Bulli Bai case: Are arrests enough to quell the storm?

Arrests have only been made by Mumbai Police and no other agency has made any progress in the case

Bulli Bai case

It has been five days since the horrendous act of auctioning Muslim women in India through an app called “Bulli Bai” came to light. The app was hosted on a Microsoft owned hosting site called GitHub. Several FIRs have been filed in Delhi, Mumbai and Hyderabad by the women who have been targeted on this app, seeking action against the perpetrators. These women, with immense courage, have taken a stand to fight back these malicious acts that aim to defame and harass them. While they have done their bit of standing up for their dignity, it is time for those who the law has empowered to take action, to take up the cudgels. However, have they done enough?

Considering this is the second time such an incident has taken place; the first one being in July 2021 when a similar app called “Sulli Deals” had sprung up, the action should have been swifter and from all government agencies. Looking at the updates so far in the case, the impression is that doing the ‘bare minimum’ has sufficed until now.

Law enforcement

As per latest updates, three persons have been arrested in this case so far by the Mumbai Police – Vishal Kumar aka Vishal Jha from Bengaluru, and Mayank Rawal and Shweta Singh from Uttarakhand. Vishal, a 21-year-old engineering student was detained on Monday from Bengaluru, and arrested by the Mumbai cyber police on Tuesday. Hed has been remanded in police custody till January 10. According to news reports, Vishal was running one of the Twitter handles used to upload the content from the app.

Mumbai Police arrested 18-year-old Shweta Singh, on Tuesday, reportedly as being the prime suspect. Her name was “revealed by Vishal Kumar” who said that he was in touch with the woman and claimed that she was in touch with the people who were working on the posts and activities on the Bulli Bai app. She was using a fake Twitter handle with the name JattKhalsa07.

A third arrest has been made in the case from Uttarakhand, the accused has been identified as a 21-year-old student, Mayank Rawal, and was arrested by the Mumbai cyber police from Uttarakhand. The FIR in the case was registered under sections 153A, 153 B, 295A, 354D, 509, 500 of the Indian Penal Code (IPC) along with Section 67 Information Technology Act against unknown persons on Sunday.

While all this action has been taken by the Mumbai Police, the Delhi Police seem tohave made liitle or no progress in investigations. This failure of Delhi Police was also reflected in the July 2021 “Sulli Deals” case where one of the complainants stated that she was not even given a copy of the FIR. Delhi Police has said that it has contacted the hosting platform and are awaiting their reply.



The legal redressal process has been set in motion in the true sense by Mumbai Police, whereas Delhi police has done the bare minimum by registering an FIR. There is hope that there will be a breakthrough in the case that will help in finding out how and why this app came into existence and at whose behest.


In order to play up or rather give importance to an issue, it is pertinent that national level and mainstream media that has the privilege of broadcasting news to people’s homes for 24 hours a day, covers these issues. However, in many instances, the media has failed to do so.

Instead, some major media houses have resorted to attempts at “shielding” or downplaying the role of the accused in the case. India Today came out with a “sympathy” report for the accused Shweta Singh with a news article titled Lost father to Covid, mother to cancer: All about Bulli Bai mastermind Shweta Singh. The article begins with giving her family background, “She lost her father to Covid-19 last year and lost her mother to cancer before this. She has an elder sister who is a commerce graduate, while her younger sister and brother are school students. She was preparing for engineering entrance examinations.”

Of course, the story and India Today’ News Director Rahul Kanwal’s tweet in that regard drew considerable flak on social media and it irked people that the age of the accused and her family background was being played at to draw sympathy or some kind of justification for her alleged deplorable actions.



Legal action

While the Mumbai Police have made arrests in the case, it is also important that as the case progresses relevant sections of the penal code and other Acts are invoked. Thus far, Mumbai Police has invoked the following sections 153A (Promoting enmity between different groups on grounds of religion etc), 153 B (Imputation, assertions prejudicial to national-integration), 295A (Deliberate and malicious acts, intended to outrage religious feelings of any class by insulting its religion or religious beliefs), 354D (Stalking), 509 (Word, gesture or act intended to insult the modesty of a woman), 500 (defamation) of the Indian Penal Code (IPC) along with Section 67 Information Technology Act. Apart from these, section 298 (Uttering words, etc., with deliberate intent to wound the religious feelings) of IPC and section 66E (Punishment for violation of privacy) of the IT Act may also be invoked.

What can the government do?

The government, under the Information Technology Act, 2000 has some powers to call upon information from intermediaries that host such malicious content. Under section 69 of the Act, the government has the Power to issue directions for interception or monitoring or decryption of any information. Under this section, the intermediary is bound to:

(a) provide access to or secure access to the computer resource generating, transmitting, receiving or storing such information; or

(b) intercept, monitor, or decrypt the information, as the case may be; or

(c) provide information stored in computer resource

Failure to do so can invite imprisonment of up to 7 years and fine.

Under section 69B the government also has the power to monitor and collect traffic data or information through any computer resource. The intermediary is bound to provide technical assistance and extend all facilities to such agency to enable online access or to secure and provide online access to the computer resource generating, transmitting, receiving, or storing such traffic data or information.

