In spite of the rise in the number of privacy concerns around Zoom, the Indian government is still using the video conferencing app for official purposes. Amid the COVID-19 lockdown, strategically crucial Indian ministries have also used the video conferencing app.
— Rajnath Singh (@rajnathsingh) April 1, 2020
Expressing fear of China snooping on India, a cyber-security expert at Rediff.com, Venkata Satish, said: “with the concerns that the data is not encrypted, which means, as the reports said that Zoom traffic has been routed through China, and with this Chinese people could have easily looked into the data. They could have easily snooped upon what was happening”.
Chinese servers were being used to distribute encryption and decryption keys for video conferences on Zoom, Canada-based research organisation Citizen Lab revealed on Friday.
“With [the] Ministry of Home Affairs (MHA) using Zoom, it is a very big concern as the MHA already has its own video-conferencing system and still they are using Zoom which is not secure. If the government has its own private application, then they must immediately switch”.
After reports from the US and other countries where a Zoom video conference was interrupted with pornographic content, the US Federal Bureau of Investigation launched a probe. On Tuesday, Taiwan's government also imposed an outright ban on the popular video conferencing app over security concerns.
Mentioning how a teacher in India had also had a similar experience where the video chat was interrupted, Satish said: “Zoom has a feature where you can share the meeting without password. It’s just a number and if you randomly put some number, you know the series and if you change the series, then you can be [a] participant in any of the meetings without any password”.
Zoom Chief Executive Officer (CEO) Eric Yuan admitted in a blog post that "the company failed to fully implement its usual geofencing to best practices".
He said: “However, in February, Zoom rapidly added capacity to our Chinese region to handle a massive increase in demand. In our haste, we mistakenly added our two Chinese data centres to a lengthy whitelist of back-up bridges, potentially enabling non-Chinese clients to — under extremely limited circumstances — connect to them”.
He assured, on the other hand, that the government cloud, which is a separate cloud service for government customers, was secure.