Madras High Court
Ramadasu Bandaru vs State Represented By on 1 September, 2025
Author: N. Sathish Kumar
Bench: N. Sathish Kumar
Crl.O.P.Nos.11214, 11215 & 11216 of 2023
IN THE HIGH COURT OF JUDICATURE AT MADRAS
Reserved on : 21.08.2025
Pronounced on : 01.09.2025
CORAM :
THE HONOURABLE MR. JUSTICE N. SATHISH KUMAR
Crl.O.P.Nos.11214, 11215 & 11216 of 2023
and
Crl.M.P.Nos.7061, 7062 & 7063 of 2023
Ramadasu Bandaru ... Petitioner
in Crl.O.P.No.11214 of 2023
Abhinandhan Singh ... Petitioner
in Crl.O.P.No.11215 of 2023
Sanil SurendraPai Kakode ... Petitioner
in Crl.O.P.No.11216 of 2023
Vs.
1.State represented by
The Inspector of Police,
Cyber Crime Police Station,
Chennai South, St. Thomas Mount,
Chennai – 600 016.
2.Cred Avenue Private Limited,
Represented by its Authorised Signatory,
Mohammed Irfan
12th floor, Wing, Anna Salai,
Nandanam,
Page 1 of 26
https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm )
Crl.O.P.Nos.11214, 11215 & 11216 of 2023
Chennai – 600 035. ... Respondents
Common Prayer : Criminal Original Petition filed under Section 482 of
the Code of Criminal Procedure to call for the entire records connected with
the FIR in Crime No.10 of 2023 pending investigation on the file of the 1st
respondent Police and quash the same.
For Petitioner : Mr.C.Manishankar
Senior Counsel
for Mr.Rahul Unnikrishnan
in Crl.O.P.Nos.11214 &
11215 of 2023;
for Mr.V.Adith Narayan
in Crl.O.P.No.11216 of 2023
in all petitions
For R1 : Mr.K.M.D.Muhilan,
Additional Public Prosecutor
in all petitions
For R2 : Mr.A.K.Sriram
Senior Counsel
for Mr.A.P.Balaji
in all petitions
COMMON ORDER
These Criminal Original Petitions have been filed to quash the FIR in Crime No.10 of 2023 on the file of the Cyber Crime Police Station, Chennai South, St. Thomas Mount, Chennai, registered against the Page 2 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 petitioner in these petitions who are arrayed as A1, A2 and A3, for the offences under Sections 66 and 43(j) of the Information Technology (Amendment) Act, 2008.
2.The crux of the allegations in the FIR is that the accused A1 to A3 are ex-employees of the 2nd respondent/Cred Avenue Private Limited.
According to the de facto complainant, who is the authorised signatory of the said Cred Avenue Private Limited, the accused, who are their ex-
employees, hatched a criminal conspiracy to make wrongful gain and committed theft and misappropriation of confidential and proprietary data of the complainant's Company. The complainant has a workforce of over 820 employees. The business developed by the complainant Company is unique and it holds all intellectual property and rights in the business to the exclusion of all others. A1 and A2 joined the complainant's Company in October, 2020 and A3 joined the Company in May, 2021 in the Yubi Pools Department. The Yubi Pools platform provides an opportunity to the clients of the complainant to find investment opportunities as well as to find investors for their securitisation products/transaction comprising of identified loan assets. The accused, as a part of their employment, had Page 3 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 access to the computer network and cloud storage facilities of the complainant, which contains the confidential proprietary data and trade secrets of the complainant and its customers. The accused have custody of the key responsibilities and were exclusively dealing with sensitive confidential and proprietary information and trade secrets including product details, pricing, customer information, and competitive business, important leads and co-ordinates of the customers. In September 2022, A3 resigned from the complainant's Company. Thereafter, within few days, the other accused also resigned. Thereafter, the complainant came to know that the accused were canvassing and soliciting the business of its customers and clients. Thereafter, the complainant, on quick check on the computer systems, found that the accused persons have stolen the confidential data and information from the complainant's computer network, including the complainant's Google Drive provided to them for storage purposes, and the data has been transferred to the personal computers of the accused only in order to cause wrongful loss to the complainant's Company. Hence, it is the allegation of the de facto complainant that all the accused persons have conspired together with a criminal intention to systematically damage, destroy and steal the confidential and proprietary information residing in Page 4 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 the complainant's computer resource and they have misappropriated the confidential and proprietary data of the complainant Company to build their own venture, and solicit customers and have cheated the complainant.
