New Data Rules In India Force VPN Providers To Flee

June 9, 2022

Several VPN providers are withdrawing from the Indian market under new data rules from the Indian government.

The policy requires VPN, Virtual Private Server (VPS) and cloud service providers to store customers’ names, email addresses, IP addresses, know-your-customer records, and financial transactions for five years.

It is part of the Indian government’s attempts to regulate encrypted web traffic and was issued by India’s top cybersecurity agency, the Indian Computer Emergency Response Team (Cert-In).

The directive also states that cybersecurity breaches be reported within six hours of discovery.

Yet, even though the Indian government took the decision to reduce the country’s growing reliance on VPNs, the directive has created so much confusion about what was expected and what it wants to achieve.

“The directives are very broad and there’s not much clarity on how this will be applicable due to the wordings of the directive. Just the fact that the government had to issue a long FAQs note along with the directive shows the complexity of the situation. You can’t have FAQs to clarify statutory provisions,” said Prasanth Sugathan, a partner at law firm Sugathan and Associates.

The sources for this piece include an article in ComputerWorld.

Top Stories

Related Articles

June 26, 2026 Ford Motor Co. turned to veteran engineers to tackle persistent vehicle quality problems after finding that artificial more...

June 26, 2026 Meta's chief technology officer says employee morale has fallen to one of the lowest levels in the more...

June 26, 2026 Memory chip maker Micron says it has signed 16 long-term strategic customer agreements that include price floors more...

June 26, 2026 IBM says it has developed the world's first functional sub-1 nanometre computer chip, marking what the company more...

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn