There are many industry-leading VPN providers that truly follow the No-Log policy (not store any logs) to keep the user identity private. But shockingly, the Indian government made it mandatory to store user data. Seems like the service provider clock is not ticking on their side…
“The Ministry of Electronics and Information Technology, earlier this week, passed a regulation that VPN providers, as well as cryptocurrency exchanges, must maintain records of users for five years.”
What Information Government want VPNs to Store?
ICERT (Indian Computer Emergency Response Team) under the Ministry of Electronics and Information Technology made it mandatory to store the user information at data centers of VPN providers, cloud providers, etc for 5 years.
Now VPN service providers will have to store the below data of users and maintain them for 5 years or longer as per government law:
- Validated name of subscriber or customer.
- Subscription period including dates.
- Allotted VPN IPs to the user during different sessions.
- Email, IP address, and time stamp used at the time of subscription.
- Purpose of taking the subscription.
- Verified address and contact number.
How Does It Impact VPN Users?
First, of all, let’s be clear about who will get affected by the new government policy? Whether native people or foreigners. Well, the answer is people who actually get connected to the Indian server. Either if you are from another country or from India, your encrypted internet traffic will be decrypted at the VPN server.
Now, Government is forcing VPNs to store the logs at VPN Servers (*Indian) so they can immediately identify any user who is committing illegal activities & crimes under the hood of a VPN. This will really affect the users who visit blocked websites (including streaming adult content or illegal torrent websites. As the data logged at the VPN servers will include your complete browse history.
But this can be 👍avoided by shutting down all the VPN Provider Servers in India, which providers are planning. So, you can continue browsing, streaming, and torrenting privately again.
Why VPNs Are Turning Back from India?
When you recollect the definition of VPN (Virtual Private Network) which is primarily designed to route users’ internet traffic through a secured encrypted tunnel after assigning them with the VPN Server IP. So that, no one will know the real identity of the user.
To attain even more anonymity, VPN providers have chosen to not store any of the user data and it’s called the “VPN No-Log Policy“. Not all VPNs are truly no-log ones, but there are few VPN providers like ExpressVPN, NordVPN, SurfsharkVPN, etc that don’t cross the line.
Most of these premium VPNs maintain servers in India to unblock Indian-specific services in other regions. Here is a quick list of the Best no-log VPNs that have Indian Servers.
It’s completely ❌against their rules & definition of a true VPN to store the logs of users. Further, these service providers may have left the Indian market on respecting their privacy (0% Log) practices. As a result, VPN providers decided to shut down their Indian servers in order to sustain their no-log fame.
Reasons Behind The New Rule
The government came up with this policy to checksum some of the major issues (Vulnerabilities) like hacking accounts, misuse of social media accounts, Cyberattacks, etc.
It’s because some users are very bad actors when they are online doing all the wrong things and being invisible (Anonymous). When VPNs log the data of the user connections, the cybercrime teams can hunt these bad guys quickly & effectively.
Let’s 📢Hear What Security Experts Say
Right after this new law announcement, many privacy and legal experts including advocates criticized the new rules. They call it something that should be “withdrawn immediately”. Also, Internet Freedom Foundation (Delhi-based advocacy group), said these will harm the “individual freedom and privacy” of VPN users.
Collecting user data will not only impact VPN service providers, but also the users. But it’s unclear how user data rendition for 5 years will help in increasing the cyber security, mentioned in the statement.
FAQs Related to New Norms
Is It Legal to Use a VPN in India?
VPNs are completely legal to use in India and almost in every country, except if you use them for some illegal activities (downloading copyright content). But using a VPN is illegal in some highly restricted countries like Iran, Iraq, North Korea, etc.
Is India not a privacy-friendly country?
Though India is not a part of the surveillance group countries, the new government rules make the situation harder for privacy & online freedom. There might be several factors behind taking this decision, but still, I believe it’s not the right move in the case of VPNs.
Will my data get stored in India now?
No, this new policy is not implemented yet, they just announced and there are many controversies around the policy. I hope they will make some amendments to it after a few discussions if not VPN will shut down their Indian servers. So, your data won’t bed stored anywhere.
Is my VPN Subscription waste now?
Absolutely not, no one uses a VPN to access their local content so if you are from India. There is no hassle for VPN unblocking other region content for you. But if you are someone who lives outside India, you may not be able to enjoy Indian content as the servers in India will be removed. This is the only effect, the rest of all other country servers are safe & sound.