The Indian Government has stated that if the VPN providers do not comply with the rules laid out to them, the government will have to take appropriate action against them, but did not specify the steps that the government will take.
The Indian Government’s VPN guidelines will impact 270 million VPN users in India as the providers have no other option than to leave the country. These rules were requested to be followed in April due to the growing industry concerns.
The rules are set to be enforced from the end of June. After these regulations were announced, one of the world’s largest VPN providers, NordVPN, said it may remove its servers from India. This move will be a huge blow to India’s tech industry as well as the tech enthusiasts.
The Indian Computer Emergency Response (ICER) Team had issued a directive asking tech companies to report data breaches within six hours of noticing such incidents. The companies were even told to maintain IT and communications logs for six months.
The ICER Team had also mandated cloud service providers such as Amazon and virtual private network (VPN) companies to retain the names of their customers and IP addresses for at least five years, even after they stop using the company’s services.
Many privacy activists have said the rules contradict the idea of VPN, which is to safeguard the identity of individuals such as whistleblowers from surveillance. They suggested if the providers want to pull out VPN from India then they should frankly go ahead and pull themselves out.