Advisory for APS School Students

Introduction

Digital Public Infrastructure (DPI) serves as the backbone of e-governance, enabling governments to deliver services more efficiently, transparently, and inclusively. By leveraging information and communication technology (ICT), digital governance systems reconfigure traditional administrative processes, making them more accessible and citizen-centric. However, the successful implementation of such systems hinges on overcoming several challenges, from ensuring data security to fostering digital literacy and addressing infrastructural gaps.

This article delves into the key enablers that drive effective DPI and outlines the measures already undertaken by the government to enhance its functionality. Furthermore, it outlines strategies for their enhancement, emphasizing the need for a collaborative, secure, and adaptive approach to building robust e-governance systems.

Key Enablers of DPI

Digital Public Infrastructure (DPI), the foundation for e-governance,  relies on common design, robust governance, and private sector participation for efficiency and inclusivity. This requires common principles, frameworks for collaboration, capacity building, and the development of common standards. Some of the key measures undertaken by the government in this regard include: 

1. Data Protection Framework: The Digital Personal Data Protection (DPDP) Act of 2023 establishes a framework to ensure consent-based data sharing and regulate the processing of digital personal data. It delineates the responsibilities of data fiduciaries in safeguarding users' digital personal data.
2. Increasing Public-Private Partnerships: Refining collaboration between the government and the private sector has accelerated the development, maintenance, expansion, and trust of the infrastructure of DPIs, such as the AADHAR, UPI, and  Data Empowerment and Protection Architecture (DEPA). For example, the Asian Development Bank attributes the success of UPI to its “consortium ownership structure”, which enables the wide participation of major financial stakeholders in the country.
3. Coordinated Planning: The PM-Gati Shakti establishes a clear coordination framework involving various inter-governmental stakeholders at the state and union levels. This aims to significantly reduce project duplications, delays, and cost escalations by streamlining communication, harmonizing project appraisal and approval processes, and providing a comprehensive database of major infrastructure projects in the country. This database called the National Master Plan, is jointly accessible by various government stakeholders through APIs.
4. Capacity Building for Government Employees:  The National e-Governance Division of the Ministry of Electronics and Information Technology routinely rolls out multiple training programs to build the technological and managerial skills required by government employees to manage Digital Public Goods (DPGs). For instance, it recently held a program on “Managing Large Digital Transformative Projects”. Additionally, the Ministry of Personnel, Public Grievances, and Pensions has launched the Integrated Government Online Training platform  (iGOT) Karmayogi for the continuous learning of civil servants across various domains. 

Digital Governance; Way Forward

E-governance utilizes information and communication technology (ICT) such as Wide Area Networks, the Internet, and mobile computing to implement existing government activities, reconfiguring the structures and processes of governance systems. This warrants addressing certain inter-related challenges such as : 

1. Data Security: The dynamic and ever-changing landscape of cyber threats necessitates regular advancements in data and information security technologies, policy frameworks, and legal provisions. Consequently, the digital public ecosystem must incorporate robust data cybersecurity measures, advanced encryption technologies, and stringent privacy compliance standards to safeguard against data breaches.
2. Creating Feedback Loops: Regular feedback surveys will help government agencies improve the quality, efficiency, and accessibility of digital governance services by tailoring them to be more user-friendly and enhancing administrative design. This is necessary to build trust in government services and improve their uptake among beneficiaries. Conducting the decennial census is essential to gather updated data that can serve as a foundation for more informed and effective decision-making.
3. Capacity Building for End-Users: The beneficiaries of key e-governance projects like Aadhar and UPI may have inadequate technological skills, especially in regions with weak internet network infrastructure like hilly or rural areas. This can present challenges in the access to and usage of technological solutions.  Robust capacity-building campaigns for beneficiaries can provide an impetus to the digital inclusion efforts of the government.
4. Increasing the Availability of Real-Time Data: By prioritizing the availability of up-to-date information, governments and third-party enterprises can enable quick and informed decision-making.  They can effectively track service usage, assess quality, and monitor key metrics by leveraging real-time data. This approach is essential for enhancing operational efficiency and delivering improved user experience.
5. Resistance to Change: Any resistance among beneficiaries or government employees to adopt digital governance goods may stem from a limited understanding of digital processes and a lack of experience with transitioning from legacy systems.  Hand-holding employees during the transitionary phase can help create more trust in the process and strengthen the new systems. 

