SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules

SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules

SUMMARY

Justice Yashwant Varma directed CERT-In to submit its reply to the petition filed by VPN provider, SNTHostings, within four weeks

The CERT-In directions mandate data centres, VPNs, VPS providers and cloud service providers to collect and hold data for five years

The new mandates issued by CERT-In have received a lot of criticism and many VPN providers have already pulled out their servers from India

The Delhi High Court on Wednesday (September 28) issued a notice to the Centre on a petition challenging the legality of the directions issued by the Indian Computer Emergency Response Team (CERT-In) for virtual private network (VPN) service providers in the country in April this year.

The petition was filed by SnTHostings, which provides VPN and virtual private server (‘VPS’) services. 

The Internet Freedom Foundation (IFF), which provided legal assistance to SnTHostings, noted that the directions present an existential crisis to SnTHostings as they mandate collection of various personal data and its sharing with “CERT-In on demand and/or on the occurrence of a cyber-security incident”.

Justice Yashwant Varma directed CERT-In to submit its reply within four weeks. 

As per Bar and Bench, the court’s order said, “Issue notice. The present petition challenges the directions given in the circular dated April 28, 2022 by CERT-In. The petitioner submits that Directions under sub-section (6) of section 70B of the Information Technology Act, 2000 are vague leave the petitioner in a quandary.”

Advocate Samar Bansal, appearing for the petitioner, argued that the directions were issued despite CERT-In not being empowered to do so and that they affect the right to trade of SnTHostings, the IFF said.

The court will next hear the matter on December 9, 2022.

The CERT-In directions mandate data centres, VPNs, VPS providers and cloud service providers to collect and hold data for five years. These data includes validated names of subscribers/customers hiring the services, email addresses, IP addresses and time-stamps used at the time of registration/on-boarding, period of hire including dates, IPs allotted to/being used by the members, and more. 

As per legal experts, the directions are technologically difficult to comply with.

In June, SnTHostings sent a legal representation to the Ministry of Electronics and Information Technology (MeitY) asking to recall the directions, which were set to come into force from July 27.

“At the outset, the Directions have been issued without any consultation with stakeholders and have reportedly already resulted in major entities such as ExpressVPN completely removing their servers from India and others, such as ProtonVPN, classifying India as a “high-risk country”, the VPN service provider said in the letter. 

“This demonstrates how detrimental these Directions could be for investment in India and our business reputation internationally,” it added.

Many other VPN providers had also protested against the government’s move. Last week, Proton VPN said that it was removing its physical servers from India in response to the country’s “regressive new surveillance law”. It joined other foreign VPN service providers like ExpressVPN, Surfshark, and NordVPN, who have already pulled their servers out of the country as the government refused to budge on the directions despite requests and widespread criticism.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules-Inc42 Media
SnTHostings Sues Indian Govt, Challenges Legality Of VPN Rules-Inc42 Media
You’re in Good company