain registrar, and the domain registry.
The only thing we quoted from Reuters was their announcement about the removal — not from the original article. The other parts we quoted were from SentinelOne, the security research firm that Reuters used to analyze the data. At the time we wrote the article, SentinelOne’s report remained online (it, too, has since been removed “in light of a pending court order … out of an abundance of caution”).
In the meantime, though, all these attempts to pull down and hide the content appears to be causing a bit of a Streisand Effect. Beyond the Daily Beast article calling out the campaign, the website Distributed Denial of Secrets decided to republish the Reuters piece as part of its new “Greenhouse” project, noting:
In response to the unacceptable censorship by Appin and the Indian courts, Distributed Denial of Secrets is launching a new initiative to combat censorship: the Greenhouse Project. The Greenhouse Project continues DDoSecrets’ mission of ensuring the free transmission of data in the public interest by making the ‘publisher of last resort’ concept proposed by George Buchanan in 2007 a reality. By ensuring the reporting and source files are preserved, the Greenhouse Project builds on previous efforts creating a “warming effect” to reverse the chilling effects of censorship.
In addition, the Freedom of the Press Foundation, Politico, and Columbia Journalism Review have all run stories on Appin’s attempt to silence reporters. And, of course, all of this just keeps bringing more and more attention to the underlying claims about Khare and Appin. If Khare disputes those claims he could respond to them and refute them directly. Instead, he appears to be continuing a campaign of legal threats and dubious legal filings to seek to scare off reporters.
A few weeks back, we found out that our friends at Muckrock, the operators of DocumentCloud, had also received similar threats regarding documents hosted on that site.
Earlier this week, EFF sent a letter to the Association of Appin Training Centers, on behalf of both us and Muckrock, pointing out that the arguments they made in their letters to both of us did not appear to match what was in the actual court filing, which (1) does not clearly establish that the articles were defamatory based on the full evidence and a complete defense by Reuters, and (2) very clearly only apply to Reuters and Google. Furthermore, the letter points out that we are protected by the First Amendment, and any move to enforce a foreign order that violates the First Amendment would be barred under the SPEECH Act.
You can find Muckrock’s article about this here. Andy Greenberg, at Wired, also has a story about this.
This kind of censorial bullying may work on other publications, but Techdirt believes that (1) important stories, especially around surveillance and hacking, deserve to be read and (2) it’s vitally important to call it out publicly when operations like Appin seek to silence reporting, especially when it’s done through abusing the legal process to silence and intimidate journalists and news organizations.
We want to thank David Greene and Aaron Mackey at EFF for their help with this.
To the Association of Appin Training Centers:
We represent and write on behalf of Techdirt and MuckRock Foundation (which runs the DocumentCloud hosting services), each of which received correspondence from you making certain assertions about the legal significance of an interim court order in the matter of Vinay Pandey v. Raphael Satter & Ors. Please direct any future correspondence about this matter to us.
We are concerned with two issues you raise in your correspondence.
First, you refer to the Reuters article as containing defamatory materials as determined by the court. However, the court’s order by its very terms is an interim order, that the defendants’ evidence has not yet been considered, and that a final determination of the defamatory character of the article has not been made. The order itself states ‘this is only a prima-facie opinion and the defendants shall have sufficient opportunity to express their views through reply, contest in the main suit etc. and the final decision shall be taken subsequently.
Second, you assert that reporting by others of the disputed statements made in the Reuters article ‘which itself is a violation of an Indian Court Order, thereby making you also liable under Contempt of Courts Act, 1971.’ But, again by its plain terms, the court’s interim order applies only to Reuters and to Google. The order does not require any other person or entity to depublish their articles or other pertinent materials. And the order does not address its effect on those outside the jurisdiction of Indian courts. The order is in no way the global takedown order your correspondence represents it to be. Moreover, both Techdirt and MuckRock Foundation are U.S. entities. Thus, even if the court’s order could apply beyond the parties named within it, it will be unenforceable in U.S. courts to the extent it and Indian defamation law is inconsistent with the First Amendment to the U.S. Constitution and 47 U.S.C. § 230, pursuant to the SPEECH Act, 28 U.S.C. § 4102. Since the First Amendment would not permit an interim depublication order in a defamation case, the Pandey order is unenforceable.
If you disagree, please provide us with legal authority so we can assess those arguments. Unless we hear from you otherwise, we will assume that you concede that the order binds only Reuters and Google and that you will cease asserting otherwise to our clients or to anyone else.