Conclusion

Digital governance is crucial to transforming public services, ensuring transparency, and fostering inclusivity in a rapidly digitizing world. The successful implementation of such projects requires addressing challenges like data security, skill gaps, infrastructural limitations, feedback mechanisms, and resistance to change. Addressing these challenges with a strategic, multi-stakeholder approach can ensure the successful execution and long-term impact of large digital governance projects. By adopting robust cybersecurity frameworks, fostering public-private partnerships, and emphasizing capacity building, governments can create efficient and resilient systems that are user-centric, secure, and accessible to all. 

References

• https://www.adb.org/sites/default/files/publication/865106/adbi-wp1363.pdf 
• https://www.jotform.com/blog/government-digital-transformation-challenges/ 
• https://aapti.in/wp-content/uploads/2024/06/AaptixONI-DPIGovernancePlaybook_compressed.pdf 
• https://community.nasscom.in/sites/default/files/publicreport/Digital%20Public%20Infrastructure%2022-2-2024_compressed.pdf 
• https://proteantech.in/articles/Decoding-Digital-Public-Infrastructure-in-India/ 

‍

‍

Introduction

In the labyrinthine expanse of the digital age, where the ethereal threads of our connections weave a tapestry of virtual existence, there lies a sinister phenomenon that preys upon the vulnerabilities of human emotion and trust. This phenomenon, known as cyber kidnapping, recently ensnared a 17-year-old Chinese exchange student, Kai Zhuang, in its deceptive grip, leading to an $80,000 extortion from his distraught parents. The chilling narrative of Zhuang found cold and scared in a tent in the Utah wilderness, serves as a stark reminder of the pernicious reach of cybercrime.

The Cyber Kidnapping 

The term 'cyber kidnapping' typically denotes a form of cybercrime where malefactors gain unauthorised access to computer systems or data, holding it hostage for ransom. Yet, in the context of Zhuang's ordeal, it took on a more harrowing dimension—a psychological manipulation through online communication that convinced his family of his peril, despite his physical safety before the scam.

The Incident 

The incident unfolded like a modern-day thriller, with Zhuang's parents in China alerting officials at his host high school in Riverdale, Utah, of his disappearance on 28 December 2023. A meticulous investigation ensued, tracing bank records, purchases, and phone data, leading authorities to Zhuang's isolated encampment, 25 miles north of Brigham City. In the frigid embrace of Utah's winter, Zhuang awaited rescue, armed only with a heat blanket, a sleeping bag, limited provisions, and the very phones used to orchestrate his cyber kidnapping.

Upon his rescue, Zhuang's first requests were poignantly human—a warm cheeseburger and a conversation with his family, who had been manipulated into paying the hefty ransom during the cyber-kidnapping scam. This incident not only highlights the emotional toll of such crimes but also the urgent need for awareness and preventative measures.

The Aftermath

To navigate the treacherous waters of cyber threats, one must adopt the scepticism of a seasoned detective when confronted with unsolicited messages that reek of urgency or threat. The verification of identities becomes a crucial shield, a bulwark against deception. Sharing sensitive information online is akin to casting pearls before swine, where once relinquished, control is lost forever. Privacy settings on social media are the ramparts that must be fortified, and the education of family and friends becomes a communal armour against the onslaught of cyber threats.

The Chinese embassy in Washington has sounded the alarm, warning its citizens in the U.S. about the risks of 'virtual kidnapping' and other online frauds. This scam fragments a larger criminal mosaic that threatens to ensnare parents worldwide.

