October 19, 2005
NEW DELHI: Cases of data loss from ITES companies may no longer be new
but the arrest of two employees, from an Indian BPO in Gurgaon has a
twist in the tale. The two arrests were made on Tuesday and Wednesday.
British national Harish Parmar and Sarita Rawat, both employees of
Cybersys Infotech Limited, were arrested by the Gurgaon police for
stealing confidential data and selling it to different competitors,
special superintendent of police Hanif Qureshi said in a press
conference in Gurgaon on Wednesday.
However, this is no ordinary case of data loss. Cybersys Infotech Ltd
had entered into an exclusive contract with the British company City
Credit Management. As a condition of this exclusive contract, Harish
Parmar was made City Credit's representative on the board of Cybersys.
As outsourced work dealt with a highly specialised area like mortgage,
Cybersys spent huge amounts developing training manuals and systems.
However, soon after, City Credit started outsourcing its call-centre
work to other Indian BPOs, in a breach of the exclusivity contract.
Not only that, to cut costs, the specially developed manuals and
systems were allegedly stolen through Parmar and Rawat and sold to
those BPOs. This saved them the investment that Cybersys has made in
developing the same, and consequently saved City Credit money as well.
Vanguard Info-Solutions Limited in Gurgaon was one of the BPOs to
which this information was sold and which was forthcoming with the
details to the police. The involvement of one other BPO is suspected,
but its name, and the extent of the loss incurred by Cybersys, is yet
to be established.
The complaint with the police was filed by Vineet Kanwar, the director
of Cybersys Infotech Limited, against employees Sarita Rawat, Harish
Parmar who is a director on the Indian company and the British, his
wife, who is also a director of the British company, and City Credit
According to Supreme Court advocate and cyber law expert Pavan Duggal,
the crime in this case is therefore "both of hacking (covered by
section 66 of the IT Act) and of breach of trust, because an exclusive
contract was broken (covered under section 72 of the IT Act and 406,
409 and 120b of the IPC)."
Indian ITES companies have recently been haunted by a spate of crimes
that have raised questions about security of client data. However,
this is perhaps the first time when the overseas client itself has
been accused of engineering the data loss.
InfoSec News v2.0 - Coming Soon!