Rs 3000+ Crores lost to "Digital Arrest" Scams and the Numbers are still Rising

CA Amrita Chattopadhyay , Last updated: 14 March 2026  
  Share

THE REAL QUESTION IS: ARE WE UNKNOWINGLY HELPING FRAUDSTERS BY SHARING OUR PERSONAL DATA TOO EASILY?

Rs 3000 Crores lost to "Digital Arrest" scams

That was the alarming observation made by the Supreme Court in November 2025. Most of the victims were elderly citizens, but the reality is far more concerning - the younger generation is increasingly becoming a target as well.

Rs 3000 Crores lost to Digital Arrest Scams and the Numbers are still Rising

Cyber fraud today is no longer limited to sophisticated hacking. In many cases, it thrives on confusion, fear and lack of awareness.

Fraudsters often rely on something surprisingly simple: our personal data.

Every day, we share personal information with multiple service providers - banks, telecom companies, e-commerce platforms, hospitals, educational institutions, and digital apps. While sharing data has become routine in the digital economy, very few individuals pause to ask a fundamental question:

Why is my data being collected, and how is it being used?

Understanding this is crucial.

Personal data in the wrong hands can become a powerful tool for cyber criminals. It enables them to impersonate authorities, manipulate victims psychologically, and execute scams such as the infamous "digital arrest" frauds.

This is precisely why the Digital Personal Data Protection (DPDP) Act, 2023 places responsibility not only on organizations but also empowers individuals.

Protection of personal data is not solely the prerogative of companies. It is equally important for the individual who shares the data - referred to as the "Data Principal" under the Act.

Before sharing personal information, individuals should ask:

  • What is the purpose of collecting this data?
  • How will the organization store and protect it?
  • Who else will have access to this data?
 

To ensure transparency and accountability, the DPDP Act clearly defines the rights of the Data Principal under Sections 11-14.

These rights empower individuals to:

  • Access their personal data held by an organization
  • Know the identity of all data processors or service providers with whom the data has been shared
  • Withdraw consent at any time
  • Raise grievances or complaints regarding misuse of their personal data
 

In a rapidly digitizing economy, awareness is our strongest defence.

Organizations must strengthen their data protection frameworks. But equally important is citizen awareness about their rights and responsibilities.

Because in the digital age,  protecting personal data is not just about compliance - it is about safeguarding trust, security and financial well-being.

Summarize this with AI
ChatGPT Perplexity Claude Google AI Grok

CCI Pro

Published by

CA Amrita Chattopadhyay
(Audit & Assurance)
Category Corporate Law   Report

Other Articles  
Comment   Share
  17 Views
Comments

Related Articles


Loading


Popular Articles




Trending Online Classes

view all classess

CCI Pro
Meet our CAclubindia PRO Members
Subscribe Now

Follow us
add to google news

CCI Articles

You can also submit your article by sending to article@caclubindia.com

submit article

Browse by Category