The Ministry of Electronics and Information Technology (MeitY) has now warned virtual private network (VPN) providers and other intermediaries that they must prevent access to websites that unlawfully disclose Indians’ personal data.
According to the advisory issued on December 11, these sites expose sensitive personal data such as names, mobile numbers, email IDs, and addresses, thereby posing a “significant risk” to Indian users. Furthermore, MeitY cautions that such platforms may remain reachable through VPN services unless providers take active steps to block them.
In addition, the Ministry has reminded intermediaries that they face liability if they fail to observe due-diligence obligations under the Information Technology Act and the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules, 2021).
As a result, they must ensure users do not host or transmit information belonging to others without authorisation, and they must act swiftly to restrict unlawful disclosures.
Elsewhere, MeitY reiterates that intermediaries risk losing safe-harbour protections under Section 79 of the IT Act if they neglect these duties, potentially exposing them to action under the IT Act and the Bharatiya Nyaya Sanhita, 2023 (BNS).
Finally, MeitY directs VPN providers to furnish information or assistance to authorised agencies for investigation, identity verification, and cybersecurity purposes within stipulated timelines.
What are these websites?
Websites such as ProxyEarth.org and LeakData.org have become notorious for turning personal information into instantly searchable public data, raising serious privacy concerns across India. In particular, ProxyEarth.org lets anyone enter an Indian mobile number and receive detailed personal information in return, including full name, address, alternate contact numbers, and email IDs, sometimes even placing a location on a map using one’s contact number. The site aggregates data from earlier breaches and leaked databases, repackaging them into a searchable interface.
Moreover, an India Today fact-check investigation identified the creator behind ProxyEarth and confirmed that the site draws from multiple pre-existing breaches, making it possible for strangers to query personal identity information with minimal input. The creator also claimed that making replicas with domain names would not be difficult at all. Similarly, LeakData.org appears to operate on the same principle, exposing highly sensitive information linked to Indian mobile numbers without consent.
As a result, MeitY’s advisory specifically names these platforms as examples of sites that publish personal information sans consent, and urges intermediaries to block access in line with Indian law.
Why Platforms May Lose Safe Harbour
MeitY’s advisory makes clear that the real point of vulnerability for intermediaries lies in the circumstances under which they lose the legal…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
