The Supreme Court has asked for responses from the Central government and Zoom Video Communications Inc. to assess whether the video conferencing application should be banned in India owing to privacy and data security concerns based on a public interest litigation filed with the court.
A three-judge Supreme Court panel headed by Chief Justice SA Bobde issued notices to the Central government and Zoom Video seeking their written responses today.
“Poor privacy and security of the application have enabled the hackers to get access to the meeting, classes, and conferences being conducted online through this application. Zoom is reported to have a bug that can be abused intentionally to leak information of users to third parties,” said the plea.
The petitioner, Harsh Chugh, a Delhi based tutor has argued that the app should be banned for both official and personal purposes until an appropriate law addressing data security issues is put in place.
Following the global lockdown due to the covid-19 pandemic, video conferencing platforms saw an overnight spike in demand. Unlike many other video conferencing service providers who offer other software services including security solutions, Zoom is purely a video conference platform. Zoom first ran into trouble in April when meetings were hacked into globally by malicious actors giving rise to privacy and security concerns with many organisations and companies banning its use.
On April 1, the Indian ministry of home (MHA) affairs through its cyber coordination committee had issued an advisory on the secure use of Zoom by private individuals. This advisory stated that the platform is not for use for official purposes.
Around the same time, Zoom announced robust security enhancements with the general availability of Zoom 5.0, a key milestone in the company’s 90-day plan to proactively identify, address, and enhance the security and privacy capabilities of its platform. By adding support for AES 256-bit GCM encryption, Zoom will provide increased protection for meeting data and resistance against tampering.
Earlier in May, Zoom also acquired Keybase, a secure messaging and file-sharing service to build end-to-end encryption that can reach current Zoom scalability. After a San Francisco Church filed lawsuit against Zoom for a hacking incident, Zoom spokespersons issued a statement encouraging users to report any incidents of this kind .