Following the Madras High Court’s order, Telegram has agreed to remove all posts flagged by Star Health Insurance for leaking its customers’ data. The social media platform, however, said it would not carry out any patrols. Justice K Kumaresh Babu, in an interim order, directed Star to “send an email with the username and URL from which these bots are posted so that Telegram can block and remove them” , as Bar and Bench reports.

The court was considering a motion filed by Star Health against Telegram and five other parties. The High Court issued its directive after Telegram said it could not independently research leaks but was prepared to remove any leaked information if the insurer provided specific details. Telegram’s legal representative explained that the platform could remove particular accounts if the company presents sufficient evidence linking these accounts to data leaks.

ALSO READ | PM Modi warns against ‘digital arrest’ in Mann Ki Baat, lists 3 ways to be safe

The lawyer stressed that while Telegram is capable of acting on credible evidence, it is not equipped to perform “police” functions by monitoring content alone, as Reuters reports. Furthermore, the court noted that on platforms like Telegram, users can post content using VPNs from different countries, further complicating the issue. The bench said: “Either way, the damage will be done because they can’t block unless it’s published.”

What happened

In September, Star Health filed a lawsuit against Telegram and a hacker. The lawsuit alleges that chatbots on Telegram were used to leak personal information and medical reports of approximately 3 million Star Health policyholders. As reported by Reuters, Star Health, which is India’s largest health insurer, received a $68,000 ransom demand from a cyber hacker in connection with the data breach involving customer information and medical records.

Star Health said Telegram refused to provide account details or permanently ban accounts associated with the hacker, known as xenZen, “despite several notices issued in this regard.” The insurer said it had “requested assistance” from Indian cybersecurity authorities to “help us identify” the hacker. Telegram also claimed that it does not have the authority under the Information Technology Act or relevant rules to remove all accounts posting data related to Star Health.