The grand battle between The Wire and Meta became an inkblot test for political loyalties and ideologies. However, irrespective of which ‘side’ you’re on, we all need to understand not just the ‘what’—but also the ‘how’ and ‘why’ it happened. Samarth Bansal cuts to the heart of this fraught debate to explain why a highly respected newsroom can get such a big story so very wrong.
Editor’s note: Samarth possesses a rare combination of an IIT degree and extensive journalistic experience. In his words, he is deeply invested in “rigorous, fact-based, data-informed and thoughtful reporting” that helps us “understand the impossibly complex world we live in.” His work has appeared in the Hindustan Times, The Hindu, Mint, HuffPost India, The Atlantic, The Wall Street Journal and Quartz. He is @PySamarth on Twitter, and you can learn more about him and his work here. See our previous Big Story that offers a lot more context on how this entire mess began.
Here’s a quick timeline of the rollercoaster course of events that ended with The Wire launching an internal inquiry into one of its biggest ‘scoops’:
Let’s get this straight: The Great Meta Takedown was a manufactured story based on flimsy and poorly-sourced evidence—we just don’t know who manufactured it and how.
The Wire fell for the seductive appeal of unravelling a grand conspiracy between a powerful global tech company and India’s richest and most powerful political party. They supposedly accessed internal documents, internal emails, internal company systems and interviewed employees to claim that a BJP official possessed a magic wand that could delete Instagram posts at a whim. The ultimate censor.
A fierce debate followed on the veracity of The Wire’s reporting and devolved into the usual polarised and ugly argument. Supporters were furious at what they viewed as motivated attacks at a respected liberal news organisation. Sane, measured voices who raised reasonable questions about The Wire’s evidence were tarred with the same brush. Meanwhile, the publication’s critics on the right jumped on the opportunity to paint it as a peddler of fake news—badgering Meta to sue The Wire.
And that’s the real misfortune of this saga: it revealed that inarguable facts have become subjective in a world defined by shrill loyalties—powered by social media platforms that incentivise the loudest in the guise of promoting public debate.
Many of us no longer care whether the message is true or not. All that matters is whether the messenger is one of “our own” and confirms what we already believe.
In a world that seems frighteningly unpredictable, we find deep comfort in easy, sweeping narratives—stories with a hero and a villain. We all know Meta has a terrible track record from the multitude of sins exposed in the past. We also know the Indian government is tightening its iron fist on free speech—quashing any sign of dissent. How hard is it to believe that Meta would be all too ready to hand over the keys to its platform in pursuing profit and influence?
Of course, now that The Wire’s evidence has proved flimsy, it is just as easy for its naysayers to believe it deliberately fabricated evidence to frame the government—to serve powerful ‘anti-national’ interests.
Lost in this hue and cry is a far more important question: what does the word ‘evidence’ even mean in such a charged low-trust environment? How do we verify if something is true or false?
Contrary to what it may seem—in this case, at least—it wasn’t all that hard to figure it out. This isn’t a story about poor tech knowledge or scarce resources. This is a cautionary lesson about what happens when you don’t follow basic journalistic rules of sourcing and verification.
Let’s go back to the beginning and understand why there was never any story here. The best part? You don’t need to trust Meta one bit to figure out what went wrong. This is the story of proving the authenticity of one document and one email—and exposé of a forgery.
Let’s start.
Story #1: On September 19 2022, @cringearchivist, an anonymous meme account—who call themselves ‘Superhumans’ Archive of Cringetopia’—posted an Instagram story showing a resident of Ayodhya worshipping an idol of Uttar Pradesh chief minister Yogi Adityanath at a temple. But the post was taken down within two minutes, citing ‘sexual activity and nudity’ violation even though both men were fully clothed.
The people who operate the account blamed the faulty algorithm, a problem we have known for a long while: several posts on social media platforms are misclassified as violating rules and taken down without good reason. Stupid AI.
So they reached out to The Wire requesting coverage, and the publication did the most boring yet necessary story tech reporters have been writing for at least five years now: arbitrary takedowns of content by unaccountable and powerful social media companies.
That was October 6.
The evidence: The piece was based on the claims of @cringearchivist, who shared a screenshot of Instagram’s takedown notice. The Wire says it reached out to Meta to demand an explanation. They only received a response from their public relations agency which said they hadn’t received the attachments sent by The Wire reporter, Jahnavi Sen.
