Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers

Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers

SUMMARY

Chandrasekhar's comments came in response to a few VPN service providers criticising the latest directions issued by CERT-In

Under the new directions, VPS and VPN service providers will be required to maintain logs, including names of customers, their IP addresses, among other things, for a period of five years

A large number of experts have also raised questions around the legality of the new rules in the absence of a robust data protection law in India

Minister of State for Electronics and IT Rajeev Chandrasekhar on Wednesday asked virtual private network (VPN) service providers to follow the latest directions issued by the Indian Computer Emergency Response Team (CERT-In) or terminate their business in India. 

Addressing a press conference on the clarifications issued by CERT-In on its directions, Chandrasekhar said that VPN providers will have to follow the new rules. His comments came in the wake of a few VPN service providers criticising the new directions.

“If you don’t have the logs, start maintaining the logs. If you’re a VPN that wants to hide and be anonymous about those who use VPNs and you don’t want to go by these rules, then if you want to pull out (from the country), frankly, that is the only opportunity you will have. You will have to pull out,” Money Control quoted the minister as saying. 

According to the new directions issued on April 28, data centres, VPN, Virtual Private Server (VPS) and cloud service providers will have to collect and hold data pertaining to validated names of customers hiring the services, period of hire including dates, IPs allotted to/being used by the members, email addresses, IP addresses and time-stamps used at the time of registration/on-boarding, among other things, for a period of five years. 

Following this, a few VPN service providers said that they would exit India rather than following such a mandate that threatens the basic foundation of VPN. NordVPN has already said that it would exit India if no other options are available.

Surfshark, ExpressVPN, PureVPN, CyberGhost and IPVanish are among the other VPN service providers in India.

Many experts have also raised questions around the legality of the new rules in the absence of a robust data protection law in the country. They pointed out that many journalists, activists, and whistleblowers also use VPNs for their work.

The government issued the new directions relating to information security practices, procedures, prevention, response and reporting of cyber incidents under the provisions of the Information Technology Act, 2000. These directives will be effective from June 27, 2022. 

CERT-In has also asked companies to synchronise their servers’ clocks to the servers of the National Informatics Centre or the National Physical Laboratory. 

However, the rules of maintaining customer logs will not apply to enterprise and corporate virtual private networks. The term “VPN service providers” will just apply to entities that provide “internet proxy like services through the use of VPN technologies, standard or proprietary, to general Internet subscribers”, it said.

India is one of the largest VPN markets in the world. In the past few years, the VPN usage has grown significantly in the country. VPN installs increased to a staggering 348.7 Mn in H1 2021, representing a growth of 671% compared to 2020, as per an Atlas VPN report

The report said that the increase can be attributed to the rapidly evolving digital ecosystem in the country, as India’s internet user base grew at a rate of 24% each year on average from 2015 through 2020.

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers-Inc42 Media
Follow CERT-In Rules Or Move Out Of India: Rajeev Chandrasekhar Warns VPN Service Providers-Inc42 Media
You’re in Good company