Video-conferencing platform Zoom has come under the scanner over its security flaws in one its major markets, India. The Supreme Court on Friday sought a response from the central government on a writ petition that has called for a ban on the popular app.
The plea was filed on Wednesday by Harsh Chugh, a tutor, who has alleged that the sudden rise in the number of users in the application due to the Covid-19 lockdown has led to security issues, with personal data of the app users being compromised.
The app, owned by San Jose California based Zoom Video Communications, offers free and paid subscription models. Its global users shot up from 10 million in December last year to more than 300 million daily participants in March.
India accounted for 18.2% of the 131 million downloads that the platform witnessed in April alone, data from mobile marketing analytics firm Sensor Tower showed. The cyber Coordination Centre (CyCord), under the ministry of home affairs, recently issued an advisory on the use of the app. Currently, Zoom is not used by government officers for official work.
The plea against Zoom alleged that “poor privacy and security of the application have enabled the hackers to get access to the meeting, classes, and conferences being conducted online through this application.” It added that the platform reportedly has a bug that can be misused by hackers to leak information of users to third parties.
The petitioner hopes that the platform is banned until appropriate legislation is formed on the usage of such applications, citing that the app breached privacy.
According to the plea, Zoom app is in violation of the Information Technology Act of 2000, and the Information Technology rules of 2009 which pertained to the procedures for the interception, monitoring and decryption of information.
Another allegation is that the application lacks total end-to-end encryption, with the petition claiming that the CEO of the company Eric S Yuan has openly accepted security flaws in the app.
The home tutor stated that since her tuition classes were taken through Zoom, she was worried about privacy and security issues and the possibilities of cyber breaches and being hacked.
"It is important to realise how Zoom consistently violates its duty to implement and maintain reasonable security practices and misleads consumers about the security benefits of the product. Zoom has targeted consumers, businesses, and schools," the plea stated.
The platform had recently undertaken a 90-day security plan to upgrade its security features, with the most significant being the Zoom 5.0 upgrade which looked to tackle Zoombomning and data encryption issues.
“We will earn our customers’ trust and deliver them happiness with our unwavering focus on providing the most secure platform,” Eric S Yuan, CEO of Zoom, said in an earlier blog post.