NEW DELHI: Cases of data loss from ITES companies may no longer be new but the arrest of two employees, from an Indian BPO in Gurgaon has a twist in the tale. The two arrests were made on Tuesday and Wednesday.
British national Harish Parmar and Sarita Rawat, both employees of Cybersys Infotech Limited, were arrested by the Gurgaon police for stealing confidential data and selling it to different competitors, special superintendent of police Hanif Qureshi said in a press conference in Gurgaon on Wednesday.
However, this is no ordinary case of data loss. Cybersys Infotech Ltd had entered into an exclusive contract with the British company City Credit Management. As a condition of this exclusive contract, Harish Parmar was made City Credit's representative on the board of Cybersys.
As outsourced work dealt with a highly specialised area like mortgage, Cybersys spent huge amounts developing training manuals and systems. However, soon after, City Credit started outsourcing its call-centre work to other Indian BPOs, in a breach of the exclusivity contract.
Not only that, to cut costs, the specially developed manuals and systems were allegedly stolen through Parmar and Rawat and sold to those BPOs. This saved them the investment that Cybersys has made in developing the same, and consequently saved City Credit money as well. Vanguard Info-Solutions Limited in Gurgaon was one of the BPOs to which this information was sold and which was forthcoming with the details to the police. The involvement of one other BPO is suspected, but its name, and the extent of the loss incurred by Cybersys, is yet to be established.
The complaint with the police was filed by Vineet Kanwar, the director of Cybersys Infotech Limited, against employees Sarita Rawat, Harish Parmar who is a director on the Indian company and the British, his wife, who is also a director of the British company, and City Credit Management itself.
According to Supreme Court advocate and cyber law expert Pavan Duggal, the crime in this case is therefore "both of hacking (covered by section 66 of the IT Act) and of breach of trust, because an exclusive contract was broken (covered under section 72 of the IT Act and 406, 409 and 120b of the IPC)."
Indian ITES companies have recently been haunted by a spate of crimes that have raised questions about security of client data. However, this is perhaps the first time when the overseas client itself has been accused of engineering the data loss.