VPN providers are ordered to store user data for 5 or more years in India
The Indian government has published a directive that will forceVPN providersand crypto exchange platforms to store user data for at least five years, even when customers have since terminated their relationship with the companies in question. Decision makers at businesses who don’t comply with the new ruling could face up to one year in prison, with it going into effect in late June 2022.
Thedirective statesthat the ruling is in place to enhance cyber security, allowing the Indian government’s Computer Emergency Response Team (CERT-In) to gain information about potential incidents quicker, but the implications for customers are far reaching. VPN andVPScompanies will have to store and, if asked, share a variety of data, including the validated names of customers, both their legal and email addresses, their phone numbers, IP addresses associated with them, the subscription period, and the “ownership pattern” of the subscriber.
The companies in question will further have to report a number of breaches to CERT-In, including run-of-the-mill data breaches, fake mobile apps, and attacks on server infrastructure. Even the “unauthorized access to social media accounts” will have to be reported, which could mean that VPN providers will have to log their users’ movements around the web. This would be a fundamental change in many VPN providers’ business models, as virtually all reputable businesses promise no-log policies, never even saving their users’ browsing data in the first place and thus ensuring their anonymity.
EN Trackrreports that it is still unclear whether these rules apply to international companies doing business in India or if these will only apply to local VPN providers and crypto trading sites.
VPNs are used by many to stay anonymous online or to access services not available in their country. Instruments like these are vital for politically oppressed people or those who live in countries where internet censorship is executed. While India doesn’t fare as badly in this regard as some other countries, the Indian government is known toblock or disrupt internet connections routinelyto shut down conversations around uneasy topics.
In other countries like Russia, the crackdown on VPNs goes even further. Following a 2017 ruling, there is only a small selection of allowed VPN services, among them Kaspersky Secure Connection, that have agreed to connect with the government’s information system. Many other VPN services including big players like NordVPN or ProtonVPN have been outlawed, with their usage considered a crime.
Keep privacy a priority with the best VPNs
It’s time to sniff out the culprit
Google is still searching for answers
More visual changes
Perfect for all types of devices
I found the only AI photo app worth keeping on my phone
