India to force VPN companies to hand over user data

By Nick Heyman On Apr 30, 2022

Using your favorite VPN in India may soon be impossible thanks to new regulations that will require VPN providers to collect and store a wide range of data on their customers for a period of five years.

As reported by ENTRACKR, the Computer Emergency Response Team (CERT-in) which is under the control of the country’s Ministry of Electronics and Information Technology has issued a new set of directions in an effort to “coordinate response activities as well as emergency measures with respect to cyber security incidents.

VPN providers aren’t the only companies that will be required to store customer data though as the directions also apply to data centers, cryptocurrency exchanges and Virtual Private Server (VPS) providers as well.

Beginning in June of this year, companies in these industries will be required to register customer names, customer ownership patterns, customer contact information and the reason they have purchased their services in the first place.

Improving cyber incident response at a cost

CERT-in’s new order appears to be aimed at ensuring the government agency can respond to all manner of cyber incidents within six hours of their discovery. While the order itself may be well-intentioned, the range of data CERT-in is asking organizations to store and provide upon request is quite unusual.

CERT-in requires organizations to report data breaches, fake mobile apps, attacks on server infrastructure and even unauthorized access to a user’s social media accounts. Additionally, businesses that fail to provide the necessary information are governed by Section 70B(7) of the IT Act which could lead to up to one year in prison.

Another snag in the Indian government’s plan is that most VPNs have a ‘no-logs policy’ or at the very least, only keep user data temporarily. As a result of CERT-in’s new directions, many VPN providers and other IT companies could potentially stop doing business in India as they can no longer legally operate in the country.

The new directions will go into effect at the end of June unless the window for compliance is extended which very well could be the case. Until then though, consumers and businesses in the country should pick up one of the best India VPNs while they still can.

Via ENTRACKR

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.