Naavi.org

Today I will be speaking on Youtube live on Sec 65B of Indian Evidence act.

Interested persons can watch the session at

www.youtube.com/clue4evidencefoundation

From 12pm onwards

Topic: Legalities in Admissibility of Digital Evidences

Naavi

P.S: I presume that the Youtube live did not work due to some technical problems at the organizer’s end. I am sorry that many of the readers of this column were disappointed. If I get a copy of the recording, I will post it. Otherwise, I will record another lecture and post it. If any other organization wants to have a similar talk, I will be happy to speak once again.

I m providing a link to the video of the talk. In one place there is a small disturbance of about half a minute. Please ignore. I intend to receive queries if any and host another video if required.

The Bitcoin community in India is gloating over the predicament of RBI which had to confirm in an RTI reply that “as on date, no prohibition exists on any Banks providing the Bank accounts for Crypto Exchange companies or Crypto Traders”.  The above is a reproduction of an article in bitcoin.com that reflects this victory of black money merchants over RBI.

After getting the support of the three honourable judges of the Supreme Court and with neither the RBI nor the Central Government interested in taking any action to counter the effect of the Supreme Court judgement that directly promotes Black Money, Cyber Crime, Terror Financing  and Money Laundering.

Crypto Exchanges convert INR to Bitcoin or other Crypto Currencies, convert one crypto currency to another and convert crypto currency to a foreign currency like US dollar or Japanese Yen.

Hence for all those people in the Finance Ministry, the MeitY who are remaining silent at this open promotion of Digital Black money, the honest, tax paying citizens of India are asking the question whether you would like any Indian to keep his assets in the form of Indian Rupees or want all of us to convert our rupee balances to Bitcoins and make it available for havala transactions?

It is unfortunate that even Mr Modi our beloved PM and the so called Iron man of the day Mr Amit Shah have been rendered impotent against the might of Bitcoin and Black Money. Mr Ravishankar Prasad and Mrs Nirmala Sitharaman are not interested in making any move because they are not strong enough to challenge Black Money in any form.

Otherwise with one notification under Section 1(4) of Information Technology Act, Government could have added “Crypto Currencies” as one of the categories of electronic documents that are not recognized as an electronic document and removed the legal cover for the instrument. It could have added an explanation to Section 66F that promoting Crypto Currencies as currencies convertible  from INR could have been declared as “Cyber Terrorism” since it strikes a terror in the minds of all honest tax payers that the country is being taken over by black money merchants.

The RBI could have filed a case against any body projecting the Crypto Currency as a Currency not withstanding the Supreme Court judgement because the same judgement has upheld the right of the RBI to regulate the Crypto Currency.

Mr Modi should realize that Bitcoin on the loose is a threat greater than the  COVID 19 and he is either not being advised properly or has lost interest in checking the menace of Black money in India.

Perhaps Mr Modi has lost his battle on Black Money as much as Naavi is loosing the battle against Bitcoins.

Naavi

Section 65B of Indian Evidence Act has been perhaps the most difficult techno legal concept that was introduced by ITA 2000 (Information Technology Act 2000) which even after 20 years of its existence, is yet to be uniformly understood.

The reason why it is difficult for advocates and judges to quickly grasp the intricacies of Section 65B is that they keep looking at the section with a wrong perspective of “Secondary Electronic Evidence” and compare it with the secondary documentary evidence discussed in sections immediately before and after Sections 65A and 65B.

In order to understand Section 65A and 65B, we need to close our eyes to sections  62,63,64, 65  and  66 of Indian Evidence Act. Instead we need to keep in our mind, Sections 3, 17, 22A. Additionally we need to understand the way Computers represent data and data storage which we call as “Evidence” and try to extract in a manner which human beings can understand.

