Amazon Web Services has been blamed by a builder in Bengaluru for a data loss of over Rs 150 crores and an FIR is reported to have been registered by CCB, Bangalore.
According to the report in Deccan Herald, Adarsh Developers were using Amazon Web Services and had migrated their data at an agreed cost of Rs 88 lakhs. Now AWS India has reportedly stated that despite their best efforts the data has been lost and they cannot retrieve and restore it.
Employees of the Redington Group and AWS have been blamed for the data loss. Whether it was sheer negligence, incompetence or a possible criminal intention is to be found out in the investigation.
This investigation would currently be under ITA 2000 and involve Unauthorized access, Failure of security , Contractual failure etc.
Even CERT In needs to be involved in the investigations along with the police.
Though DPDPA is not yet applicable, the principles of DPDPA would be part of the due diligence expectations under ITA 2000 and since personal data could also be part of this “Personal Data Breach”, we should consider this investigation and eventual disposal of this case as a case fit for “Privacy Watch”.
Let us closely follow this case since it has a huge implication on AWS as a “Joint Data Fiduciary” responsible for reasonable security practices and indemnifying the loss for individuals whose personal data is involved in the incident.
Naavi
