• btc = $92 527.00 581.21 (0.63 %)

  • eth = $3 107.55 -20.31 (-0.65 %)

  • ton = $5.42 -0.21 (-3.70 %)

  • btc = $92 527.00 581.21 (0.63 %)

  • eth = $3 107.55 -20.31 (-0.65 %)

  • ton = $5.42 -0.21 (-3.70 %)

25 Sep, 2022
2 min time to read

The body appointed by the Indian government to deal with cybersecurity and threats, the Computer Emergency Response Team (CERT) has begun requiring VPN operators to collect and store customer information under a new law, Wired reports.

The data, which is subject to the new rules, includes user names, physical and email address, phone number, IP address used to register with a VPN service, and IP addresses obtained while using such service, Internet session time data using a VPN, for at least five years, even if they cancel the subscription or delete the account.

Before the new law came into force, VPN providers began moving their servers out of the country in an attempt to protect the users’ privacy.

CERT attributed the need for these rules to the fact that VPN services impede cybersecurity investigations. The new rules, CERT argued, "strengthen cyber security in India" and are "in the interest of sovereignty or integrity of India."

VPN companies and privacy experts believe that the rules deprive users of the basic functions of VPN services, which encrypt users' Internet activity and conceal their location and identity, and violate users' privacy and freedom of speech.

A NordVPN spokesperson said:
As digital privacy and security advocates, we are concerned about the possible effect this regulation may have on not only our users but people’s data in general. From what it seems, the amount of stored private information will be drastically increased throughout hundreds or maybe thousands of different companies.

She adds that similar regulations have been "typically introduced by authoritarian governments in order to gain more control over their citizens."

The government has said that the new rules will not violate users' privacy as information will only be requested on a case-by-case basis.

It was earlier reported that Proton VPN is pulling its servers out of India. Other VPN companies are trying to find a way to continue operating in the country.

Representatives from ExpressVPN, Private Internet Access, and Surfshark VPN, told WIRED that they have set up virtual servers outside India for users who want to use an Indian IP address.

India is the country with the highest growth rate in the use of VPN services. For example, 348.7 million VPNs were installed in the first half of 2021, showing a 671 per cent jump in growth compared to the same period in 2020.