Therefore, the complainant lodged a compliant before the 1st respondent Police. Based on the said complaint, an FIR has been registered in Crime No.10 of 2023 for the offences under Sections 66 and 43(j) of the Information Technology (Amendment) Act, 2008. To quash the same, the present Criminal Original Petitions are filed.
3.Learned Senior Counsel appearing for the petitioners would mainly contend that the allegations made by the complainant do not make out a case against the petitioners for the alleged offences. The FIR also does not indicate the nature of the alleged theft. The allegation that the petitioners solicited the clients of the complainant, is clearly a civil dispute and the same cannot be given a criminal colour. Further, it is his contention that the arbitration proceedings have also been initiated already as against the petitioners herein and the entire dispute is only a contractual dispute. The petitioners have resigned their jobs in the complainant Company. Only in order to intimidate and harass them taking note of the confidentiality Page 5 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 contract, which prohibits non-soliciting and non-disclosure, the present FIR has been filed on the allegation that the petitioners have stolen confidential data and on the assumption that they are soliciting the clients of the complainant, without any basis. It is his further contention that the complainant themselves have already obtained an Expert opinion from M/s.Deloitte Touche Tohmatsu India LLP to find out as to whether there was any data theft. The report of the said M/s.Deloitte does not indicate any alleged theft of data. This has been clearly captured by this Court in an interim order in the arbitration proceedings already initiated. Therefore, continuing FIR by the Investigation Officer will not serve any purpose. If at all there is any breach of contract, the same will give rise to only a civil remedy, but not a criminal case. Hence, he would submit that the entire FIR is nothing but an abuse of process of law.
4.Whereas, it is the contention of the learned Additional Public Prosecutor appearing for the 1st respondent Police, that, based on the FIR, the de facto complainant's statement has already been recorded. A3 has also appeared and his mobile phone has been seized. A1 and A2 have also appeared and their statements have been recorded. Hence, he would submit Page 6 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 that the investigation may proceed further to see its logical end.
5.Learned Senior Counsel appearing for the de facto complainant would submit that the petitioners have entered into a contract not to disclose the confidential information and the contract also clearly prohibits soliciting the clients of the complainant. The confidential information stored in the computers of the complainant Company and cloud have been stolen by the petitioners by transferring the data to their personal computers. Therefore, the learned Senior Counsel would submit that the FIR, at this stage, cannot be quashed and the investigation may go on to unearth the truth.
6.Normally, this Court will not interfere with the investigation when FIR has been filed with regard to a cognizable offence, but at the same time, when the FIR is a result of some contractual dispute or is only a civil dispute and the alleged theft is not at all established, continuing the FIR and forcing the parties to undergo the ordeal of criminal investigation and trial is nothing but abuse of process of law.
Page 7 of 26https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023
7.The very specific allegation made in the FIR is to the effect that the confidential information of the de facto complainant's Company stored in their computers have been illegally stolen and transferred. If that allegation alone remains and investigation is pending with regard to that allegation, this Court would not have interfered with the FIR, since that allegation has to be probed into and facts have to be unearthed by subjecting the so-called computers and other gadgets to forensic examination. But the fact remains in this case that the complainant Company themselves have already filed an expert opinion in this regard. They have engaged one of the leading companies, namely M/s.Deloitte Touche Tohmatsu India LLP, and obtained a report as to whether there was any data theft from the computers or not.
8.It is relevant to note that arbitration proceedings have already been initiated between the de facto complainant and the petitioners, for breach of the contract. The report submitted by M/s.Deloitte has been considered by this Court while appointing an Advocate Commissioner in the arbitration proceedings in Arb.Appln.Nos.145, 151 and 154 of 2023 by order dated 20.04.2023. In the said order, this Court has captured the report of the Expert namely M/s.Deloitte, dated 09.03.2023, as follows :
Page 8 of 26https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/Exh Source ibit Firewall logs indicated 20 instances of OneDrive access between 24-Nov-2022 10:55:54 Firewall Data and 09-Dec 20221 2:14:32 from Annexure-1 logs transfer- internal dynamic source IPs to Annexure-2 messaging the external IP '13.107.42.13". Exhibit-01 applications From public domain searches, it / was gathered that the IP cloud address belongs to the Microsoft storage domain which resolves to the United States of America and nature, reported for Command and control, Phishing, and web app attacks.
Further, it was noted that the aforesaid IP address belongs to Microsoft OneDrive service, and this indicates access of OneDrive cloud storage.
