“The intention of the insolvency and bankruptcy code is to keep companies a “going concern” and not liquidate them”.
..so said our honourable Finance Minister while getting the Bankruptcy and Insolvency Code passed through the Parliament. But contrary to what the Finance Minister said, the story of Net4India and the application of the IBC indicates that the law is used not only to liquidate the subject company but if possible push many of the 70000 domain name registrants to the brink of liquidation.
To enable the Finance Minister to appreciate how the law can be misused, and is being misapplied, I would draw her the attention to what happened in the NCLT proceedings related to Net4India.
For those who think “Data is Oil”, it is inconceivable to think how Net4India with a wealth of personal and critical corporate data, could ever be declared “insolvent”.
If we go by what happened to CIBIL, which was taken over by TransUnion and got access to sensitive personal data of millions of Indians, net4India should have been a mouth watering acquisition for any company which knows the value of “Data”.
According to rough estimates, Net4india had more than 70000 domain names as of date and might have had over 5 lakh customers at its peak operational level. Many of these domains are also hosted on the Net4India servers and contain more personal data. If a Company had hosted its email server with Net4India, the amount of data that Net4India has access is unimaginable.
In a few months from now, Personal Data Protection Act will be in place in India and make it very difficult for companies to access personal data. At this juncture, Net4India being available should have been an irresistible acquisition for any intelligent business house since the value of personal data in the hands of Net4India would perhaps appreciate after Personal Data Protection Act is passed.
It would therefore be of interest to know how much valuation was assigned to this data by NCLT before it came to the conclusion that the company was not able to repay its debts and an order is to be passed for liquidation of its assets.
In fact most of the data processing industry as well as Cyber Insurance companies are struggling to develop a model for valuing personal data. When the Non Personal Data Governance Act comes in the next couple of years, we will also be trying to value the Non Personal Data which is put through a data exchange and value unlocked.
If therefore NCLT has used some yard stick to value the data and then arrive at the inventory of assets of Net4India, it would be a precedence which would establish a model for data valuation. Was it done on the basis of replacement cost?, Was it done on the basis of sensitivity of data, was it done on the basis of any other criteria would be a great learning point for the industry.
I hope NCLT would release its valuation model for all of us to learn.
There is however one school of thought that NCLT might have assigned no value to data and gone ahead with the liquidation process.
It is here that we need to ask whether NCLT went by the “Going Concern” basis or “Gone Concern basis” to decide that Net4India should be put under the sword.
I am not sure how NCLT can be made to disclose the basis on which they ordered the sale of the assets of the company without taking precautions to unlock the value of the data.
I request some public spirited person in Delhi to raise an RTI query with the Finance Ministry and NCLT to disclose the data valuation model used in the Net4India case can be made public.
If however, it is found that in this instance,
a) NCLT valued the data at zero value under a gone concern approach,
b) decided that no notice is to be issued to the data owners,
c) decided that no consideration is to be given to the deposits made by the customers and resellers in their account,
then it is time for the IT Ministry to wake up and protect the interest of domain registrants in the country by measures such as declaring that all “Domain Name Registrars” and “ISPs” are to be considered as “Critical IT Infrastructure” and any discontinuance of the business be subjected to prior approval of the Government.
The Government may introduce a Registration system for such service providers, collect security deposit like the Statutory Liquidity Ratio of Banks and MeitY supervised winding down plan when required, so that the service providers donot vanish from the scene whenever it is convenient.
These can be brought through notifications under Section 70B and 79 of ITA 2000. If not under PDPA these organizations have to be declared as “Significant Data Fiduciaries” and subject to codes and practices to protect the interest of the data principals.
In the case of Net4India it is also necessary to re-visit the irregularities in the granting of loan to the company by SBI particularly since there is a rumour that the promoters had fled the country some time back around 2017 when the problems first surfaced.
I hope that these measures if implemented, would atleast help some learning out of this episode.