Kai Zhuang's story, while unique in its details, is not an isolated event. Experts warn that technological advancements have made it easier for criminals to pursue cyber kidnapping schemes. The impersonation of loved ones' voices using artificial intelligence, the mining of social media for personal data, and the spoofing of phone numbers are all tools in the cyber kidnapper's arsenal.

The Way Forward

The crimes have evolved, targeting not just the vulnerable but also those who might seem beyond reach, demanding larger ransoms and leaving a trail of psychological devastation in their wake. Cybercrime, as one expert chillingly notes, may well be the most lucrative of crimes, transcending borders, languages, and identities.

In the face of such threats, awareness is the first line of defense. Reporting suspicious activity to the FBI's Internet Crime Complaint Center, verifying the whereabouts of loved ones, and establishing emergency protocols are all steps that can fortify one's digital fortress. Telecommunications companies and law enforcement agencies also have a role to play in authenticating and tracing the source of calls, adding another layer of protection.

Conclusion

The surreal experience of reading about cyber kidnapping belies the very real danger it poses. It is a crime that thrives in the shadows of our interconnected world, a reminder that our digital lives are as vulnerable as our physical ones. As we navigate this complex web, let us arm ourselves with knowledge, vigilance, and the resolve to protect not just our data, but the very essence of our human connections.

References 

• https://www.bbc.com/news/world-us-canada-67869517
• https://www.ndtv.com/feature/what-is-cyber-kidnapping-and-how-it-can-be-avoided-4792135

Introduction

A Reuters investigation has uncovered an elephant in the room regarding Meta Platforms' internal measures to address online fraud and illicit advertising. The confidential documents that Reuters reviewed disclosed that Meta was planning to generate approximately 10% of its 2024 revenue, i.e., USD 16 billion, from ads related to scams and prohibited goods. The findings point out a disturbing paradox: on the one hand, Meta is a vocal advocate for digital safety and platform integrity, while on the other hand, the internal logs of the company indicate the existence of a very large area allowing the shunning of fraudulent advertisement activities that exploit users throughout the world. 

‍

The Scale of the Problem

Internal Meta projections show that its platforms, Facebook, Instagram, and WhatsApp, are displaying a staggering 15 billion scam ads per day combined. The advertisements include deceitful e-commerce promotions, fake investment schemes, counterfeit medical products, and unlicensed gambling platforms.

Meta has developed sophisticated detection tools, but even then, the system does not catch the advertisers until they are 95% certain to be fraudsters. By having at least that threshold for removing an ad, the company is unlikely to lose much money. As a result, instead of turning the fraud adjacent advertisers down, it charges them higher ad rates, which is the strategy they call “penalty bids” internally. 

‍

Internal Acknowledgements & Business Dependence

Internal documents that date between 2021 and 2025 reveal that the financial, safety, and lobbying divisions of Meta were cognizant of the enormity of revenues generated from scams. One of the 2025 strategic papers even describes this revenue source as "violating revenue," which implies that it includes ads that are against Meta's policies regarding scams, gambling, sexual services, and misleading healthcare products.

‍

The company's top executives consider the cost-benefit scenario of stricter enforcement. According to a 2024 internal projection, Meta's half-yearly earnings from high-risk scam ads were estimated at USD 3.5 billion, whereas regulatory fines for such violations would not exceed USD 1 billion, thus making it a tolerable trade-off from a commercial viewpoint. At the same time, the company intends to scale down scam ad revenue gradually, thus from 10.1% in 2024 to 7.3% by 2025, and 6% by 2026; however, the documents also reveal a planned slowdown in enforcement to avoid "abrupt reductions" that could affect business forecasts.

‍

Algorithmic Amplification of Scams

One of the most alarming situations is the fact that Meta's own advertising algorithms amplify scam content. It has been reported that users who click on fraudulent ads are more likely to see other similar ads, as the platform's personalisation engine assumes user "interest."

This scenario creates a self-reinforcing feedback loop where the user engagement with scam content dictates the amount of such content being displayed. Thus, a digital environment is created which encourages deceptive engagement and consequently, user trust is eroded and systemic risk is amplified.