The laptop internet history analysis indicated 06 instances Laptop Data of Dropbox being accessed.
transfer- However, we did not find any Annexure-3 messaging instances of potential data Exhibit-02 applications sharing through the same. / cloud Further, we cannot ascertain the storage date and time for these activities due to the unavailability of metadata information.
This indicates the instance of
Dropbox access from
Page 9 of 26
https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm )
Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/Exh Source ibit Abhinandan's official laptop. From the internet history of laptop, we noted multiple Laptop Data instances of OneDrive access transfer- between 17-Mar-2021 14:42:32 messaging and 09-Dec-2022 14:44:08 (the Exhibit-03 applications last working day of the Exhibit-12 / cloud Custodian), where the user is storage reflected as Abhinandan Singh.
This indicates the instance of OneDrive access from Abhinandan's official laptop. Further analysis indicates the OneDrive access on 10-Jan-
2023 by the user "sysadmin.VCAPLT00146". It was understood from the Client that this activity was carried out by the IT administrator of Credavenue for data backup purposes..
Laptop Data From the internet history Annexure-4 transfer- analysis, we noted 06 instances Exhibit-12 messaging of "web.whatsapp.com" access applications between 07-Dec-2022 at / cloud 19:06:00 and 14-Dec-2022 at storage 18:24:06, from the admin user profile "sysadmin.
VCAPLT00146". However, it was gathered from the Client that when the IT administrator logged in to the system for data backup purposes, the WhatsApp Web instance from the admin's system got synchronized to Abhinandan's system unintentionally.Page 10 of 26
https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/Exh Source ibit Further, the Client confirmed that WhatsApp web is not an official messaging platform used by the organization.
We noted 06 instances of emails being shared from Abhinandan's Email Data personal email ID Data sharing "[email protected]" and through official email ID Exhibit-4 emails "abhinandan.singh@credavenu e.com during the period from 15-Oct-2020 19:42:00 to 03- Aug-21 20:00. Further analysis indicates that these emails contain files pertaining to the Company as attachments, which indicates the traces of official data residing on the personal mailbox of the Custodian.
Sr. Subject Email Attachments From To
No. sent
Date
1 Photo from 15- IMG- abhi273@gma abhinandan.si
Abhinandan Oct- 20201013- il.com ngh@vivritica
2020 WA0000.JP pital.com
19:42 G
abhinandan.si
ngh@credave
nue.com
2 Document 29- Pool abhi273@gma abhinandan.si
from May- Performanc il.com ngh@credave
Abhinandan 2021 e& nue.com
18:12 Advisory on
Page 11 of 26
https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm )
Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Sr. Subject Email Attachments From To No. sent Date buyouts.pdf 3 Document 09- Indiashelter abhi273@gma abhinandan.si from Jul- _Covered il.com ngh@credave Abhinandan 2021 Bond nue.com 19:07 TS_0707202
1.docx 4 Document 09- Portfolio abhi273@gma abhinandan.si from Jul- Cuts il.com ngh@credave Abhinandan 2021 Jun'21(Sum nue.com 19:08 mary).xlsx 5 Document 03- Capital abhi273@gma abhinandan.si from Aug- Trust il.com ngh@credave Abhinandan 2021 Profile-Mar- nue.com 18:58 21.docx 6 Document 03- Subhlakshmi abhi273@gma abhinandan.si from Aug- profile-Mar- il.com ngh@credave Abhinandan 2021 21.docx nue.com 20:00 Data Category Observation Annexure/ Source Exhibit USB During our analysis, we did not Laptop detection note any external drives or USB Not Available or usage connections on Abhinandan's system.
Mass deletion of files was noted in August 2021 (11,327), Laptop Deletion of September 2022 (96,299), and Exhibit-05 Files November 2022 (3,76,806).
Further, it was noted that these contain user files also.
We observed 41 instances of file deletion from the Google Page 12 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/ Source Exhibit G-Suite Deletion of Workspace between 21-Oct- Exhibit-01 log Files 2022 22:03 and 09-Dec-2022 18:46. Further, it was noted that out of these 41 instances, 15 instances were on 09-Dec-
2022, which is the last working day of the Custodian.
