April 18, 2020

Ban Zoom , Save Children


Technology can't replace Teacher, nor any digital content can match with any classroom experience. Unfortunately, these days 91% of the world’s student population* is not in the classroom due to COVID-19 and these students have only one option i.e. Technology to be in touch with their Teachers. Zoom is one of them. 

Zoom has security flaws that have prompted some leading organisations, companies like Google, government agencies, and school across the world to ban Zoom or restrict its use. Even the Indian Home Ministry is also advising Govt officials not to use it. Although a tech-savvy person can use it while following all guidelines, we can't expect the same from school going primary school kids and parents to follow all security guidelines when they have no awareness, nor they've received any institutional advisory. Govt advisory was not shared among the public, nor these advisories were widely circulated by Govt of India or any other State Govt.

To safeguard vulnerable parents and their children, I have initiated a campaign to raise the issue before the competent authority. I think, to protect our students and teachers, we need to ban zoom from being used in all schools in India.


Do read my petition to NCPCR

To,                                                                                                                      8th April 2020

The Hon’ble Chairman,
National Commission for Protection of Child Right,
New Delhi.

Re: Safeguarding Child rights from unsecured Video-Teleconferencing (VTC) platform Zoom.

Greetings!

The whole world is suffering due to Chinese Virus COVID-19, Children’s are the biggest sufferer.

I am writing this letter to bring your attention to a very important issue i.e. Use of Unsecured Video-Teleconferencing (VTC) Zoom.

1)     Zoom has skyrocketed in popularity due to much of the world including children are being under quarantine. Many Schools are using Zoom platform to interact with Children’s to share learning contents through it.

2)     As a large number of people turn to Video-Teleconferencing (VTC) platforms to stay connected in the wake of the COVID-19 crisis, reports of VTC hijacking (also called “Zoom-bombing”) are emerging worldwide. Trolls are abusing Zoom's default screen-sharing settings to take over meetings—often with racist messages or pornography—has also spiked in the world. On 30th March 2020, the top investigative agency of USA i.e. Federal Bureau of Investigation(FBI) has announced that it was investigating increased cases of video hijacking after receiving multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language.

3)     Many experts believe that Zoom meetings can be accessed by a short number-based URL, which can easily be generated and guessed by hackers, a January report from the security firm Checkpoint Found.

4)     Zoom is also falsely advertised itself as using end-to-end encryption, a system that secures communication so that it can only be read by the users involved. Zoom confirmed it in a blogpost that end-to-end encryption was not currently possible on the platform and apologized for the “confusion” it caused by “incorrectly” suggesting the opposite.

5)     Zoom's iOS app was quietly—and the company says accidentally—sending data to Facebook without notifying users, even if they had no Facebook account.


6)     Unfortunately, when many school boards in the US banning the use of Zoom for online learning, the platform moves to India and announced that Zoom will work with the Central as well as State Government and non-profit organisations in education to ensure that the maximum number of school-going children are able to access Zoom’s technologies.

7)     An April 3rd report by The Citizen Lab, a research organization at the University of Toronto, found a number of shortcomings in Zoom’s security, including some that made it particularly vulnerable to China. It found that Zoom’s encryption scheme “has significant weaknesses,” including routing some encryption keys through Chinese servers and that its ownership structure and reliance on Chinese labour could “make Zoom responsive to pressure from Chinese authorities.”

8)    Zoom CEO Eric Yuan has admitted that some Non-China users had their calls routed through China.

With above points, I think this is the serious issue and NCPCR must step in to address our genuine concern;

-      NCPCR should ensure that Privacy & cybersecurity risks shouldn’t be added to Children’s or their parent's list of worries. We should not allow this platform in India to breach Privacy or create any safety concerns.

-      Zoom must be told by Indian Govt to make things safer for regular users and explain, how it is handling this deluge of security and privacy findings in its product. NCPCR should consult with Cyber and Information Security Division of Ministry of Home Affairs so that Zoom can be adequately audited from a security point of view.

-      Zoom is also answerable to share the information- how it handles children’s private data and their video chat.

-      As many schools in India are migrating to Zoom for class and trying to engage with Children though this Video Conferencing platform, high time to issue guidelines on using Video-Teleconferencing (VTC) medium to ensure the safety of our children’s.

Requesting you to kindly register my complaint against Zoom and take this issue very seriously to protect the right of Child in this difficult time.

With Best Regards,
Abhishek Ranjan
Child Right Activist



Received NCPCR reply after 3 days i.e. 11th April 2020






Read News- NCPCR seeks CERT-In's response over complaints regarding Zoom app -https://www.aninews.in/news/national/general-news/ncpcr-seeks-cert-ins-response-over-complaints-regarding-zoom-app20200419051700/


Indian Computer Emergency Response Team (CERT-in) reply dated 13th April 2020



Meanwhile, on 16th April 2020, the Ministry of Home Affairs said that Zoom is a not a safe platform and advised that platform is not for use by Government officers/officials for official purposes.

See PIB Press Release



My reply to Sanjay Bahl on Thu, Apr 16, 5:57 PM

Dear Sanjay Ji,

Greetings!

Hope you are doing well!

Read all documents. I am really disappointed to see your reply.

When the Ministry of Home affairs is clearly saying that Zoom is not a safe platform to use, why are you still advocating to use it while following some instructions by zoom? How can we trust Zoom who falsely advertised itself as using end-to-end encryption and then apologized for the confusion it caused by incorrectly suggesting the opposite. 

I am very much concerned about how Zoom is handling children private data and their video chat. I am also worried about those kids and parents, who are not tech-savvy and not aware of these security concerns.

When we all are suffering from COVID-19 pandemic, Privacy & cybersecurity risks shouldn’t be added to Children or their parent's list of worries. We should not allow this platform in India to breach Privacy or create any safety concerns. 

As a precautionary measure, my humble request that we should suspend use of Zoom until these security issues are ironed out.

Best regard,
Abhishek Ranjan

Response from Rakesh Maheshwari, Scientist G and Group Co-ordinator Cyber Laws and e-Security, Ministry of Electronics and Information Technology (MeitY), Apr 16, 2020, 6:22 PM


When Govt is not recognising the issue, Schools in India starts banning it




Good News! 

Received an email today i.e, 18th April 2020 from NCPCR. 

National Commission for Protection of Child Right (NCPCR) has issued a letter to all State Education departments on my petition. 

NCPCR Guideline to all state education department 





*UNESCO Data

No comments:

Post a Comment