In the meantime, at least five major VPN players have decided to remove their physical VPN servers from the country.
India’s new policy that requires VPN services to log and potentially turn over data on their customers was supposed to go into effect on Monday, but the country has decided to push back the date by three months.
The policy is now set to go into effect on Sept. 25. The Indian government settled on the new date, citing requests from companies asking for an extension.
“Further, additional time has been sought for implementation of mechanism for validation of subscribers/customers by Data Centres, Virtual Private Server (VPS) providers, Cloud Service providers and Virtual Private Network Service (VPN Service) providers,” Indian authorities announced(Opens in a new window) on Tuesday.
India introduced the policy back in May with the goal of helping the country fight cybercrime. Soon, all internet and cloud service providers will need to maintain logs of their systems, and report hacking incidents to India’s cyber authorities within six hours of detection.
However, India has also decided to apply the new policy to VPNs, which are designed to protect user’s privacy, not undermine it. The upcoming rules specifically call for all VPN providers serving users in the country to collect the IP addresses their subscribers use. Indian authorities can then request the data, along with a subscriber’s name, email address, and contact number.
The IP address data, in particular, could be used to map out a VPN subscriber’s browsing history if it’s coupled with information from other web providers. As a result, at least five major VPN providers have decided to remove their physical VPN servers in the country, saying India's data collection policy goes too far.
On Monday, PureVPN told us: “We are a strict no-log company. While we do not collect any identifiable information from our users, we cannot operate physical servers in a country where we will be forced to change our operating methods and compromise our users’ privacy and security.”
These VPN companies plan to continue to serve users in India. To replace the physical servers, some VPN providers have decided to offer virtual VPN servers for India. These VPN servers are physically based in another country, but have IP addresses assigned to the Indian market.
“We are not new to virtual servers, so users will not see any difference in terms of quality or experience when they connect to the India virtual server," PureVPN added. "Users will get the same privacy and security they did with physical servers. We are already running virtual servers for multiple locations such as Bangladesh, Bahrain, Egypt etc."
However, the country’s government has told VPNs to comply with the rules or potentially face consequences. “If you don’t maintain logs, this is not a good place to do business,” Rajeev Chandrasekhar, Minister of State for Electronics and IT, said last month.
- Karlston
-
1
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.