These sections regarding admissibility of electronic evidence came into the statute on 17th October 2000. It was used in 2004 in the AMM Court Egmore resulting in the historic conviction of Suhas Katti, which was the first case in which conviction was obtained under ITA 2000. However in many other cases Section 65B was referred to but was never seriously taken note of either by the Court or the advocates. In the Afzal Guru case in 2005, Supreme Court ignored the need for mandatory requirement of Section 65B certificate and it became a precedence until in 2014, in the PV Anvar Vs P K Basheer, the Supreme Court (3 member bench) categorically expressed that Section 65B Certificate was mandatory for admissibility of Electronic evidence. This judgement also distinguished between “Admissibility” and “Genuinity” and stated that at the Admissibility stage, Section 65B is mandatory. However, the genuinity of an admitted evidence could be questioned subsequently during the trial.

In 2018, while deciding on an SLP the Shafhi Mohammed Vs State of Himachal Pradesh, a two member bench of the Supreme Court over ruled the earlier 3 member judgement and stated that

a) Where the device in which the original electronic document is present is in the custody of the person presenting the evidence, Section 65B certificate is required

b) Where the device in which the original electronic document is present is not in the custody of the person presenting the evidence, Section 65B certificate is not required.

Shafhi Mohammad Judgement is Totally Illogical

This decision was completely illogical since in the case where the device holding the  electronic document is present, the presenter can as well bring it directly as an “Evidence Object” and let the Court appreciate the individual evidence contained there in in any manner it deems fit with or without certificate.

On the other hand, if a person claims that the device in which the electronic evidence is present (or was present and might have been deleted now) , is not in his posession, then he need not produce any Section 65B certificate and simply present a print out (or a CD etc) and claim that it has to be admitted as evidence.

As a result accepting this argument is a direct invitation for admitting manipulated electronic evidence in the hearing.

In fact the need for Section 65B Certificate is greater when the device containing the electronic document cannot be brought directly into the Court.

Primary Vs Secondary argument

In the case of an electronic document, it is better to avoid a distinction of “Primary” and “Secondary” documents and not look for sections in the Indian Evidence Act applicable for “Primary Electronic Evidence” and “Secondary Electronic Evidence”.

If we look at Section 17 of IEA (Indian Evidence Act), it states:

An admission is a statement, ¹[oral or documentary or contained in electronic form], which suggests any inference as to any fact in issue or relevant fact, and which is made by any of the persons, and under the circumstances, hereinafter mentioned.

Note that this section refers to a statement in three forms namely Oral, Documentary and Contained in Electronic Form.

The legislative intent in this section is to consider an “Electronic Document” as neither “Oral” nor “Documentary” but as a third category of statement different from the other two.

Section 22A and Section 59 speak of “Oral Evidence as to the contents of an Electronic document”.

Section 22A states that

Oral admissions as to the contents of electronic records are not relevant, unless the genuineness of the electronic record produced is in question.]

Section 59 states that

All facts, except the ¹[contents of documents or electronic records], may be proved by oral evidence.

These two sections address the elimination of whether an electronic document can be proved by oral evidence or not and clearly states it cannot be proved by oral evidence.

Then IEA discusses under Sections 61,62,63,64 65 and thereafter in 66, different aspects of documentry evidence discussing how proof of contents of documents are to be produced.

Section 61 introduces the concept of Primary and Secondary Evidence. Section 62 refers to “Primary Documents” being presented in the Court. and Section 63 refers to what is a secondary document. Sections 64 and 65 indicate instances when Secondary evidence may be used instead of the Primary evidence.

After thus exhausting the discussion on Oral and Documentary evidence, IEA addresses Electronic Evidence which is the third category of evidence referred to in Section 22A. Section 65A states clearly that this is a “Special Provision” and goes on to state that

The contents of electronic records may be proved in accordance with the provisions of section 65B.

After thus introducing the special nature of the Section 65B, the Act goes on to explain how “Admissibility” of electronic evidence is provided.

We must note that in respect of electronic documents, what is presented when a hard disk or a CD is produced is not the “Primary Document” but a container of electronic documents of which a part is the evidence document. Also, the secondary documents indicated  in Section 63 refer to copies made by mechanical process, copies made by comparison with the original etc. These donot apply to the Electronic Documents.

Hence what is applicable to electronic documents and how it may be produced for admissibility is entirely covered only under Section 65B and nothing else.

If we look at Section 65B, it contains 5 sub clauses of which the very first sub clause “Section 65B(1) sets the stage for the other 4 sub clauses.

