There is a website called PrivayBee.com registered under a PO box address in Seattle which is indulging in sending spam mails to Indian companies seeking data subject information without any verification of the data subject or establishing the genuinity of the enquiry.
The Company simply sends an e-mail quoting a client’s name and e-mail address and requests that information about the person should be provided and if available deleted.
The Company quotes several laws of the world without proper jurisdictional verification and expecting Indian companies to visit its website and probably subscribe to its services. The website does not have any grievance redressal mechanism and itself implants at least 7 cookies if you visit. The Company does not provide any corporate address or contact on its website.
This company is part of the dangerous trend of some US companies which are themselves not privacy compliant but try to use the Privacy Excuse to scare the public and market their services.
These companies are to be considered as “Criminal” entities and action should be initiated against them by appropriate regulatory agencies in USA.
Since this company is using GDPR as an excuse without declaring which supervisory authority to whose control it is subject to, the FTC in USA has to conduct an investigation on this company and expose its malicious designs. It also quotes CCPA and hence the Attorney General of California also has a jurisdiction to enquire.
In the interest of a larger number of companies both within USA and outside and more particularly in India, I urge the Indian Cert-In to write to the Attorney General of California to enquire and expose the activities of this company.
Any company in India which has received notices from this company may kindly share the information with Naavi.org and CERT-In and if possible some concerted action may be initiated to curb such malpractices.