5.2 Custodian 2- Bandaru Ramadasu Data Category Observations Annexure/ Source Exhibit From firewall traffic logs, we noted 11 instances of Dropbox Firewall Data access between 14-Dec-2022 traffic/Fil transfer- 13:59:59 and 14-Dec-2022 Exhibit-06 e sharing messaging 15:10:19. Further, 05 Annexure-6 log applicatio instances of Dropbox access Annexure-7 ns/ were noted on 14-Dec-2022 cloud 15:50:37 from internal static storage source IP to the external IPs "104.16.99.29" and ''162.125.68.18" (Exhibit-4).
Further, from the public domain searches, we noted that the IP address 162.125.68.18 belongs to the Dropbox data centre domain in the United States of America and has been reported once for phishing and exploited host. However, we could not verify the instances of Dropbox access on the laptop indicating potential Page 13 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observations Annexure/ Source Exhibit overwriting of system artefacts during the formatting before re-purposing the laptop.
It appears that the aforesaid IP address belongs to Dropbox service, and potentially this indicates the access of Dropbox cloud storage.
During the email analysis, we
did not note any official data
Email Data being shared from Bandaru's Exhibit-12
Data sharing official email ID to his
through personal email ID.
emails However, we noted an email
from the Custodian's official
email ID
"bandaru.Ramadasu@go-
yubi.com" to his personal
email ID
"[email protected]"
containing the URL
"Personal.zip-
https://drive.google.com/file/d/ 1nnOCI8zU8wg_FOQ_mKj8T e1bxn3BtRAH/view?usp=drive _we" on 16-Dec-2022 16:56:29. However, the content of the zip file could not be validated as the file was not present in the system. Further, it was confirmed by the Client that this zip folder contained Custodian's personal documents.
Page 14 of 26https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observations Annexure/ Source Exhibit Laptop USB We did not note any external Not Available detection drives or USB connections on or usage Bandaru's system.
Laptop Deletion Mass deletion of user files was Exhibit-07 of Files noted from Bandaru Ramdas's Exhibit-12 Windows laptop on 26-Dec-
2022 between 13:36:10 and 14:10:41.
On further analysis, it was observed that 83,585 files were deleted from the system and all these files seem to be Operating system files.
Further, it was understood from the Client that these resulted from the activity done by the IT team for formatting and re-imaging the laptop after the Custodian returned the laptop, post his last working day.
We observed 30 instances of G-Suite Deletion files deleted from Google Exhibit-06 Log of Files Workspace between 28-Oct-
2022 10:53 and 14-Dec-2022 14:36, which was incidentally a day prior to the last working day i.e., 15-Dec-2022.
Endpoint Deletion We noted 1947 instances of file protection of Files deletion from the Custodian's log google drive and laptop Exhibit-06 between 14-Dec-2022 16:24 and 16-Dec-2022 18:14. It was further observed that 1938 files were deleted on 16- Dec-2022 between 15:12:57 Page 15 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observations Annexure/ Source Exhibit and 18:14:40. 15-Dec-2022 being the last working of Bandaru with the organization, this activity stands to be critical.
5.3 Custodian 3- Rajat Nanchahal Data Category Observation Annexure/ Source Exhibit We noted 11 instances of OneDrive access on 27-Aug-
Data 2022 11:03:30. On further transfer- analysis, an instance of Laptop messaging OneDrive access was noted Annexure-8 applications from the trash items on 25- / cloud Nov-2025 15:02:27. Further storage details could not be obtained as this information was retrieved from the unallocated space of the hard drive and it appears that the hard drive is solid- State drive (SSD) in nature.This indicates access of One Drive cloud services from the official laptop.
During our analysis, we note 05 email communications from Rajat Nanchahal Official mail ID rajat.nanchahal@credavenue.
com" to his personal mail Id [email protected].
Data On Further analysis, we Exhibit-08 Page 16 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/ Source Exhibit Email sharing identified that all these email Annexure-8 Data through communications are personal emails in nature (Bank statements, Pay slips, food bills, Identity cards, Hotel accommodation bills, transportation bills, parking bills, Flight tickets, boarding passes etc.) and no official files are being shared.
Further, we noted 25 instances of emails from the email ID "[email protected]" to the official email ID "rajat.nanchahal@credavenue .com from 06-Jul-2021 13:48:01 to 03-Sep-2022 08:28:36. On further analysis we observed that these emails indicate the use of Dropbox account using the Custodian official mail ID "rajat.nanchahal@credavenue .com". Further, information could not be validated due to access limitations.