Section 65B(1) clearly starts with the statement “Notwithstanding anything contained in this Act” and hence once again confirms that the earlier sections 62 to 65 are not to be brought in in the interpretation of this section.

Section 65(B) also indicates that the electronic evidence can be produced for admissibility in two forms, either as a Print form or as a copy in a media.. Both these forms of presentation of information are referred to as “Computer Output” for further sub sections.

Section 65B(1) then states that such a Computer Output shall be deemed to be also a document and shall be admissible as evidence without further proof or production of the original, if conditions mentioned further are satisfied.

Section 65B(2) then continues and states that the conditions referred to in sub section (1) in respect of the computer output shall be ….

Note the use of the words “In respect of the computer output” in Section 65B(2). This confirms that the conditions discussed under subsections (a),(b),(c) and (d) of 65B(2) refer to the “Computer output” which is the print out or the soft copy of the evidence.

Some experts are unable to appreciate that these conditions of Section 65B(2) donot refer to the so called “Original” but to the Computer Output which is also a document. These sub clauses (a), (b) (c) and (d) and all these 4 conditions should be satisfied and all of them refer to the generation of the “Computer Output” and not the “original”.

Sub section (3) is to confirm that the provisions of Section 65B(2) will stand even when the production of the computer output is not done by a single computer but by a network of computers.

Sub section (4) lists the contents of the Certificate to be issued. It essentially expects that the electronic document which is the subject evidence is identified, the manner of its generation explained along with the devices used. The Certificate has to be signed by the person who produced the computer output. The word “responsible official position” is with reference to a device belonging to a company and it should be considered as refering to the sole owner of a computer if he is an individual.

Section 65B(4) states that the Certificate is adequate if it is stated as “To the best of the knowledge and belief” of the person signing. This limitation is not a dilution of the certificate but an acknowledgement that “What a person can certify as having seen” has certain uncertainties that are inherent to the technology and stating anything as “An absolute Truth” is not feasible. The inclusion of this limitation shows that the drafting has been done in a practically acceptable manner and not just for the theoretical satisfaction of  lawyers who want to attack the evidence on one ground or the other.

Subsection 65B(5) adds certain contingent events that may arise due to the technical reasons such as use of an input from a computer or other automated devices (Perhaps it would even cover input through AI algorithms), information that may incidentally become available etc.

Overall, Section 65B has been very intelligently constructed and there is a meaning to every subsection used in the Section. This has been well recognized in the P V Anvar Vs P K Basheer judgement which came to the right conclusion that the certificate is mandatory.

Why Certification has to be mandatory

There is another technical reason why a Court cannot accept any electronic document as evidence without a human being taking responsibility to confirm even if the so called original is in the hands of a judge.

Understanding this requires a journey into the technical world of how data is stored in a computing device and how it is interpreted.

We know that all computer documents are recorded and stored in the form of a sequence of Zeros and Ones.. These Zeros and Ones reside in side the media such as the hard disk or CD either in the form of “Charge” or “No Charge” or “Pits” and “Lands” (Pits and lands refer to the way data is represented in a CD) etc. If in a portion of the hard disk there is charge, we call it as a representation as “One”. If not we call it as “Zero”. A sequence of 8 such zones constitute a byte and several bytes in a sequence form a meaningful letter or number. Whether a sequence is a number or a letter has to be determined in the context.

The “Evidence” therefore in its original form is in the form of “Charge” or “No Charge” or “Pits” and “Lands”. No human being can see a hard disk or a CD and read the data by looking at the platters or the CD surface.

The “Original Evidence” is therefore always in the form of humanly unreadable data elements. It can only be made “readable” by a human when the data is read by another device such as a hard drive  or CD drive connected to a computer which picks up the data and processes it through a software application which itself rides on a hardware. Then the interpretation based on the configuration of the computer appears on the screen as readable text.

Similar processing has to be done to the sequence of binary data  to render them as a sound through the speakers or image or video.

Hence in rendering any binary sequence into a human experienceable form of text, audio or video there are many software and hardware computer elements which are used. If any of these function in an inconsistent manner the binary sequence may show up differently. So the same data seen by different persons in different computers, different operating systems, different applications may appear differently.