Story #2: Four days later, on October 10, The Wire published a bombshell. We were told that the takedown was not an algorithm glitch. Instead, an intentional act of BJP IT cell head Amit Malviya had triggered the takedown: he saw the Instagram story in question, found it offensive (or whatever), reported the story for nudity, and because he had special privileges under Meta’s secretive XCheck program—which was only revealed by journalistic work—had the power to bypass any review.
The claim made by the story was explosive:
“The company has given Malviya two levels of privileges—he can post as he likes, without the rules governing the platform applying to him, and he can impose his will as he pleases to have posts critical of the BJP, the Union government, or right-wing Hindu politics, deleted.”
In fact, Malviya had personally ensured that more than 700 posts were taken down just in the month of September.
The evidence: So how did they know this? A single “well-placed source” inside Meta reached out and handed over a document to The Wire’s technology reporter Devesh Kumar. This was the PIR—the post-incident report, which is basically an automated timestamped log of deletion activity on any post.
The problem of sourcing: This is when The Wire appears to have stopped asking questions. They did not try and crosscheck the Instagram report with other sources. They relied solely on a single source which is contrary to every newsroom norm. The anonymous source was not verified by anyone but their reporter Kumar—the only person who knew and met this source.
They also broke the other cardinal rule of journalism: always get a response from the subject of any allegations before you print. As reporter Sen told NewsLaundry, The Wire did not share any information about the PIR or Malviya with Meta—even though they emailed the company once again about @cringearchivist post takedowns on October 9—a day before they published the story.
The problem of authentication: The Wire also did not look closely at the only piece of hard evidence provided to them—the PIR report. All they had to do was ask a few questions to figure out that the PIR was off.
The first is the most obvious one: corroborate the time. All you had to do was ask @cringearchivist when they posted the Instagram story and match it with the time on the PIR. The Wire did indeed match the dates on the timestamp: September 19. What they did not do: look at the actual time—which was published in milliseconds on the document.
According to the PIR, Amit Malviya reported the @cringearchivist Insta story at 5:12 pm, and within the next two minutes, the report was accepted. At 5:15 pm, the story was gone. The Wire should have, therefore, asked a single and most important follow-up question: what time did @cringearchivist post their Insta story?
Because just as the meme account told me, The Wire would have learned that @cringearchivist posted the Instagram story between 2 and 4 pm. In fact, by 3:22 pm, they had already “mailed somebody about the takedown”—that is, two hours before the takedown time recorded on the PIR their source offered them.
Mismatch. The time does not match. Big red flag.
Point to note: According to @cringearchivist, The Wire did not loop back to ask any follow-up questions after it received the red-hot Insta document or before publishing except to give them a heads up about a follow-up story.
“[T]hey never mentioned timeline. or raised question on its flagging and removal against its visibility status. and against the fact that M’s [Malviya’s] official account, the ID in the review document, never followed us.”
For what it’s worth, @cringearchivist has since been extremely evasive about the time zone of these timestamps when pressed on Twitter—which merely raises even more problems with the timeline.
Questions never asked: In any case, if The Wire had asked that initial question about timestamps, far more fundamental questions would have presented themselves. Such as:
The account is small with a few hundred followers. Why would Malviya go after them? Who knows. His wish.
But it’s a private account. That’s interesting. When did it go private? End of April, says @cringearchivist.
Wait. What does private mean? Those who do not follow the account cannot see their posts. So does Malviya follow this account? No, he does not. He just follows ten Insta accounts. Did he follow them anytime in the past? No, he did not.
This raises the big question: how can Malviya report a post from an account he doesn’t follow? How can he when he can’t even look at the post? How is this even possible?
Thinking…oh, he may have moles lurking in those few hundred followers? And one of them saw the story the moment it was posted, got offended, copied the link, logged in via Malviya’s account (because only he has XCheck privileges) on a separate machine, went to this link and filled the form to take down the post—and this minion is so fast that all of this happens within two minutes?
Or maybe XCheck has even more powers we don’t know of? What if Amit can actually look at posts of any account on Instagram—even private ones?
Possible. Anything is possible. But these are theories in search of facts. Or rather, theories crafted to fit a preconceived interpretation of the available facts. This is not journalism.
The document offered by The Wire’s source was so easily falsifiable. It did not pass the basic smell test. The journalist should have gone back to their insider source to understand why it did not.
More importantly, The Wire should have reached out to multiple sources familiar with Meta’s internal processes to figure out why nothing was adding up. They did not. Instead, they published the story in unseemly haste. The Meta source reached out after the first story on the @cringearchivist deletions was published on October 6. The big scoop on Malviya went up on October 10.
