Overview
- MeitY issued a December 11 advisory directing VPN services, ISPs, and other intermediaries to block access to websites that publish Indians’ personal data without consent.
- The notice names ProxyEarth.org and LeakData.org, which let users query mobile numbers to retrieve names, addresses, alternate contacts, and emails aggregated from earlier breaches.
- Providers are instructed to furnish information or technical assistance to authorised agencies for investigations, identity verification, and cybersecurity within stipulated timelines.
- The ministry warns that failing due-diligence obligations can remove Section 79 safe-harbour under the IT Act, opening the door to enforcement under the IT Act and the BNS, 2023.
- Officials and experts describe a shift to rule-based accountability, with MeitY noting the data sits on sites outside India and a cybersecurity academic saying intermediaries now bear direct responsibility.