Zoom’s privacy glitches
Banning the platform is not the right solution
Zoom, the video-conferencing platform and app, is at the centre of a privacy and security debate, which could set legal precedents. The Supreme Court last week admitted a petition pleading that the app be banned in India for official and personal use. The Centre has been asked to respond within four weeks. Despite genuine concerns about bugs and security leaks in Zoom, a ban would set a bad precedent. It will create a disincentive for start-ups. Any new software program or app — for example, the Aarogya Setu — may have bugs and security loopholes. Such issues surface only upon practical usage, and the program or app in question should be given time to patch its code. Market forces and competition provide strong incentives for corrective action.
Zoom is not mandatory. There are multiple alternative video-conferencing platforms available. There have also been many public advisories about the problems Zoom has experienced. Zoom has been one of the major beneficiaries of the new paradigms of work from home and study at home. The user-base has zoomed from 10 million to 200 million in the last three months. In response, Google’s conferencing tool, Meet, is also offering more features, and Facebook has launched its Messenger Rooms. Even at government level, alternatives are being developed. The Centre for Development of Telematics (C-DOT) is developing a video-conferencing platform for government officials, the judiciary, and the public. The Ministry of Electronics and Information Technology has also invited as many as 10 local start-ups to develop video-conferencing solutions, which would add to the plethora of choices. Zoom had multiple bugs, as well as lax security practices. A controversy arose when it was learnt that user-data had leaked to Facebook via an insecure software development kit. Then, there was an outright scandal when Zoom databases were sold on the Dark Web. There have been countless incidents of “zoom-bombing” and pranking when students and intruders have entered online classes, and introduced extraneous material.
There are indeed serious security and privacy issues involved. There are concerns that Zoom should not be used in schools, where the sensitive personal data of minors may be exposed. Singapore and New York State have issued advisories against Zoom being used for online classes, and India’s Ministry of Home Affairs has issued warnings and asked government departments not to use it. The US Senate has also issued advisories against Zoom and so has the German government.
To be fair, many of these problems have also been addressed by Zoom. The company announced a 90-day plan to beef up security and it has plugged some of the obvious holes. The leak of data to Facebook has stopped. Zoom-bombing is now much more difficult. Admins can manually vet and clear participants to prevent intrusions into sessions. It may be noted that Zoom is also extensively used by companies, including financial sector players, who have done their due diligence about the improved security. A software program should not be banned simply because it has flaws. Rather than banning the app by legal diktat and setting a bad precedent, the court would do well to allow market forces to play their role. Given ample competition, users can choose between incurring the known risks of using Zoom, in preference to the many alternatives.