Subject Email sent From To Date We noticed a 19-Jul- Dropbox <no- rajat.nanchahal@ new sign in to 2021 [email protected]> credavenue.com your Dropbox 9:39:09 Dropbox and 19-Jul- Dropbox <no- rajat.nanchahal@ Paper, together 2021 [email protected]> credavenue.com 10:18:24 Page 17 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Subject Email sent From To Date Reset your 16-Aug- Dropbox <no- rajat.nanchahal@ Dropbox 2021 [email protected]> credavenue.com password 15:35:11 You've 16-Aug- Dropbox <no- rajat.nanchahal@ successfully 2021 [email protected]> credavenue.com reset your 15:35:33 Dropbox password We noticed a 18-Aug- Dropbox <no- rajat.nanchahal@ new sign in to 2021 [email protected]> credavenue.com your Dropbox 16:16:02 Complete your 18-Sep- Dropbox <no- rajat.nanchahal@ Dropbox setup 2021 [email protected]> credavenue.com 03:58:11 Download the 22-Sep- Dropbox <no- rajat.nanchahal@ Dropbox 2021 [email protected]> credavenue.com desktop app 08:34:51 Organize your 27-Sep- Dropbox <no- rajat.nanchahal@ files with 2021 [email protected]> credavenue.com Dropbox 07:33:41 folders Take your 12-Nov- Dropbox <no- rajat.nanchahal@ Dropbox files 2021 [email protected]> credavenue.com anywhere 21:16:20 Organize your 17-Nov- Dropbox <no- rajat.nanchahal@ important files 2021 [email protected]> credavenue.com with folders 08:14:05 Share your 22-Nov- Dropbox <no- rajat.nanchahal@ content with 2021 [email protected]> credavenue.com Dropbox 08:25:22 Updates to our 13-Dec- Dropbox <no- rajat.nanchahal@ Terms of 2021 [email protected]> credavenue.com Service and 07:39:23 Privacy Policy Page 18 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Subject Email sent From To Date Dont forget 30-Apr- Dropbox <no- rajat.nanchahal@ about your 2022 [email protected]> credavenue.com Dropbox files 09:45:12 Rajat 06-Jun- Rajat Nanchahal (via- rajat.nanchahal@ Nanchahal 2022 Dropbox) <no- credavenue.com shared 21:35:06 [email protected]> ''Statement_16 54531435981.
pdf'' with you
Keep your files 03-Sep- Dropbox <no- rajat.nanchahal@
backed up 2022 [email protected]> credavenue.com
online 08:28:36
Giggson Tan 06-Jul- Giggson Tan / <no- rajat.nanchahal@
shared ''Pahal 2021 [email protected]> credavenue.com
– WLB4 Due 13:48:01
Dilligence''
with you
Please verify 08-Jul- Dropbox <no- rajat.nanchahal@
your email 2021 [email protected]> credavenue.com
address 10:46:38
We noticed a 08-Jul- Dropbox <no- rajat.nanchahal@
new sign in to 2021 [email protected]> credavenue.com
your Dropbox 10:50:18
We noticed a 08-Jul- Dropbox <no- rajat.nanchahal@
new sign in to 2021 [email protected]> credavenue.com
your Dropbox 10:55:15
You've 08-Jul- Dropbox <no- rajat.nanchahal@
connected a 2021 [email protected]> credavenue.com
new app to 11:00:04
Dropbox
Just one more 08-Jul- Dropbox <no- rajat.nanchahal@
step to 2021 [email protected]> credavenue.com
complete your 12:57:30
Dropbox setup
Page 19 of 26
https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm )
Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Subject Email sent From To Date We noticed a 12-Jul- Dropbox <no- rajat.nanchahal@ new sign in to 2021 [email protected]> credavenue.com your Dropbox 13:08:33 Harshil made 14-Jul- Dropbox <no- rajat.nanchahal@ changes in 2021 [email protected]> credavenue.com your shared 10:24:32 folders Reset your 16-Jul- Dropbox <no- rajat.nanchahal@ Dropbox 2021 [email protected]> credavenue.com Password 15:30:17 You've 16-Jul- Dropbox <no- rajat.nanchahal@ successfully 2021 [email protected]> credavenue.com reset your 15:31:03 Dropbox Password Data Category Observation Annexure/ Source Exhibit From Raja Nanchahal's email data, we noted an Mails email communication from Email shared "[email protected]" to Data through Raiat's official email ID Annexure-9 Dropbox "rajat.nanchahal@credaven Account ue.com". It appears that the email contains details of four (04) user documents which were further shared with "Harshil" However, we could not check the other details of Harshil such as his email ID, roles etc. On further analysis, we noted 02 files with the same file name(WLB4 Borrower Page 20 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/ Source Exhibit source Document List_pahal.docx, WLB4Borrower Due Diligence Questionaire_pahal.dox) were found in the system which belongs to Rajat Nanchahal and are noted to be official in nature.