What Section 65B does is that it designates a person who is reliable to the Court as a witness to observe the binary in a standard device and let the Court know what he saw. In order to ensure that any different observations are reconciled, the certifier who provides the certificate will record the process and the devices used so that any other person using the same type of devices would come to a similar conclusion. If he has used some strange methods and rendered the evidence, then the Court can question him why he used a non standard method and come to a conclusion whether the method used for rendering the evidence was correct or not. For this purpose the Court may use a Section 79A accredited digital evidence examiner or let the other party to counter with another expert.

Even when the Court has on hand what people normally refer to as the “Original Evidence”, what the Judge has is the CD or the hard disk or say a pen drive. If he looks at it from outside, no evidence is visible. If the Judge wants to view the document than he has to use a computer, with the right software and hardware an view it. What he views would be conditional to what devices he uses and what configuration he uses. If he has a black and white monitor and views a colour picture, he may not see what he should see. If he views a Microsoft Word document in a PDF viewer or even a Note pad, he would not see any document. If he opens a .mp4 file in a audio software, he will not see any picture. If therefore he has used certain method to view the document, then the judge himself becomes  a self certifying Section 65B observer.

Since it is not proper for the Judge to be a witness himself, even in the case of the original electronic document container being in his hands, the Judge should rely on a trusted third party to provide the Section 65B evidence and not view and record the electronic evidence himself.

This delicate issue was recognized by the magistrate who was adjudging the Trisha Defamation case in the Chennai Egmore AMM court some time in 2004. No other court till date has recognized this aspect.

Looking at all the points made above, Section 65B has been well drafted and mandatory certification is unavoidable.

I therefore urge advocates and experts who are trying to support the faulty Shafhi Mohammad judgement to realize that they are not correct in their view point and should not mislead the bench which is hearing the reference in the case of Arjun Panditrao Khotkar V. Kailash Kushanrao Gorantyal.

I wish any of the readers of this article forward a copy of this article to the honourable bench  of the Supreme Court which is now hearing/or has heard the reference related arguments presented by otherwise eminent advocates.

Naavi

When we order an expensive device like a Mobile or laptop online and end up receiving a package containing stones as the above unfortunate gentleman is reported to have received, one wonders how to recover the loss.

The E Commerce platform may be reluctant to take the blame as this could be a fraud committed by a courier boy who may not be traceable at all. There may also be cases where because some fraudulent buyers have made false claims of such nature, the E Commerce platform or the merchant may not take the blame and accuse the customer himself that he is not telling the truth.

There are also issues of fake products being delivered or products of a different specifications and lesser value being delivered. In some of these cases the E Commerce platform may accept returns but in some cases they may not.

The Consumer in such cases need to initiate other actions to ensue that his grievance is resolved.

In Indian law, every Intermediary such as the E Commerce platform need to disclose a “Grievance Redressal Process” and the name and contact of the Grievance redressal officer for the website. Often most websites donot have such contacts disclosed on the website or the App.

Most service providers display a Terms of Contract which is accepted as a “Click Wrap Contract” which is not recognized under Information Technology Act and renders the contract as an “Implied Standard Form Contract” which can be disputed in a Court.

Further the Terms are under the custody of only one of the parties to the contract namely the platform and the Consumer does not have any control on changes that may be made to the terms. (Similar issues are also faced in respect of consents given on the basis of the version of a privacy policy as present on a website on the date of transaction”

As a result of the above, pursuing the legal case in a Court of law to claim damages for the lost money would be almost impossible even if the jurisdiction is a local Court. Amazon and Snapdeal have a Court jurisdiction in Delhi while Flipkart has a court jurisdiction in Bangalore which itself makes it expensive and impossible for buyers from any other place to take legal action.

In such cases, we need the following.

1. A Dispute resolution Mechanism which is easy to use and not very expensive.
2. Evidence about the fact that the package was not containing the product

Naavi suggests that we should make it mandatory for such intermediaries to ensure that the Courts in the place where purchase is made must have the jurisdiction to resolve the disputes. In one of the cases related to adjudication in Chennai, Punjab National Bank had argued that the customer has to file the case in Delhi instead of Chennai since the head quarters of the Bank was in Delhi. At that time a complaint had been made to RBI that Bank’s license should be cancelled outside Delhi, if they insist on this jurisdiction and then they agreed to proceed with the case.