Furthermore the Act also establishes Indian Computer Emergency Response Team (CERT-IN) as a national agency for incident response. So far this agency is said to be monitoring the case through the Delhi and Mumbai police. Under section 70B of the Act, the agency is entrusted with the following functions:

(a) collection, analysis and dissemination of information on cyber incidents;

(b) forecast and alerts of cyber security incidents;

(c) emergency measures for handling cyber security incidents;

(d) coordination of cyber incidents response activities;

(e) issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, preventation, response and reporting of cyber incidents;


However, until now, no formal statement has been released by CERT-IN on this issue, apart from it being in touch with Git-Hub and Twitter. CERT-IN is also empowered to call for information and give direction to the service providers, intermediaries, data centres, body corporate and any other person in furtherance to carrying outs functions. A CERT-IN officer can also make a complaint to a court to any matter that arises int his regard including failure of any service providers, intermediaries, data centres, body corporate to provide the information called for or comply with the directions of CERT-IN. Despite having such wide powers, there has been no news of action taken by CERT-IN or any direction issued by it to the hosting website or even to Twitter.

Clearly, this Bulli Bai app came to light after someone discovered it (it is unclear who did), hence, the failure on the part of Twitter to pick out such content and of Git-Hub to block such content is evident and needs to be probed. However, this point is yet to be raised by any government agency.

India Today reported that officials in the ministry privy with the case said that it is also looking into if GitHub’s local coordinators or officials can be summoned to expedite the coordination between GitHub and the agencies. There has however no such update of any summons issued.

Demand for real action

The women who have been targeted on the app have demanded real action from authorities instead of merely taking “cognisance” and filing of FIRs. Former journalist Hiba Beg wrote on Twitter, “We don’t want an FIR, we want arrests. Enough of bread-crumbing – show us actual action. We cannot let this happen a third time!”



Another twitter user, Sidrah, who is a complainant, was dismayed with the “cognisance taken” action of the National Commission for Women (NCW). “Do you do anything other than taking cognisance after outrage?” she tweeted.


Why this case warrants stricter action

Important persons of the political class including the Union Cabinet Minister for Women & Child Development, the Prime Minister and the Home Minister have chosen to stay mum and not voice their dismay over the incident. This silence is deafening as the realisation has not dawned that it is such acts of cyber crime that  have awide scale impact and women and should not be treated as any less serious than acts of sexual violence.

Cecilia Mwende Maundu, a broadcast journalist based in Kenya and a specialist in gender digital safety told UN Women, “Online gender-based violence exists within a context similar to what happens in real life. It is just as destructive as offline violence. We now live in a virtual society and offline violence has extended to online, which makes it easier for people to commit violence without consequences. Women are the main targets of online violence, especially women with voices, like female journalists and politicians.”

World Wide Foundation conducted a survey in 2019 in which they found that 52% of young women and girls they surveyed said they’d experienced online abuse, including threatening messages, sexual harassment and the sharing of private images without consent. 87% said they think the problem is getting worse. Considerably, it noted that there has been a surge in non-consensual sharing of images designed to threaten, shame and control women. They found, “This abuse has devastating consequences for the mental wellbeing of victims as they are often left alone with their experience, an experience that is normalized and invisibilised on social media and in society in general, driving victims to silence and shame, exposing them to their perpetrators, and sometimes leading them to self-harm, depression and suicide.”

Liability of corporates

Marianna Spring, a disinformation reporter with BBC News, wrote about her personal experience of online abuse in which she stated how despite reporting comments of threats of violent sexual acts on Facebook, no action was taken and the offender’s account remained active. Reseacrh conducted by Centre for Countering Digital Hate, shows how 97% of 330 accounts sending misogynistic abuse on Twitter and Instagram remained on the site after being reported.

Spring conducted an experiment where she created a fake online persona called Barry on social media platforms and through that account followed a small amount of anti-women content and also posted some abuse on his profile – so that the algorithms could detect from the start he had an account that used abusive language about women. “After just a week, the top recommended pages to follow on both Facebook and Instagram were almost all misogynistic. By the end of the experiment, Barry was pushed more and more anti-women content by these sites – a dramatic increase from when the account had been created. Some of this content involved sexual violence, sharing disturbing memes about sex acts, and content condoning rape, harassment and gendered violence,” she said while narrating her experience. “Far from stopping Barry engaging with anti-women content, Facebook and Instagram appear to have promoted it to him. By contrast, there was no anti-women content on TikTok and very little on Twitter. YouTube suggested some videos hostile to women,” she added.

In the case of “Bulli bai”, reportedly the app remained on the site for about 24 hours or more until it was taken down after being reported. The algorithms of these websites need to be brought into question and there needs to be adequate accountability to be imposed by the government to the extent that such acts of online abuse, hatred based on religion, race, sex, caste etc are acted upon immediately. The unwillingness of these companies to develop better algorithms is indicative of their readiness to become platforms becoming means of propagating hate and violence against the vulnerable sections of society.


Three arrested in Bulli Bai case

Has inaction prompted another Muslim women’s auction on the internet?

Being a Muslim woman in India: A story

I’m a vocal Indian Muslim woman, not an object to be auctioned



Related Articles