Do you know who is seeing your personal data?

I have had a surreal day.

Early in the morning, I received a telephone call from an Indian woman, who claimed she was from CBI, the criminal investigation agency in India, and said she was investigating a chap, let’s call him ‘P’. She asked me if I knew this chap, which I do not. I then asked her if she could have dialled a wrong number. She read out my new landline number – which even my father does not yet have, as I have just moved – and my mobile number. She then proceeded to ask me about a member of my family – let’s call this person ‘R’ – with details of the person’s address etc. At this point, I said I should first like to know who you are and what your contact number is. She readily gave me a name (‘E’) and a number and then hung up. When I dialled the number, surprise, surprise it did not work.

It so happens that CBI is indeed investigating a person named P, but it is highly unlikely that this is the same person as R’s neighbour of the same name.

Wait, it gets worse.

Since this telephone call was made across national jurisdictions, I telephoned Interpol in Delhi. I informed them that I was a British national, entitled to some prior notice if this sort of enquiries were to be made. I was then advised that nobody by the name E is working on the enquiry into the matters concerning P, which by now was not a surprise.

Further the CBI Control Room informed me that a CBI operative, if involved in an international telephone call, will be very senior and will either not identify himself or identify himself at the start of the call, so you can refuse to have the conversation if you prefer. They also encouraged me to make a formal written complaint to Interpol and to the police in the UK.

Once I could see this was a fraudulent call, I started exploring possible pranksters. One possibility was a nephew, who had recently been a victim of a practical joke played by me. I emailed him. He said it was not him at all and that he would never play such an elaborate prank on me.

That possibility discarded, I asked R about possible theories and here is part of the reply that I received:

“This is definitely a fraudulent problem by some miscreant in my mobile telephony provider’s call centre or my fixed line telephony provider’s call centre, who may be a relative of my neighbour P.

P and his wife fight often and she often takes her kid to her parents’ place, while P works nights in some software company.

It is not a stretch to think he is suspected of having extra marital affairs. The caller is probably checking on him.

Don’t worry about me! This is typical Delhi behaviour. Delhites think extra marital affairs, boozing, spouses going separate ways are the in-thing.”

If only I could muster the sanity and calmness that R is showing!

But if this is closest to the real explanation, then let’s leave aside the effect of the 24X7 economy on the fabric of the Indian society for a moment.

Even knowing that this is still a postulate and that one swallow does not a summer make, I can see why we all have good reasons to be worried about how and where our personal information, banking and telephony details and other critical data are held. Since R does not get paper bills, the only way to access R’s phone records is at the service provider’s end. That is probably where my landline and mobile numbers were obtained by the caller.

While malafide intent is not the monopoly of offshore locations, what do we understand about the escalation mechanisms and the punitive measures in place in another country? More importantly, when such critical information is accessible to many individuals, what other misuses are possible?

12 thoughts on “Do you know who is seeing your personal data?

  1. well I am capable of elaborate pranks, but of a different kind. he he. And well, it is sort of disturbing to learn the various dirt tracks, a prankster can run when he has these details at his easy disposal.

    Like

  2. well I am capable of elaborate pranks, but of a different kind. he he. And well, it is sort of disturbing to learn the various dirt tracks, a prankster can run when he has these details at his easy disposal.

    Like

  3. well I am capable of elaborate pranks, but of a different kind. he he. And well, it is sort of disturbing to learn the various dirt tracks, a prankster can run when he has these details at his easy disposal.

    Like

  4. Kirit: Thanks for stopping by. Yes it is scary. After sharing this incident with some friends, I learnt that this is common in India – and fraud, crank calls, international crank calls and elaborate time-wasting hoaxes are the various forms this abuse/ misuse takes.

    Is anybody listening? I do not know. Does anybody care? I sure hope so.

    Thanks again.

    Like

  5. Kirit: Thanks for stopping by. Yes it is scary. After sharing this incident with some friends, I learnt that this is common in India – and fraud, crank calls, international crank calls and elaborate time-wasting hoaxes are the various forms this abuse/ misuse takes.

    Is anybody listening? I do not know. Does anybody care? I sure hope so.

    Thanks again.

    Like

  6. Kirit: Thanks for stopping by. Yes it is scary. After sharing this incident with some friends, I learnt that this is common in India – and fraud, crank calls, international crank calls and elaborate time-wasting hoaxes are the various forms this abuse/ misuse takes.

    Is anybody listening? I do not know. Does anybody care? I sure hope so.

    Thanks again.

    Like

  7. I got directed to your blog from The Indian Economy blog,and the idea behind this blog,to post on the day to day life is really one of it’s kind and great!
    Thanks to the technological progress,one really can’t hide oneself even after trying.
    Our personal data is always available with many banks,credit card companies,websites,telephone operators and ISPs and the employees working therein are suspected to give out the numbers to many telemarketing companies.They can misuse it themselves too.Also,in India,the BSNL websites of individual cities have uploaded the telephone directory on their websites.So,it’s just a matter of few clicks and keyboard button-press to get the contact details such as address,telephone numbers of any person desired!
    Even Googling out for a particular person can give out a lot many details about him.
    The worst vulnerability of leaked personal data,is someone can get a phone connection on your name,use the phone to whatever extent the person wishes,and the bills will be mailed at your address.Sure,this will work only for 2 months,and tracking them hasn’t been a reality in India.
    Anyone can claim calling from a bank and get many of your personal details by asking few simple questions.Interestingly,my father received a call from a lady claiming she’s an officer from a bank and asked for the credit card no.Moreover the way of her talking clearly revealed she hadn’t been through any training of the etiquettes to be followed on such calls.Of course,it’s a thing of common sense that the credit card nos are with the banks itself.
    Many possible and innovative misuses are yet to be seen with the advent of Internet hacking.
    Neways,your write-up had been excellent throughout and easily graspable.

