Virtual Private Network (VPN) providers, cloud service providers and operators have been given a three-month extension by India’s Computer Emergency Response Team. They must adhere to the new VPN rules. This is because VPN providers like SurfShark and NordVPN have removed their Indian servers and cited a risk to user anonymity.
The deadline was extended until September 25th, according to the Department of Electronics & IT, MeitY in a press release.
On April 26 CERT-In has requested VPN service providers to preserve for five years or more details such as the name of the validated customers as well as the time they rented the service and the IP address assigned to this user, his email. address, IP address and time stamp used at the time of registration for customers. It also asks VPN service providers to store information about the motives of customers using their services with valid addresses, valid addresses and contact numbers, as well as ownership patterns.
The cyber arm of the ministry in the decision stated that it extended the time to implement this Cyber Security Direction in response to many requests from micro, small and medium enterprises (UMKM). It also receives many requests from VPN, Data Center, Virtual Private Server (VPS) providers and Cloud Service providers.
Meanwhile, the government is still deciding its stance on the new VPN rules. CERT-In has in its April 26 directive also stated that the new rules are necessary to prevent inciting or committing any “crime committed through the use of computer resources or in the handling of cyber incidents” that may cause interference in “the sovereignty or integrity of India in defense of national security India, friendly relations with foreign countries, or public order”.
A few months ago in April, the Minister of State for Electronics and Information and Technology Rajeev Chandrashekhar warned VPN companies that if they did not follow the rules and regulations, they could leave the country. If you are a VPN company that wants to hide or be anonymous about VPN users and do not want to comply with these guidelines and regulations, then you can opt out (of the country). You have to go,” he said.