But none of these questions were raised or asked in the Twitter world on October 10 when The Wire story dropped. And then, the next morning, one tweet created a storm.
Enter Andy Stone. And the email.
At 6:57 am on October 11, the Policy Communications director of Meta tweeted:
“Where to even begin with this story?! X-check has nothing to do with the ability to report posts. The posts in question were surfaced for review by automated systems, not humans. And the underlying documentation appears to be fabricated.”
In response, The Wire doubled down.
They published what looked like an internal email sent by Stone to his team. He purportedly wrote: “How the hell [PDF link to an Instagram report] got leaked? Who is the reporter, not on our watchlist, and why didn’t any of you bother to link me up?”
The Wire triumphantly declared: “Stone’s internal email makes it clear that Meta is not only aware of the documentation’s authenticity but is upset about how a copy leaked to The Wire.”
The problem of sourcing: So now The Wire was using a second document to prove the authenticity of the first document. Except, once again, they got this email from a single source. At least, in this case, several Wire employees seem to have "interacted" with this person—and at least, it was someone they had known for a couple of months.
Then again, The Wire barely waited 24 hours to publish the email. There it was again: the headlong rush to get the ‘evidence’ out without exercising due diligence.
Enter Guy Rosen: In a Twitter thread, Meta’s Chief Information Security Officer (CISO) Rosen said: The email is fake. The internal URL where the PIR report was hosted is fake.
Story #3: Four days later, The Wire returned with more evidence. The email is not fake. Experts have verified the authenticity of the email. The URL is not fake. We have a video demonstration showing it exists.
This is the point at which reasonable people started losing grip on the story. The public sphere was now injected with jargon and methods of verification most people didn’t understand. Everyone was puzzled by this Twitter equivalent of a mud wrestling contest. Who do you trust? The Wire or Meta? Who is the big liar? Everything was dissolving into a tribal war of ideological loyalties.
Explaining the tech talk: Wait, you know about fake emails, right? Not photoshop—but like actual fake emails? That’s the prank I used to play on friends when I first learned about it. You can too. (It’s so silly and yet so fun.)
Go to this link, and you can send an email from any address in the world to anyone in the world. You can send an email from your boss to your colleague that says he is fired. It’s so damn easy.
Don’t get confused. There is no ‘hacking’ going on here. This is called email spoofing: the creation of email messages with a forged sender address. (Sorry, you can’t access your boss’s email account.)
Protection against spoofing is one reason why organisations use email authentication protocols that allow email recipients to verify the true sender of a message. This ability is not built-in: organisations need to set this up.
Meta uses one. And if you read The Wire stories, you have heard the name: “DKIM”—the industry standard technology to prove the authenticity of an email. Now, this same DKIM technology can be used for forensic work—to prove if an email someone has received is real. And in this case, to prove whether Andy Stone’s email is real or not.
All this tech talk offered the seductive lure of clarity. We could just rely on the digital equivalent of a smoking gun that will put all doubts to rest. The Wire could, once and for all, expose Andy Stone and Guy Rosen and Meta. Show the world that email did exist with hard forensic evidence. All they had to do was DKIM verification.
So The Wire did exactly that…and totally screwed its own investigation.
The problem of verification: As proof, the publication posted videos of their own reporter verifying the emails. And claimed that it had shown these video clips—not the actual raw data of the email—to two cybersecurity experts on a video call.
They also included screenshots of emails from those experts who approved The Wire’s email authenticity check. But they didn’t reveal the identity of these anonymous experts to protect them.
In other words, they either could not or did not find one trusted cyber security expert with whom they could share the raw data to independently verify the email. Not one person who would publicly stake their reputation on it.
FYI: The Wire claimed all this was impossible due to their whistleblower protection policy.
The Wire’s supporters felt a bit better because it all looked reassuringly technical. But the fact is this: the publication had “proved” nothing. The Wire did the verification, The Wire created the video, and The Wire chose the independent experts whose existence we are asked to believe because of redacted email screenshots shared by The Wire. Do you see the problem there?
The problem of not paying attention: The publication’s lack of editorial oversight was glaringly visible soon after the story went live. The dates on the screenshots of emails from the two independent experts who verified Stone’s email were the wrong year: 2021 instead of 2022. Kumar offered convoluted technical explanations—which experts rebutted at great length. Cue mind-numbing back-and-forth about “headers” and “dkimpy” and “tails” and “superhuman” and whatnot.
