Employees at some of India's top audit and consulting companies were this week surprised to see they were denied access to the websites of the ‘Cockroach Janta Party’, or CJP, a mock political party, through their office intranet.
Multiple mid- and senior-level executives at the India offices of PwC, KPMG, and Deloitte told Mint that they were unable to access via company servers two websites associated with the CJP. They spoke on the condition of anonymity.
Mint has reviewed screenshots of the blocked websites. Websites of other mainstream parties were accessible on the firms' networks, according to executives Mint interviewed.
What was meant to be a satire on the remarks of the Chief Justice of India Surya Kant earlier this month has snowballed into a popular online movement, attracting millions of young followers. The government quickly moved to block access to the X, formerly Twitter, handle of CJP.
A senior executive at one of the three firms said that when he tried to see what the brouhaha was, the CJP website would not load on the office network. The site was blocked due to an ‘information security risk assessment done’, per a message on his laptop screen.
“I can access [the] Cockroach Janta Party [website] from my mobile, so [I believe] it is not blocked by an internet service provider,” the executive said. When he tried other websites with similar URLs that had the word ‘cockroach’ in it, he found them blocked as well.
Strict security protocols
Another mid-level executive at a second firm said two CJP websites—cockroachjantaparty.org and https://cjpparty.com/—were blocked on his company’s intranet.
“All the top audit firms are incredibly strict about what websites are accessible on the company intranet,” said this executive. “All major audit and consulting firms are. It’s not far-fetched to assume these companies work on a whitelist rather than a blacklist. Many of these companies block YouTube as well!”
In software security, a whitelist, also known as an “allow list” refers to pre-approved websites that users are allowed to access on a network.
It is unclear if both URLs do indeed belong to the Cockroach Janta Party and its founder Abhijeet Dipke. Boston-based Dipke, PwC, and Deloitte did not respond to emails, calls, and messages from Mint until press time. A spokesperson of KPMG declined to comment.
“A large number of the younger workforce in office are talking about this movement. Firms do not want any social media posts etc. from an employee on political issues that may draw backlash,” said a senior partner at one of the three firms.
Employees of other large private sector companies in e-commerce and manufacturing sectors that Mint spoke with said they were able to access CJP's websites on office networks.
Legal loopholes
Emails from Mint sent to the ministry of electronics and information technology and the home affairs ministry remained unanswered. On Friday, the CJP websites could be accessed via mobile phone networks suggesting they have not been blocked.
On May 15, during a Supreme Court hearing, Chief Justice Surya Kant remarked that some youngsters were like “cockroaches”. He later clarified that he was referring only to those holding “fake law degrees”. The comment became viral at a time students were venting anger online about the cancellation of the NEET medical entrance examination over a question paper leak and discrepancies in board exam results.
One cyber law expert said it for a company and its IT administrators to decide what parts of the internet their employees can access on company time and resources.
“Invariably, companies would resort to ‘security’ as a reason for such action and in this instance, the fake sites mimicking the original may even sustain a company’s concern of security breaches,” said N. S. Nappinai, senior advocate at the Supreme Court and founder of research platform Cyber Saathi.
A second cyber law expert held a different view. Dr Pavan Duggal, a senior advocate at the Supreme Court and chairman of the International Commission on Cyber Law, said companies often misuse grey areas in India’s IT Act and its amendments to clamp down on websites that their employees can access.
Blocking a site can be only done by the government under Section 69A of the IT Act, 2000, he said. “If any private entity is blocking access to a URL, the same can be challenged on the grounds that it is a violation of the employees’ fundamental right to life, access to the internet, and freedom of expression.”
The Delhi High Court on Friday, meanwhile, refused to lift the ban on CJP's account on X, formerly Twitter. The account was blocked on orders of the central government over national security concerns. The court adjourned the case until July.