    Like

  8. I got directed to your blog from The Indian Economy blog,and the idea behind this blog,to post on the day to day life is really one of it’s kind and great!
    Thanks to the technological progress,one really can’t hide oneself even after trying.
    Our personal data is always available with many banks,credit card companies,websites,telephone operators and ISPs and the employees working therein are suspected to give out the numbers to many telemarketing companies.They can misuse it themselves too.Also,in India,the BSNL websites of individual cities have uploaded the telephone directory on their websites.So,it’s just a matter of few clicks and keyboard button-press to get the contact details such as address,telephone numbers of any person desired!
    Even Googling out for a particular person can give out a lot many details about him.
    The worst vulnerability of leaked personal data,is someone can get a phone connection on your name,use the phone to whatever extent the person wishes,and the bills will be mailed at your address.Sure,this will work only for 2 months,and tracking them hasn’t been a reality in India.
    Anyone can claim calling from a bank and get many of your personal details by asking few simple questions.Interestingly,my father received a call from a lady claiming she’s an officer from a bank and asked for the credit card no.Moreover the way of her talking clearly revealed she hadn’t been through any training of the etiquettes to be followed on such calls.Of course,it’s a thing of common sense that the credit card nos are with the banks itself.
    Many possible and innovative misuses are yet to be seen with the advent of Internet hacking.
    Neways,your write-up had been excellent throughout and easily graspable.

    Like

  9. I got directed to your blog from The Indian Economy blog,and the idea behind this blog,to post on the day to day life is really one of it’s kind and great!
    Thanks to the technological progress,one really can’t hide oneself even after trying.
    Our personal data is always available with many banks,credit card companies,websites,telephone operators and ISPs and the employees working therein are suspected to give out the numbers to many telemarketing companies.They can misuse it themselves too.Also,in India,the BSNL websites of individual cities have uploaded the telephone directory on their websites.So,it’s just a matter of few clicks and keyboard button-press to get the contact details such as address,telephone numbers of any person desired!
    Even Googling out for a particular person can give out a lot many details about him.
    The worst vulnerability of leaked personal data,is someone can get a phone connection on your name,use the phone to whatever extent the person wishes,and the bills will be mailed at your address.Sure,this will work only for 2 months,and tracking them hasn’t been a reality in India.
    Anyone can claim calling from a bank and get many of your personal details by asking few simple questions.Interestingly,my father received a call from a lady claiming she’s an officer from a bank and asked for the credit card no.Moreover the way of her talking clearly revealed she hadn’t been through any training of the etiquettes to be followed on such calls.Of course,it’s a thing of common sense that the credit card nos are with the banks itself.
    Many possible and innovative misuses are yet to be seen with the advent of Internet hacking.
    Neways,your write-up had been excellent throughout and easily graspable.

    Like

  10. Ameya: Thanks for stopping by. You are right that identity theft with all its incipient damage – financial, psychological – is probably worse than the minor incident I write about. Even when we actively engage in best practice about not giving any data out on an inbound call, sometimes the most cautious of us can be thrown when the caller has access to information that not many have. e.g. In this case, the caller rattled my new home landline number which, in India, only my sibling mentioned above has and has used on several occasions.

    If India wishes to continue to be seen as a trustworthy place to do business, esp with personal and confidential data, this impunity can not be the way to that status. It gives an impression that law and order are just playthings, and not tools of a civilised society.

    I am pleased you liked the write-up. Thanks again.

    Like

  11. Ameya: Thanks for stopping by. You are right that identity theft with all its incipient damage – financial, psychological – is probably worse than the minor incident I write about. Even when we actively engage in best practice about not giving any data out on an inbound call, sometimes the most cautious of us can be thrown when the caller has access to information that not many have. e.g. In this case, the caller rattled my new home landline number which, in India, only my sibling mentioned above has and has used on several occasions.

    If India wishes to continue to be seen as a trustworthy place to do business, esp with personal and confidential data, this impunity can not be the way to that status. It gives an impression that law and order are just playthings, and not tools of a civilised society.

    I am pleased you liked the write-up. Thanks again.

    Like

  12. Ameya: Thanks for stopping by. You are right that identity theft with all its incipient damage – financial, psychological – is probably worse than the minor incident I write about. Even when we actively engage in best practice about not giving any data out on an inbound call, sometimes the most cautious of us can be thrown when the caller has access to information that not many have. e.g. In this case, the caller rattled my new home landline number which, in India, only my sibling mentioned above has and has used on several occasions.

    If India wishes to continue to be seen as a trustworthy place to do business, esp with personal and confidential data, this impunity can not be the way to that status. It gives an impression that law and order are just playthings, and not tools of a civilised society.

    I am pleased you liked the write-up. Thanks again.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s