———————————————————–
David Greene Civil Liberties Director/Senior Staff Attorney Electronic Frontier Foundation
Filed Under: 1st amendment, censorship, free speech, hack for hire, india, rajat khare, streisand effect
Companies: appin, muckrock, techdirt
Indian Court Orders Reuters To Take Down Investigative Report Regarding A ‘Hack-For-Hire’ Company
from the huh,-will-you-look-at-that dept
Over the years we’ve written about plenty of “cyberespionge” companies. Some engage in spyware or surveillance ware. Others actively hack devices. Almost all of these eventually get exposed through dogged investigative reporting.
A few people reached out to point to this rather concerning Editor’s note that was posted to Reuters this week:
Reuters has temporarily removed the article “How an Indian startup hacked the world” to comply with a preliminary court order issued on Dec. 4, 2023, in a district court in New Delhi, India.
Reuters stands by its reporting and plans to appeal the decision.
The article, published Nov. 16, 2023, was based on interviews with hundreds of people, thousands of documents, and research from several cybersecurity firms.
The order was issued amid a pending lawsuit brought against Reuters in November 2022. As set forth in its court filings, Reuters disputes those claims.
I had missed the original article, now that the court has forced Reuters to take it down, it seems likely to get much more attention. You can find archives of it in multiple places. Though who knows if those will remain up. You can also find articles building on Reuters’ investigative reporting.
The basic summary of the Reuters report is that an Indian firm, Appin Software Security, has been offering what is effectively “hack for hire” services for over a decade.
Notably, Reuters reporters handed over the data they found to SentinelOne who did their own analysis of what was found, and it’s pretty damning. Notably, the SentinelOne report appears to still be online.
Appin is considered the original hack-for-hire company in India, offering an offensive security training program alongside covert hacking operations since at least 2009. Their past employees have since spread to form newer competitors and partners, evolving the Appin brand to include new names, while some have spread into cybersecurity defense industry vendors. Appin was so prolific that a surprising amount of current Indian APT activity still links back to the original Appin group of companies in one form or another. Campaigns conducted by Appin have revealed a noteworthy customer base of government organizations, and private businesses spread globally.
Our analysis and observations corroborate the June 2022 reporting from Reuters noting some of Appin’s customers tied to major litigation battles. The group has conducted hacking operations against high value individuals, governmental organizations, and other businesses involved in specific legal disputes. Appin’s hacking operations and overall organization appear at many times informal, clumsy, and technically crude; however, their operations proved highly successful for their customers, impacting world affairs with significant success.
Of course, I might never have heard about this at all if a court in New Delhi hadn’t ordered Reuters to delete the story. And it’s possible that you wouldn’t have heard about it either.
Someone should come up with a name for that sorta situation.
I will note that in the original Reuters article, they note that the company’s US legal representatives is the law firm Clare Locke, which we’ve spoken about before. They’re the lawyers who often appear to brag about how their aggressive tactics are known to get stories killed in the media. Their website literally lists all the major media outlets they’ve gone after in the past.
So I guess it’s little surprise that the firm would seek to suppress the story about them.
But the data and the report seen by SentinelOne are pretty damning.
The cybersecurity firm’s exhaustive analysis of data that Reuters journalists collected showed near-conclusive links between Appin and numerous data theft incidents. These included theft of email and other data by Appin from Pakistani and Chinese government officials. SentinelOne also found evidence of Appin carrying out defacement attacks on sites associated with the Sikh religious minority community in India and of at least one request to hack into a Gmail account belonging to a Sikh individual suspected of being a terrorist.
“The current state of the organization significantly differs from its status a decade ago,” says Tom Hegel, principal threat researcher at SentinelLabs. “The initial entity, ‘Appin,’ featured in our research, no longer exists but can be regarded as the progenitor from which several present-day hack-for-hire enterprises have emerged,” he says.
Factors such as rebranding, employee transitions, and the widespread dissemination of skills contribute to Appin being recognized as the pioneering hack-for-hire group in India, he says. Many of the company’s former employees have gone on to create similar services that are currently operational.
Reuters’ report and SentinelOne’s review have cast fresh light on the shadowy world of hack-for-hire services — a market niche that others have highlighted with some concern as well.
And the demand that the Reuters piece get removed only should draw that much attention towards Appin’s behavior.
Filed Under: espionage, hack for hire, india, reporting, streisand effect, takedown
Companies: appin, clare locke, reuters, sentinelone