In order to render the jurisdiction in a physical location irrelevant, the disputes should be resolved with the use of “Online Dispute Resolution”. With the increased use of Video conferencing even in Court proceedings, it should now be possible for a system like what has been recommended under www.odrglobal.in could be used for the purpose of online dispute resolution. This would sort out the problem of court jurisdiction to a large extent.

Additionally Naavi has activated a service under CEAC Drop Box (Refer www.ceac.in) and a new service called CEAC-EDB-Video Service to address the requirements of Evidence Collectio.

The CEAC-EDB service can be used to capture the Terms of Service as well as the Privacy Policy of a Website as also the product specifications offered by the seller for sale.

Where the unboxing of the expensive item purchased has to be evidenced, an advance appointment has to be fixed with CEAC and a registrar will then make a Video observation of the unboxing and record it in his computer with a CEAC certificate.

Both CEAC-EDB and CEAC-EDB-Video can be claimed with CEAC certification within 30 days of the dropping or at such extended time as agreed upon payment of the necessary fees.

Dropping of static documents will be available free but creation of CEAC-EDB Videos will be charged. Retrieving the certified copies of both would also require payment of fees.

The fees will be quoted based on the duration of the video and the size of the files.

These twin services would perhaps be able to sort out the evidentiary problems that may be faced by victims of the E Commerce delivery frauds.

Naavi

In a clear admission of their concern of losing a business opportunity, rivals of Zoom like FaceBook, Google and CISCO have made statements about their latest attempts to improve their products and make it more user friendly.

See article here

If the competition improves the products in the interest of the consumers, it is fine. But the Supreme Court should realize that the case against Zoom in India is a motivated case which does not deserve to be admitted.

In the meantime, we are waiting for any Indian solutions to come up to match the requirement. Probably some solutions have been presented to the MeitY which has announced a prize of Rs 1 crore to the best indigenous video conferencing software.

It appears that those who have entered the competition might have been prevented from releasing the beta version to the market. But consumers cannot indefinitely wait for the MeitY to declare the winner. If the products are not made available, then consumers will continue to use Zoom or other available choices that suits them and the MeitY exercise may only be of academic interest.

Naavi’s article on the subject which appeared in India Legal is also reproduced below. It is also available here;

One business that has thrived during the lockdown in various parts of the world is video-conferencing, virtual meetings and virtual collaboration solutions. Many large corporations have already installed virtual meeting infrastructure across their branch offices and were quickly able to adapt to this form of doing business by adding more individual users logging in from different locations.

A large number of SMEs and individual businesses, however, had to search for affordable and easy-to-use solutions to establish face-to-face contact with their workers scattered in different locations. Educational institutions also had a requirement to conduct classes in the virtual environment to meet their teaching deadlines. Such users found that the Zoom communications platform was convenient and affordable. As a result, its business spurted from around 10 million users to 200 million.

Companies, which had competing products and were big names in the industry, felt their egos bruised by the phenomenal success of this relatively small company. They launched a well planned attack on Zoom and the fact that it was promoted by a Chinese entrepreneur. They tried to bring down its popularity partly to get some business themselves and partly to satisfy their hurt egos.

The campaign against Zoom revolves around security issues. One issue is that uninvited persons can log into running sessions where there is no password set for the meeting or where the password is weak and predictable. As the meeting password is not considered as important as bank account passwords or similar other access environments, users tended to set weak passwords. These intrusions were highlighted as “Zoom bombings” and the possibility of corporate espionage was stressed.

Secondly, data used during corporate meetings had to move between different users and to ensure that this moved without much latency, the company maintained servers in different countries, including China. Rivals highlighted this and showed the possibility of Chinese espionage.

A third complaint raised was that Zoom claimed to have “end-to-end encryption”, whereas it was theoretically only encryption from the sender’s computer to the receiver’s. It was quite like an “https” connection and did not extend to the processes within the sender’s and receiver’s systems at the application level. This was suggested as a deliberate misrepresentation. There was also an allegation that Zoom shared some data with Facebook without the knowledge of the user and that some log-in IDs and passwords were on sale on the dark web.

