Microsoft, Google, Apple, Windows, Android, iOS, Internet, Cyber Security, Hacking, Malware, Smartphone, Mobile App


India orders VPN companies to collect and store user data

It seems that India is following the path of Russia and will monitor the online activities of its citizens more closely. Its most recent move will force internet infrastructure providers, including VPN companies, to collect and, if requested, hand data over to the country’s governing bodies.

What CERT-in wants

India’s Computer Emergency Response Team (CERT-in) ordered VPN companies, data centers, ISPs, hosting providers, and other internet infrastructure companies operating in India to collect their customer data, store it for five or more years, and hand it over to the government if requested. That means that a VPN company with servers in India may no longer be able to guarantee privacy for its users. The government body asks such companies to collect and report such data as:

  • Users’ full names, physical addresses, email addresses, and phone numbers.
  • Their reason for using a VPN.
  • The dates of usage of the service.
  • The IP addresses and emails used by users to register for the services as well as registration time stamps.
  • All IP addresses issued for a user by a VPN provider and a list of IP addresses used by its customers.

Those that do not comply with the regulation can potentially face up to one year in prison. The directive also applies to cloud service providers and data centers. If it passes, the directive will take effect on June 28, although an interim period will pass until its full implementation.

Many major VPN companies providers adhere to strict privacy policies, which means that they don’t collect or store customer data. No-logging features are usually embedded in their server architecture, and it would be complicated for providers to change it. Moreover, a reliable VPN company wouldn’t agree to such a requirement for ethical and reputational reasons. So the passing of this law would mean that many premium VPN services would no longer be able to keep servers or even operate in India.

As a result, on June 26, 2022 NordVPN will shut down its servers operating in India. However, apart from this, NordVPN services will operate as usual in the country.

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy