Foreign foxes raid Indian chicks.

Investigators foxed by lack of evidence in BPO case
SUDIPTO DEY

TIMES NEWS NETWORK[ WEDNESDAY, JUNE 29, 2005 01:18:58 AM]

NEW DELHI: Investigating agencies are in a quandary over the probe in the alleged leakage of confidential data by an Indian BPO worker, in the absence of hard evidence. Awaiting a formal nod from Interpol, senior police officers point out that it has to be first established whether there was a theft of data.

“The British financial institutions, who are supposed to have suffered the loss of confidential data, have to establish that the body of data resides with an ITeS company in India,” said a senior official from the Delhi Police crime branch.

“They will either have to hand over the entire body of evidence for us to corroborate, if there has been any theft of data, or give us specific instructions about the help they need on the case,” an official added.

As per procedure, the Interpol generally alerts the CBI, who then takes a call on whether to probe the matter itself or pass it on to some other agency.

In this case, as the Gurgaon police has already begun preliminary investigations into the issue based on media reports, the likelihood of the same agency being asked to undertake the probe is high.

In some cases, Interpol gets in touch with state police directly. Till date, neither Haryana or Delhi police, nor the CBI has received any intimation from Interpol to probe the issue. A spokesperson of the London police told ET that the agency has already forwarded a request for probe to Interpol.

The claims and counter-claims by parties involved have further confounded the agencies. Oliver Harvey, the undercover Sun reporter, continues to stand by his story, and refutes claims by accused Karan Bahree that he was a mere conduit in the whole incident.

“I have evidence in the form of video, and e-mail, in which Bahree is clearly seen peddling confidential data,” Harvey told ET from London. Bahree, in a statement issued through his former employer, Gurgaon-based Infinity eServices, has pleaded ignorance about the contents of the CD, while conceding that he did meet the undercover reporter and gave him a CD for $5,000 and promise of a job.

In a queer twist, some of the banks who are supposed to have suffered loss of confidential data are maintaining a stony silence. Some of them have even said that there they do no outsource their processes to any Indian agency.

What makes matters more difficult for Indian agencies is that under the IT Act, 2000, theft of data is not treated as a punishable offence with no clear-cut guidelines as to what constitutes data theft. Legal experts claim that the incident will be treated as a case of “hacking” and is punishable with a three-year jail term and a fine of up to Rs 2 lakh. Moreover, each of the affected parties can also claim statutory damage to the tune of up to Rs 1 crore, under Indian laws.

The Indian IT industry is already treating this scam as a “one-off” incident. “We will nevertheless push for more stringent laws for data theft by amending the IT Act,” Nasscom president Kiran Karnik said.

A industry-government committee set up by the IT ministry is already looking at updating the IT Act. Whatever the outcome of the scam, it may well expedite the move to revamp the Act and give it more teeth to deal with such issues, feel most industry players.