Technology

VLC site ban: Data transfers to servers in ‘hostile country’

The Minry of Electronics and IT (MeitY) ordered the blocking of the website of VLC Media Player after it found that the site was communicating with servers of a previously banned app the minry which was transferring sensitive personal data of Indians to a “hostile country,” The Indian Express has learnt.
The request to block the website of VideoLAN, the non-profit that operates VLC Media Player, was sent the Home Minry.
VideoLan’s URL, videolan.org, from where the VLC Media Player software could be downloaded, was blocked in the country under Section 69(A) of the Information Technology Act sometime in February. However, the VLC Media Player software is available for download on Google and Apple’s app stores.
Earlier this month, VideoLan had sent a legal notice to MeitY and the Department of Telecommunications (DoT), seeking to know the reasons for which the site had been blocked in India, and demanding a copy of the blocking order issued for blocking its URL.
MeitY is learnt to have prepared an internal note in response to the legal notice – which VideoLan had issued with assance from the Delhi-based digital rights group Internet Freedom Foundation – and is in the process of sharing it with VideoLan.
According to a source familiar with the contents of the minry’s note, VideoLan’s website was “communicating” with an app called Onmyoji Arena and the data collected the site was transferred through this app to a “hostile country”. A separate technical evaluation committee has also confirmed this fact, the note is understood to have mentioned.
The app in question here, Onmyoji Arena, was one of the 54 apps that MeitY had ordered to block in February for alleged Chinese-links and for posing a national security risk to India.
The minry is also said to have relied on various “open source threat intelligence reports” to conclude that VLC Media Player was used a China-backed hacking group called ‘Cicada’ for carrying out cyber attacks. These threat intelligence reports also purportedly revealed a malicious campaign from hackers associated with the Chinese government who were using VLC Media Player to “launch a custom malware loader”. In cybersecurity parlance, a loader is essentially a malicious code used for communication between the attacker and the compromised system.
However, it is worth noting that the various threat intelligence reports that MeitY is learnt to have mentioned in its note are from between April and August this year, whereas the VideoLan website was banned before that time period, in February. As such, VideoLan is not a China-based entity, but is headquartered in France.
Queries sent to MeitY and VideoLan remained unanswered until publication.
In its legal notice, issued on October 4, Jean-Bapte Kempf, the president and lead VLC developer of VideoLan had expressed shock at the blocking of the website despite the “Government of India itself endorsing the use of VLC as a part of its Digital India initiative”.
“ blocking the URL, your offices are in violation of international obligations to protect free speech in India. This incident also affects the fundamental rights of all Indian users of VLC who have the right to receive the information freely available on the URL,” VideoLan’s legal notice had said.

Related Articles

Back to top button