Telegram Agrees To Take Down Posts & User Accounts Flagged By Star Health For Customers' Data Leak, Refuses Patrolling

Following the Madras High Court's order, Telegram has agreed to take down all the posts that Star Health Insurance flagged for leaking its customer data. The social media platform, however, has said that it won't be doing any patrolling. Justice K Kumaresh Babu, in an interim order, directed Star to “send an email with the username and the URL from which such bots are posted so Telegram can block and delete them,” as reported by Bar and Bench. 

The court was reviewing a petition brought by Star Health against Telegram and five other parties. The High Court issued its directive after Telegram stated that it could not independently search for leaks but was willing to remove any leaked information if the insurer provided specific details. Telegram’s legal representative explained that the platform could delete particular accounts if the company presented sufficient evidence linking those accounts to data leaks.

ALSO READ | PM Modi Cautions Against 'Digital Arrest' In Mann Ki Baat, Lists 3 Ways On How To Be Safe

The lawyer emphasized that while Telegram is able to take action based on credible proof, it is not equipped to perform "policing" functions by monitoring content on its own, as reported by Reuters. Additionally, the court noted that on platforms like Telegram, users can post content using VPNs from various countries, complicating the issue further. The Bench said, “Anyway, the damage will be done because they can't block unless it is posted.” 

What Went Down

In September, Star Health initiated legal action against Telegram and a hacker. The lawsuit alleges that chatbots on Telegram were being utilised to leak personal information and medical reports of approximately 3 crore Star Health policyholders. As reported by Reuters, Star Health, which is India's largest health insurer, received a ransom request of $68,000 from a cyber hacker in connection with the data breach involving customer information and medical records.

Star Health stated that Telegram has refused to provide account details or permanently ban accounts associated with the hacker, known as xenZen, “despite multiple notices issued in this regard.” The insurer indicated that it has “sought the assistance” of Indian cyber security authorities to “help us identify” the hacker. Telegram has also claimed that it lacks the authority under the Information Technology Act or the relevant Rules to remove all accounts posting data related to Star Health.