This indicates the possibility of potential data sharing through Dropbox services.
Sr.No Name of the Documents shared Documents
. through Dropbox Present in the
system
1 WLB4 Borrower source Document Yes
List_pahal.docx
2 WLB4 Borrower due Diligence Yes
Questionaire_pahal.docx
3 Pahal Snapshot Mar.2021.pptx No
4 Restructuring Policy.pdf No
5 Provisioning Policy and Writeoff No
Policy.pdf
Page 21 of 26
https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm )
Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Data Category Observation Annexure/ Source Exhibit Laptop USB We did not note any Not Available detection external drives or USB or usage connections on Rajat's system.
Laptop Deletion From the Custodian Exhibit-09 of Files Rajat Nanchahal laptop, we noted mass deletion of files noted in November 2022(5454) on the trash. Further, it was noted that these are Operating System files.
9.The above report clearly indicates that, though there was access to the information, it is recorded that they did not find any instance of potential data sharing through the same. It is also recorded to the effect that, during the analysis, they did not note any external drives or USB connection used by A1. Though mass deletion of files has been noted on the last working days of the accused, the report did not indicate that there was any instance of potential data sharing to other device. It is quite normal to have access to the data by the accused who were all admittedly engaged by the Company and who were specifically entrusted to the particular work of handling such information. Merely because the information has been accessed by the accused while they were in Page 22 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 employment, it cannot be said that there was a data theft. When the expert evidence is also available on record, which does not indicate any data theft, continuing the investigation, in the view of this Court, is nothing but clear harassment.
10.It is further to be noted that the arbitration proceedings have also been initiated. The de facto complainant has also relied upon an expert's report while seeking certain interim orders under Section 17 of the Arbitration and Conciliation Act, 1996. While rejecting the request for interim orders, in fact, the learned sole Arbitrator has recorded a finding in Para No.4.15 in order dated 30.06.2025 that there was no concrete evidence of data theft or copyright infringement or extrapolation except for the log details in the “Internal Incident Report : CD 68” which is too generic in nature. Therefore, the learned Arbitrator also found that there was no data theft or copyright infringement or extrapolation. In such view of the matter, when already civil proceedings have been initiated by way of arbitration for breach of contract, this Court is of the view that continuing FIR will not serve any purpose. The Hon'ble Supreme Court, in Paramjeet Batra v.
State of Uttarakhand reported in (2013) 11 SCC 673, has held as follows :
Page 23 of 26https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 “12. ... A complaint disclosing civil transactions may also have a criminal texture. But the High Court must see whether a dispute which is essentially of a civil nature is given a cloak of criminal offence. In such a situation, if a civil remedy is available and is, in fact, adopted as has happened in this case, the High Court should not hesitate to quash the criminal proceedings to prevent abuse of process of the court.” The said view has been followed by the Hon'ble Supreme Court in Usha Chakraborty v. State of W.B. reported in (2023) 15 SCC 135. In such view of the matter, when no criminal offence as alleged is made out as against the petitioners, it is a fit case to quash the FIR as per the dictum of the Hon'ble Supreme Court in State of Haryana and others v. Bhajan Lal and others reported in 1992 Supp (1) Supreme Court Cases 335.
11.Accordingly, these Criminal Original Petitions are allowed and the FIR in Crime No.10 of 2023 on the file of the 1st respondent Police is quashed.
12.If there is any breach of contract, the de facto complainant can very much establish their case in the pending arbitration proceedings for civil remedy.
Page 24 of 26https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 01.09.2025 mkn Internet : Yes Index : Yes / No Speaking order : Yes / No Neutral Citation : Yes / No To
1.The Inspector of Police, Cyber Crime Police Station, Chennai South, St. Thomas Mount, Chennai – 600 016.
2.The Public Prosecutor, High Court, Madras.
N. SATHISH KUMAR, J.
mkn Page 25 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm ) Crl.O.P.Nos.11214, 11215 & 11216 of 2023 Common Order in Crl.O.P.Nos.11214, 11215 & 11216 of 2023 01.09.2025 Page 26 of 26 https://www.mhc.tn.gov.in/judis ( Uploaded on: 02/09/2025 01:54:26 pm )