But the real problem here had nothing to do with technology—but an astonishing lack of attention to basic details within the newsroom. This achilles heel was soon exposed when something curious happened.
Enter Pranesh Prakash & Kanishk Karan: On Wednesday night, October 12, a day after The Wire published Andy Stone’s email, reporters at The Wire reached out to Karan.
Karan is a cyber security researcher who knew Devesh Kumar, the tech reporter at The Wire. So they spoke on a video call and Kumar asked him if he’d like to be the independent expert who verifies the email’s authenticity.
Karan told me that he was getting ready to go on a trip when The Wire reached out—and didn’t have the time to help. He recommended two other experts to Kumar: Matthew Green and Pranesh Prakash.
He didn’t think much of it when The Wire’s rebuttal report dropped three days later—October 15—citing two independent experts. But there was a rude surprise waiting for him.
Cut to Tuesday morning, October 18. Karan woke up to an email from Prakash—one of the experts on Twitter who had publicly raised questions about The Wire’s reporting. The Wire’s editor Siddharth Varadarajan had told Prakash that Karan was one of the independent experts who verified the Stone email. Varadarajan even forwarded an email from Karan giving his nod of approval—shared with Varadarajan by his reporter Kumar.
Except that Karan did not send that mail.
“When I saw this, I was like, this is just crazy. How is this possible?” he told me.
Because the sender had his name: Kanishk Karan. But the email address was not his: karkanish02@gmail.com. Then again, the LinkedIn profile shared by Varadarajan with Prakash was most certainly his.
Karan immediately texted Kumar and confronted him: did Kumar tell Varadarajan that Karan was one of the two experts? Kumar denied doing so—despite the email shared by Varadarajan with Prakash. Karan was done. He wrote an email to Varadarajan explaining what had happened. On Tuesday evening, he went public on Twitter—making it clear that he had zero involvement in The Wire’s reporting. This was the final nail in the coffin—the first clear evidence of outright forgery.
The Wire announced its internal inquiry and removed its stories “from public view.”
“Our recent coverage of Meta began with an incident that reflected the lack of transparency at the social media giant and its various platforms. But The Wire has an even greater responsibility to be transparent. And we intend to discharge that responsibility with full seriousness.”
A bizarre footnote: In the midst of this, Kumar would go on Twitter to make this contrary claim on Twitter:
“I sent the email to @svaradarajan with complete knowledge that he forwarded it to Prakash. This was not a forceful action from him, and I willingly provided it. If I was lying, I could have sent any random profile to Varadarajan and Prakash, as this was a hidden identity.”
Crazy, right? The most slippery bit of this story has been the shifting claims about The Wire’s editorial process—with various members offering varying versions of what happened and when.
In his most recent statement—an interview with the Platformer—Varadarajan revealed three key things:
One: “Devesh Kumar is the only person who met the source [who provided the Instagram report].”
Two: “Devesh was the primary technical guy.”
Three: “Devesh was the person in charge of verifying all the documents ahead of publication.”
Translation: Kumar is the reporter who gets the story. Kumar is the editor who vets the story. Kumar is the technical expert who verifies the story. And now Kumar has become the story.
“I’m not a technical guy, email headers are all gobbledygook to me,” Varadarajan told the Platformer.
Huh? What?
The bottomline: The Wire fiasco has little to do with a lack of technical expertise. This is an editorial failure where the newsroom forgot standard journalistic practices: from inadequate sourcing to lack of corroboration to careless oversight.
You didn’t need to know tech to ask the most fundamental questions to @cringearchivist. You didn’t need to know tech to check the authenticity of a document. You didn’t need to know tech to speak directly to the independent expert.
If The Wire had followed old-school rules of journalism, this story would not have been published.
Good journalism is the outcome of a good process. The Wire diluted the best practices in the name of public interest. But rather than exposing Meta, they have revealed their own institutional weaknesses—lack of basic editorial checks, problematic sourcing, and lack of expertise. And that is both the biggest irony and tragedy here.
The first great political firefight of 2025 will centre on the Muslim tradition of donating property to God.
Read MoreThe Middle East is in turmoil once again—this time due to the startling fall of Assad.
Read MoreGeorgia is in uproar with a rigged national election and a government moving away from the EU.
Read MoreWe know Delhi’s air is toxic. We even know the reasons why. But two great mysteries remain.
Read More