New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt

New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt

SUMMARY

IAMAI has reportedly sent a letter to the IT ministry this week, criticising one of the directives in the government’s new cyber security rules introduced in April

IAMAI has reportedly proposed to extend the six-hour window for reporting cyber incidents citing the global standard of 72 hours

IAMAI was not immediately available to confirm the report to Inc42

The Internet and Mobile Association of India (IAMAI), the industry body representing companies such as Google, Meta (formerly Facebook), and Reliance, has reportedly sent a letter to the IT ministry this week, criticising one of the directives in the government’s new cyber security rules introduced in April.

The new direction that would be in effect from June 27 will create an “environment of fear rather than trust”, IAMAI has warned the government, asking for delaying it by a year, as reported by Reuters.

India’s Computer Emergency Response Team (CERT-In), monitored by the Ministry of Electronics and Information Technology (MeitY), introduced the new directions around cyber security on April 28, mandating all private Virtual Private Network (VPN) service providers, cloud service providers and more such organisations to collect their user data and store them for five years or more.

In the new CERT-In rules, there is another direction that requires the tech companies to report any cyber incidents within six hours of noticing the breaches.

In its letter to the ministry, IAMAI has reportedly proposed to extend the six-hour window and noted that the global standard for reporting cyber security incidents is generally 72 hours.

The cost of complying with such directives could be ‘massive’, and proposed penalties for violation including prison would lead to “entities ceasing operations in India for fear of running afoul,” the IAMAI letter said, as per the report.

IAMAI was not immediately available to confirm the same to Inc42.

Earlier, several legal experts have spoken against the new rules calling them detrimental to user privacy and data protection.

Besides, the latest IAMAI letter to the government follows one from 11 significant tech-aligned industry associations that said the new requirements would make it difficult to do business in India, earlier this week.

There were reports on May 28 that a host of global business associations including the US Chamber of Commerce, the US-India Business Council, the US-India Strategic Partnership Forum, techUK, and others, have expressed concerns over the new directions in a letter to Sanjay Bahl, the director general of CERT-In.

As a step to maintain its stringent no-log policy, ExpressVPN announced removing its India-based servers this week.

“ExpressVPN refuses to participate in the Indian government’s attempts to limit internet freedom,” wrote the foreign VPN service provider in a blogpost.

On the other hand, another VPN service provider NordVPN has been mulling India exit plans since the directives were first introduced. 

“If the current Indian government’s position will not change in the next couple of weeks, we will remove our servers as there will be no other way to stay in India while preserving the privacy of our customers and integrity of our service,” Laura Tyrylyte, head of public relations at Nord Security said in her latest email to Inc42.

“That said, we don’t see any reason to remove our infrastructure earlier than necessary,” she added.

Despite criticisms from varied legal and industry bodies, and companies planning to leave India, the government has maintained its stance of putting the new directives into effect.

To that end, Minister of State for Electronics and IT Rajeev Chandrasekhar made it clear in May that VPN service providers have the option of either following the latest directions or terminating their businesses in India.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt-Inc42 Media
New Cyber Rules Creating An Environment Of Fear Rather Than Trust: IAMAI To Govt-Inc42 Media
You’re in Good company