wordpress blog stats
Connect with us

Hi, what are you looking for?

Parliamentary Committee on personal data summons iSPIRT, PayPal, Visa, Mastercard, Cyble

The Joint Parliamentary Committee (JPC) on the Personal Data Protection Bill has summoned cybersecurity firm Cyble and payments company PayPal for depositions later today. The Committee has also summoned Bangalore-based think tank iSPIRT, and card network companies Mastercard and Visa for deposition on November 20. Today, the JPC will also hear from companies that have not submitted their post-evidence replies.

This follows four meetings of a clause-by-clause analysis of the Bill that were held between November 11 and 12. These four meetings were attended by 11, 12, 15 and 16 members, respectively. The JPC, headed by Bharatiya Janata Party (BJP) Lok Sabha MP Meenakshi Lekhi, has 30 members.

iSPIRT is a Bangalore-based, private technology think-tank that “convert[s] ideas into policy proposals to take to government stakeholders”. It was established in 2013 and was initially mentored by Nandan Nilekani, non-executive chairperson of Infosys and the architect of Aadhaar. Its donors include Ajay Data (Data Infosys), Sameer Nigam (PhonePe) and Vijay Shekhar Sharma (Paytm) to name a few. Its volunteers include Lalitesh Katragadda (ex-Google), B.G. Mahesh (co-founder of Sahamati), Kunal Shah (CRED), among many others. It is the think-tank behind India Stack, Data Empowerment and Protection Architecture, National Health Stack, Open Credit Enablement Network (OCEN) and other public tech stacks in India. India Stack’s project roadmap has relied on UIDAI and NPCI deploying these projects.

Why Cyble?

Recently, The Ken reported that the Atlanta-headquartered cybersecurity firm Cyble, headed by Beenu Arora, that has flagged data breaches at BigBasket and RedDoorz, has a suspicious manner of operating. It notifies companies of data breaches and offers its own services to resolve the matter. If the victim company refuses, Cyble goes public with the information about the data breach. In case of ransomware attacks, it offers to negotiate on behalf of the company for a much higher price than the ransom itself. While BigBasket and RedDoorz refused Cyble’s services, Dunzo and JusPay took the bait. Paytm, on the other hand, sent a a cease and desist order to Cyble for alleging that its Paytm Mall had suffered a data breach.

“Multiple cybersecurity researchers in India and Southeast Asia who spoke to The Ken believe the firm [Cyble] may actually have ties with hackers themselves, though the evidence is, admittedly, circumstantial,” the Ken reported.

Advertisement. Scroll to continue reading.

Update (7:29 pm): After the story was published, Beenu Arora, the founder and CEO of Cyble, reached out to the author of this story via LinkedIn, saying, “Cyble has been invited to provide feedback on the bill because of the awareness we have built in the country – we have a formal invitation from the government much before ‘The-Ken’ things came out – which we strongly condemn.” Arora directed us to his views that he had posted in response to a LinkedIn post, where he posted:

“There is a lot of gossips and misinformation being spread, so let me clarify a few things here. Our business model is simple, we sell threat intelligence – most commoditised and abused service in the overall cybersecurity market. What we offer – we sell SaaS license. What do we specialise in? – We have a pretty good view of the activities in darkweb forums, chat conversations as well as several cybercrime forums. Let’s get to the facts here. We willingly shared the “who”, “how”, “what”, “when” attributes to RedDoorz with no obligation or material benefits whatsoever – by the way, we never made any disclosure about them – they only came after us post-BigBasket. Why? From our experience, we share a lot more information compared to others. The intent is to assist a victim in remediation – in case the victim is interested in understanding the “where” part, they can search darkweb or Internet themselves – we are sourcing information from the Internet like many security companies. RedDoorz asked help/negotiation services from Cyble, which we explained there is no guarantee it won’t appear elsewhere whatsoever.” — Beenu Arora, CEO and founder of Cyble

In another comment to the same post, he said:

“We shared the perpetrators’ details too on our blog. We are keen to disrupt these markets and working closely with the federal agencies to dismantle them. On a side note, HCKINDIA location was shared with the Indian government over 2 months ago, will be keen to see some movements there. On the facts, we didn’t disclose Dunzo breach instead they reached out to us because we know the TTPs of ShinyHunters quite well, and we shared openly how they hack into code repositories. Something you can cross-check with them as well. As I said, the media will talk about things which are juicy and full of twists.” — Beenu Arora, CEO and founder of Cyble

***Originally published on November 19, 2020 at 10:36 am.

Written By

Send me tips at aditi@medianama.com. Email for Signal/WhatsApp.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