After the
initial condemnation of Indian BPOs on the one hand and the accused Karan
Bahree on the other hand, the media has now started recognizing the need to be
balanced in their views. It is good to see that today's news reports contain
many opinions trying to put the fraud in the right perspective. This is a good
development for the Indian BPO industry.
It has also
started dawning on the observers that there are some loopholes in the initial
argument that Bahree was a criminal who was out to sell UK lives for a song.
Now doubts have been expressed on the veracity of the story. One more
intermediary Mr Fayaz Rizvi who worked along with Mr Samir Aseem as a go
between the SUN Reporter Mr Oliver and Bahree has now surfaced.
In order to
explore the veracity of the story it is therefore necessary to make a thorough
probe of all the persons involved including Mr Oliver.
Who is the
Accused ? and the Co Accused?
It is to be
noted that whatever the name given to the activities of Mr Oliver, his action
in itself amounted to "Data Theft" and according to Criminal Investigation
norms, he should be the prime accused in the case while others including
Bahree will be "Accomplices".
This is because
the incident is not one of straight forward "Sting Journalism" where the
journalist reports an event that is happening but is an incident where the
Journalist pays money for inducing the commission of crime. It is like asking some
body to commit a murder for money, filming it and calling it "Sting
Journalism".
In fact it
would be correct to say that having come to know of the incident and having a
prima facie admission from the reporter and his management that money was paid
by the reporter to get the information which would constitute an
offence, Indian Police have no option but to recognize an offence under Indian
law against SUN.
In case Police
pursue the case only against Mr Bahree and let others go un-charged, then it
would be a discriminatory investigation with a pre determined bias and
conclusion that it is Bahree alone who has contemplated and executed the
crime. Such an investigation cannot be sustained in a Court of law.
It is therefore
absolutely imperative that the Chargesheet has to be filed against Mr Oliver/
SUN Management with Bahree, Samir, Rizvi, Infinity e-search and IBM Daksh as
co accused.
The reason why
action may be required on IBM Daksh is that Infinity e-Search has
stated that they were not having any data of the type reported to have been
involved in the incident. If this is true, the information could logically
come only from IBM Daksh in which Bahree was employed until a few months ago.
In case one
goes by the action of Infinity e-Search in sacking the employee, then it is
possible for us to say that they have admitted to the commssion of offence
by one of their current employees. Enquiry about the involvement of Infinity
e-Search is therefore in order since apart from web designing activity,
they are also engaged in "Web Marketing Consultancy" and the kind of data
discussed is relevant in such business.
As has already
been pointed out since the end effect of the crime is discrediting of the BPO
industry, the possibilities of anti national forces conspiring to cook up an
incident of such nature cannot be ruled out. The Cyber terrorism angle is also
a relevant angle to pursue.
The case is
therefore complicated besides having international ramifications. It
would be interesting therefore if Haryana Police would be able to handle the
case or there is a need to transfer it to CBI.
Abuse of Law
Possible?
Amidst the
global concerns about data protection and BPO industry interests, it is also
necessary for us to recognize that if this turns out to be a hoax case
motivated by extraneous considerations, the damage done to the employee is
some thing which will not be corrected.
While many are
calling for stringent laws such as 10 years imprisonment, 50 crore civil
liability etc for such offences, I would like to warn public and the
experts that going overboard and enacting very strict laws will be amenable to
abuse of the laws.
As a relevant
example we can draw the attention of the public to the many cases of misuse of
the dowry act where innocent husband and in-laws have been blackmailed by
crooked daughter in laws. However the Government has now been pressurized into
enacting a new more stringent Bill on domestic violence amenable for even greater abuse.
Similarly, I
must state that there are many cases of employers (particularly in small IT
firms) misusing the stringent laws to harass the workers.
For example, in
a recent observation, an employer and his senior employee developed some
differences of opinion. The employee was critical to the business without whom
the division would collapse. Unresolved dispute resulted in the employee
resigning along with all his subordinates. This revolt prompted the employer
to file a complaint that the employee had stolen some data of the company. The
employee was found to possess a lap top at his house where some e-mail
correspondence of the company was available and also a CD in which some back
up files of e-mails received by him were also found. This "Data Belonging to
the Company found in the House of the employee" was found sufficient to pursue
the case and cause arrest of the person.
Such instances
of abuse of well intentioned legal provisions need to be anticipated when we
fight for very stringent laws. The industry which said that ITA-2000 was
draconian because of Section 79, will start complaining that it has become
even more draconian if all the suggestions emerging now in the wake of the Gurgaon fraud for more stringent "Data Protection Laws" are accepted.
Similarly the
increase of civil liabilities from the present RS 1 crore to RS 50 crore will
only mean that the "Adjudicator" sitting in judgment of the compensation
will be having that much more power which can be used judiciously or
otherwise.
Let us
therefore not lose our balance in managing the fall outs of the Gurgaon case
which could be a landmark incident in the Cyber Crime legislation in India.
Naavi
June 27, 2005
(Comments
welcome)
Related
Articles:
BPO
scandal is a freak case..IE
Risks, frauds not location-specific..FE
Indian Security Breaches Relatively Small – Forrester
Need for more stringent laws on data protection..FE
Security systems should be in place to prevent breaches..FE
'Bahree
was promised job, $5000' ...ET
Media
Disinformation on Data Protection Laws in India.. Naavi.org