An internal presentation in May 2025 was said to put a number on how deeply the platform's ad ecosystem was intertwined with the global fraud economy, estimating that one-third of the scams that succeeded in the U.S. were due to advertising on Meta's platforms.

‍

Regulatory & Legal Implications

The disclosures arrived at the same time as the US and UK governments started to closely check the company's activities more than ever before.

• The U.S. Securities and Exchange Commission (SEC) is said to be looking into whether Meta has had any part in the promotion of fraudulent financial ads.
• The UK’s Financial Conduct Authority (FCA) found that Meta’s platforms were the main sources of scams related to online payments and claimed that the amount of money lost was more than all the other social platforms combined in 2023.

Meta’s spokesperson, Andy Stone, at first denied the accusations, stating that the figures mentioned in the leak were “rough and overly-inclusive”; nevertheless, he conceded that the company’s consistent efforts toward enforcement had negatively impacted revenue and would continue to do so.

‍

Operational Challenges & Policy Gaps

The internal documents also reveal the weaknesses in Meta's day-to-day operations when it comes to the implementation of its own policies.

• Because of the large number of employees laid off in 2023, the whole department that dealt with advertiser-brand impersonation was said to have been dissolved.
• Scam ads were categorised as a "low severity" issue, which was more of a "bad user experience" than a critical security risk.
• At the end of 2023, users were submitting around 100,000 legitimate scam reports per week, of which Meta dismissed or rejected 96%.

‍

Human Impact: When Fraud Becomes Personal

The financial and ethical issues have tangible human consequences. The Reuters investigation documented multiple cases of individuals defrauded through hijacked Meta accounts.

One striking example involves a Canadian Air Force recruiter, whose hacked Facebook account was used to promote fake cryptocurrency schemes. Despite over a hundred user reports, Meta failed to act for weeks, during which several victims, including military colleagues, lost tens of thousands of dollars.

The case underscores not just platform negligence, but also the difficulty of law enforcement collaboration. Canadian authorities confirmed that funds traced to Nigerian accounts could not be recovered due to jurisdictional barriers, a recurring issue in transnational cyber fraud.

‍

Ethical and Cybersecurity Implications

The research has questioned extremely important things at least from the perspective of cyber policy:

1. Platform Accountability: Meta, by its practice, is giving more importance to the monetary aspect rather than the truth, and in this way, it is going against the principles of responsible digital governance.
2. Transparency in Ad Ecosystems: The lack of transparency in digital advertising systems makes it very easy for dishonest actors to use automated processes with very little supervision.
3. Algorithmic Responsibility: The use of algorithms that impact the visibility of misleading content and targeting can be considered the direct involvement of the algorithms in the fraud.
4. Regulatory Harmonisation: The presence of different and disconnected enforcement frameworks across jurisdictions is a drawback to the efforts in dealing with cross-border cybercrime.
5. Public Trust: Users’ trust in the digital world is mainly dependent on the safety level they see and the accountability of the companies.

‍

Conclusion

Meta’s records show a very unpleasant mix of profit, laxity, and failure in the policy area concerning scam-related ads. The platform’s readiness to accept and even profit from fraudulent players, though admitting the damage they cause, calls for an immediate global rethinking of advertising ethics, regulatory enforcement, and algorithmic transparency.

With the expansion of its AI-driven operations and advertising networks, protecting the users of Meta must evolve from being just a public relations goal to being a core business necessity, thus requiring verifiable accountability measures, independent audits, and regulatory oversight. It is an undeniable fact that there are billions of users who count on Meta’s platforms for their right to digital safety, which is why this right must be respected and enforced rather than becoming optional.

‍

References

• https://www.reuters.com/investigations/meta-is-earning-fortune-deluge-fraudulent-ads-documents-show-2025-11-06/?utm_source=chatgpt.com
• https://www.indiatoday.in/technology/news/story/leaked-docs-claim-meta-made-16-billion-from-scam-ads-even-after-deleting-134-million-of-them-2815183-2025-11-07

‍