As a result of these allegations, a campaign was launched to show that Zoom video-conferencing solutions were unsafe. Media, which did not understand the depth of the problem, also painted a picture of Zoom being the only software where all security flaws were found and hence its use should be discontinued. Neither the media nor others presented any better alternative. Its Chinese ownership was also a reason for some to switch to other solutions.

It was unfortunate that the home ministry became a pawn in this game of one up-manship. As usual, a section of the media claimed that the home ministry had evaluated the Zoom application and was not in favour of its use from the security point of view. While the ministry’s concern about the use of Zoom for meetings of government officials was perhaps genuine, the unusual action of it coming up with a press release, including a set of “secure configuration guidelines” was strange. Though this notification was meant only for government departments, the media implied that it was a national security advisory. Normally, any such guidance should be the responsibility of the Ministry of Electronics and Information Technology (MeitY) and there was no need for the home ministry to step into its shoes and come up with operating guidelines on a subject in which it has no direct knowledge or expertise.

By the time this notification was released, Zoom had already attended to most of the concerns. It changed the default settings of the meetings to a higher security level and left it to the choice of the user to downgrade the security features. It also provided an option to the user to avoid servers in specific countries such as China.

Zoom bombings were due to the user’s negligence. Instructions were released to set a strong password, use the waiting room facility and to lock the meeting if needed. This could avoid unauthorised entries into the meetings. Zoom also clarified that personal data sharing with Facebook occurred because its software development kit (SDK) for log-in authentication collected information beyond the permissions required and granted. It appears to be a deliberate violation of privacy by Facebook, though there could be some negligence on the part of Zoom too.

The controversy regarding end-to-end encryption was more of semantics than anything else. Security experts say that if the encryption is not done at the application level and decrypted only at the destination, it cannot be considered as “end-to-end”. It is possible that the marketing personnel at Zoom called their encryption “end-to-end encryption” without recognizing the difference.

However, most messaging services, including popular email ones, use only transport-level encryption and not the real end-to-end encryption. Even banks in India may not be using real end-to-end security. Hence, singling out Zoom for such a mistake is unfair.

Before the home ministry jumped into the fray, it should have realized that the problem with Zoom was both of technical interpretations and user awareness. It was not an issue of fraudulent intention. The ministry was not capable of understanding the nuances of technology and should have refrained from giving the impression that it was giving a technical advisory on Zoom.

Criticizing Zoom without criticizing Facebook for misusing the consent shows prejudice. Perhaps this should be investigated as the Facebook log-in SDK of the type used by Zoom may also be in wide use in India by others. In all such cases, there could be a siphoning off of personal data beyond what has been consented to by the user. The home ministry has not revealed that email providers also use only VPN security and not end-to-end security. If so, it would have placed the issues observed in Zoom usage in the right perspective.

If Zoom had installed any malware like some Chinese applications do, then the home ministry would have had a reason to issue such advisories. But it did not consider TikTok and UC Browser type applications for a ban. This could be due to their ignorance or pressure from certain business lobbies. It is also to be recognised that Zoom has been promoted by a person of Chinese origin but is not a Chinese company. It is a US company and the promoter is perhaps now a US citizen settled there.

The ministry should also have realised that Zoom as a company is not like telecom equipment suppliers like Huawei or Chinese mobile companies. Some of these companies have allegedly preinstalled malicious applications to bring users under surveillance of the Chinese government. Even point of sale systems used for card authentication at shops and biometric devices used for Aadhaar authentication are being imported from China and the ministry should worry if these have any hidden backdoors.

The ministry appears not to have heard about Deepfake and Deepnude applications which threaten society and could create huge problems. If it was watching the web world, it would have moved to block such apps along with voice-changing apps, Blue Whale or other gaming apps which require urgent attention. It has also remained silent when larger security issues arose when Bitcoin exchanges were allowed to resume their operations, unmindful of their use in possible terror funding.

