Indian YouTuber Jyoti Malhotra has been arrested for alleged espionage, accused of sharing sensitive information with Pakistani intelligence. Investigators claim that she stored the phone numbers of ISI operatives under fake identities and used encrypted platforms such as WhatsApp, Telegram, and Snapchat to communicate and evade detection. A probe into the 34-year-old’s phone revealed that she had made four visits to Pakistan and even holidayed in Bali with an operative she was reportedly involved with.

In this context, News18 takes a closer look at what encrypted contacts are and how Jyoti Malhotra is believed to have used them effectively.

How Does Encrypted Communication Work?

Encrypted communication refers to the practice of encoding conversations so that only the sender and recipient can understand them. This method protects data from third-party access—including by law enforcement and government agencies. Apps like WhatsApp, Signal, and Telegram offer end-to-end encryption, ensuring messages cannot be read in transit.

Jyoti Malhotra allegedly used such platforms to transmit sensitive information, including details of Indian military bases, to ISI operatives. She is said to have used encrypted chats and concealed contacts to avoid detection.

End-to-end encryption works by encrypting a message on the sender’s device and only decrypting it on the recipient’s device. Jyoti and the ISI agents are believed to have employed this method along with VPNs and access to the dark web to mask their identities and locations.

Encrypted communication can include not just text but also photos, videos, and other data. Fake email accounts, phone numbers, and social media profiles are often used to make tracking more difficult.

How Difficult Is It to Break End-to-End Encryption?

End-to-end encryption is extremely secure and cannot be easily broken without the correct decryption key. This makes it challenging for intelligence agencies to intercept or decode messages. Jyoti reportedly relied on commonly used apps like WhatsApp and Telegram, which made her activities harder to detect due to the platforms’ popularity.

Reports suggest she and the ISI operatives used fake names, numbers, and devices to obscure their true identities.

How Was Jyoti Malhotra Caught?

Despite the use of encrypted communication, individuals can still be tracked through patterns in their behaviour. Intelligence agencies often monitor communication metadata—such as call times, locations, and contacts—and analyse travel records and associations to detect suspicious activity.

Jyoti’s frequent international travel, especially her 2023 trip to Pakistan, and her interactions with individuals linked to the ISI raised red flags. These clues led to increased surveillance and eventually her arrest.

Her social media presence is substantial: her YouTube channel, Travel with JO, has 3.77 lakh subscribers, and her Instagram account has 1.33 lakh followers. Authorities have confirmed that she had connections with a Pakistani staffer at the Pakistan High Commission in Delhi. On May 13, India expelled this official in connection with the alleged espionage.

Meanwhile, the Odisha Police have launched a separate investigation into her possible links with a YouTuber based in Puri. According to Puri SP Vinit Agrawal, Jyoti visited the town in September 2024 and met a local content creator during her trip.