The Government of India has introduced a new IT policy. This policy makes major changes to the rules for using VPN services. Users and VPN service providers have expressed displeasure over the rules.
This is because the service that used to hide the identity online will now store your data. This policy will be effective from the end of June this year.
The Government of India will now require VPN service providers to collect user data. Users' stored data must be stored for up to five years, and even after the customer deletes the account, the data must be kept with the companies. The CERT-in (Computer Emergency Response Team) has issued instructions to VPN service providers under the new IT policy. This policy will be implemented till the end of June 2022.
What data is the government asking for?
The name, IP address, usage pattern and other identifying information of the users using VPN will also have to be stored. This is the exact opposite of VPN service. This service is used to hide online identities. VPN operates on a no-logging policy. Companies only run on RAM disk servers and other log-less technology. Therefore, they cannot monitor data and usage information.
Why was the decision taken?
Recently, strict measures are being taken for online activities in India. So the rules of VPN have been changed. VPN lets users hide their browsing history, device information, IP address and location. As a result, cybercrime is on the rise. Companies now have to store all user data for at least 5 years. Failure to do so could result in imprisonment for up to one year.
Reaction of VPN service providers
According to media reports, Surfshark, Proton VPN and Express VPN have refused to accept the rules. Harold Lee, vice president of Express VPN, said, "The Indian government's new rules on requesting user's private data from VPN companies are a cause for concern. This is a violation of citizens' digital rights."