Following the Madras High Court’s order, Telegram has agreed to remove all posts that Star Health Insurance flagged for leaking its customers’ data. However, the social media platform said it will not do any patrolling. Justice K Kumaresh Babu, in an interim order, ordered Star to “send an email with the username and URL from where such bots are posted so that Telegram can block and delete them,” after as reported by the Bar and Bench.

The court was hearing a petition filed by Star Health against Telegram and five other parties. The High Court issued its directive after Telegram said it could not independently search for leaks, but was willing to remove any leaked information if the insurer provided specific details. Telegram’s legal representative explained that the platform could delete certain accounts if the company presented sufficient evidence linking these accounts to data leaks.

READ ALSO | PM Modi warns against ‘digital arrest’ in Mann Ki Baat, lists 3 ways to stay safe

The lawyer pointed out that while Telegram is capable of taking action based on credible evidence, it is not equipped to perform “policing” functions by monitoring content on its own, as reported by Reuters. Additionally, the court noted that on platforms like Telegram, users can post content using VPNs from different countries, further complicating the issue. The bank said: “Either way, the damage will be done because I can’t block unless it’s posted.”

What happened?

In September, Star Health initiated legal action against Telegram and a hacker. The lawsuit alleges that chatbots on Telegram were used to leak personal information and medical reports of about 3 million Star Health policyholders. As reported by Reuters, Star Health, which is India’s largest health insurer, received a ransom demand of $68,000 from a cyber hacker in connection with the data breach involving customer information and medical records.

Star Health said Telegram refused to provide account details or permanently ban accounts associated with the hacker, known as xenZen, “despite multiple notices issued to this effect.” The insurer indicated that it had “sought the assistance” of Indian cyber security authorities to “help us identify” the hacker. Telegram also argued that it does not have the authority under the Information Technology Act or the relevant Rules to remove all accounts posting data related to Star Health.