The Delhi police on Tuesday, 16 February, wrote to video conferencing app Zoom, seeking details of all participants who were allegedly involved with activist Disha Ravi in the ‘planning of the toolkit’ document supporting the farmers' protest.
The social media toolkit was promoted and shared by Swedish climate activist Greta Thunberg on Twitter, however, after a couple of hours, she deleted the tweet.
According to Delhi Police, Disha and 70 others including accused Shantanu Muluk and advocate Nikita Jacob were also participants of the virtual meeting, held on 11 January.
“The main aim of the toolkit was to create misinformation and disaffection against the lawfully-enacted government. The toolkit sought to artificially amplify the fake news and other falsehoods and also sought to precipitate action on 26 January,” a statement released by Delhi Police read.
The letter sent by Delhi police to US-based company Zoom seeks information about all the participants of the meeting. According to a report by India Today, Delhi Police has sent out the following questions to Zoom:
- Which mail ID was used first for uploading the toolkit? Whose ID was this?
- Which are the other IDs that used the toolkit?
- How many persons accessed this, their details?
- Who was the admin of the Zoom meeting?
- How long did the Zoom meeting last?
- What time was the Zoom meeting?
- Access to the whole video, if Zoom has a recording.
But, will Zoom be able to give answers to all these questions? Can Zoom reject the request ? And, what procedures will the government have to follow? Here is everything you need to know.
Data Sharing With Law Enforcement
According to Zoom’s Privacy Policy, the video conferencing app accepts (temporary) meeting records preservation requests from government authorities for 90 days only, that potentially constitute relevant evidence in legal proceedings. Only meeting content requested by the host is stored on the cloud and preservation requests can not lead to recovering of this data once it has been deleted from Zoom’s server.
In this case, Delhi Police has sent out the request within the given time period, therefore this criterion has been met. Other criteria that should be followed are:
- Request to seek information should only be sent via official channels – Documents seeking request should be officially signed. Incase of email, official address should be used.
- To consider India’ s request valid, the plea should be based on some legal basis and should pertain to “ the bona-fide prevention, detection, or investigation of offenses.”
- There should also be a ‘Mutual Legal Assistance Treaty’ request under the Clarifying Lawful Overseas Use of Data (CLOUD) Act. This criteria is fulfilled already with India-US signing the agreement in 2018.
- The request should only be made in English language.
Rejecting the Request of the Government
Zoom can choose to reject the request of the government if the criteria listed above are not met. Some other reasons where the request can be discarded are, “If the request involves child sexual exploitation material or an emergency involving danger of death or serious physical injury to any person.”
The web based application can also further challenge or completely reject the government’s request. “We will apply additional scrutiny to certain government requests for user information based on our principles and interest in promoting meaningful collaboration around the world,” a statement on Zoom’s Privacy guide read.
Emergency Requests
If an ‘Emergency’ request is raised by the government, Zoom takes immediate action and provides the information with respect to its privacy policies and applicable law.
However, under no circumstances Zoom commits to produce any record or give out data within a particular timeline and the video application may request “additional information to verify the nature of the request and/or the identity of the person making the request.”
Data That Zoom Can Share
Some of the data that can be shared includes duration of the call meeting, email address, name, nickname used by the participants, meeting name, join and leave time of the participants, scheduled date and time, and call data records as well.
According to Zoom Privacy Guide post , the app also collects user’s approximate location to the nearest city. However, in case of meeting chats and video calls, this can only be shared only if the user has recorded the conference and stored it on Zoom’s cloud data.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)