By not coming out with advisories in such cases and over-reacting to the Zoom controversy, the ministry appears to have been used by industry in a commercial war between companies. In comparison, MeitY has responded positively to the incident by trying to encou­rage an indigenous replacement for the Zoom software. It has announced a prize of Rs 1 crore for this.

—The writer is a cyber law and techno-legal information security consultant based in Bengaluru

Naavi

In a Public Interest Litigation, an advocate has filed a petition in the Supreme Court seeking ban on Zoom . The petition seeks a direction that the Government has to ban the use not only for the use of the Government but also for the public.

It is unfortunate that the Supreme Court has admitted the petition and sent  notices to the Government and Zoom.

So far, whenever the Supreme Court has been notified about the adverse impact of apps like TikTok or the Anti Society systems like the Bitcoin, the Supreme Court did not consider it necessary to respond in public interest. On the other hand it gave a completely anti establishment judgement in the case of Bitcoin and the CJI did not think of reviewing the decision.

However, it has now acted with alacrity to respond to the Zoom petition as if it is a great natural emergency during Covid lock down.

I wish the Judges consult some independent technology specialists who are not in the pay rolls of companies adversely affected by the popularity of Zoom.  Otherwise the credibility of the Court is likely to be severely dented.

This petition was not worth the paper on which it was printed. It ought to have been rejected even for admission with a fine. The Court however has given undue respect to the PIL and issued notices.

At the same time, the Court has failed to issue notices to all stake holders and therefore if it proceeds with the hearing of the petition, the current users of Zoom will be adversely affected. The current users of Zoom in India are also citizens of India and have their own rights to use the software of their choice.

The Supreme Court has failed to realize that there is no compulsion for any individual to use Zoom and it is the choice of the public to use Zoom or chose any other equivalent software.

Intervention of Supreme Court is therefore only serving the business interests of the competitors of Zoom which include big names like Microsoft and CISCO. It has very little public interest objective.

It is possible that the Court might have been wrongly informed  that this is a “Chinese Software” which is spying on India and this could have influenced the decision to admit the petition. This may not be the correct view since Zoom is an US Company and there is no indication that it works under the directions of the Chinese Government, as of now.

The Court might have also been given to understand that Zoom is the only software that has the vulnerabilities  and every other video conference software of Microsoft or Adobe or CISCO are security wise impregnable. This is also not correct.

The Court needs to check with security professionals how often Microsoft or Adobe products are found to have vulnerabilities, whether CISCO has been every accused of providing a backdoor to FBI etc.

Supreme Court may not be aware that Zoom provides recording of meetings as an option either on the cloud or in local computers as do others. It is a choice of the users to store it on the cloud if they want.

I would be pleasantly surprised if the advocate Wajeeh Shafiq or Harsh Chugh or their associates Nimish Chib and Divye Chugh can explain the concept of “End to End Security” and why they think Zoom’s  transmission security is inferior to other similar systems including G mail and Facebook.

The petitioner advocates need to also ki clarify whether they are talking of “Privacy Protection” or “Information Security” and how they distinguish “Personal Data Protection” and “Corporate Information Security”. They seem to be confused.

The Supreme Court should understand that vulnerabilities are part of the software development process and the only way the consumer interest is served is to make all software developers liable for zero day vulnerabilities if any consumer suffers a loss on account of such vulnerabilities. This is feasible even under our consumer protection laws .

Zoom is an intermediary under ITA 2000 and if its platform is used for commission of any offence, it can be tried under any of the provisions of ITA 2000 including hacking, denial of access etc., and Zoom will have to prove “Due Diligence”. ITA 2000 has extra territorial jurisdiction as well as a possibility of extending the liabilities to the Zoom CEO under Section 85 of ITA 2000. Zoom CEO is in USA and the Company is a US Company and hence it should not be difficult to invoke extra territorial jurisdiction if the petitioners want.

Instead of using such provisions that are already available under the ITA 2000, the petitioners are launching a speculative attack to serve the business interests of the competitors.

The petition is therefore ill conceived and it indicates that business rivals of Zoom must have encouraged this litigation or the petitioners are doing it for publicity purpose.

Supreme Court has to show maturity and maintain distance from such business related issues.

Naavi