India Orders VPN Providers to Log and Hand Over Customer Data

Date:

CHOOSE YOUR CHOICE GIFT CARD OFFER TODAY


In an effort to fight cybercrime, India is enacting a new policy that’ll require VPN providers to collect and turn over user data, including the IP addresses assigned to customers. 

CHOOSE YOUR CHOICE GIFT CARD OFFER TODAY

The policy is meant to bolster the powers of the country’s national agency, the Indian Computer Emergency Response Team (CERT-In), which deals with cybersecurity incidents. 

“During the course of handling cyber incidents and interactions with the constituency, CERT-In has identified certain gaps causing hindrance in incident analysis,” India’s government said in adopting the new policy last week.

CHOOSE YOUR CHOICE GIFT CARD OFFER TODAY

The new regulations call for VPN providers to log and store the following information from customers for at least five years: 

  • Name, email address and phone number

  • The customer’s purpose for using the VPN service

  • The IP addresses allotted to the customer and the IP address the customer used to sign up with the service

  • The “ownership pattern” of the customer

Such information could help India unmask cybercriminals who use VPNs for malicious activities. But it also risks compromising the privacy of all other users on the VPN service, including what websites they’ve been visiting. As a result, the new policy threatens to undermine a key selling point to using a VPN, which are often promoted as tools to protect your digital privacy.

CHOOSE YOUR CHOICE GIFT CARD OFFER TODAY

India’s policy also requires a wide range of internet services, including ISPs and data centers, to maintain logs of all their systems over a rolling 180-day period. In addition, cryptocurrency exchanges must maintain all their transaction and customer records for five years. 

CHOOSE YOUR CHOICE GIFT CARD OFFER TODAY

Recommended by Our Editors

We reached out to several VPN providers on the new requirements, and will update the story if we hear back. But we expect that major VPN vendors will refuse to follow the regulations, which could push the Indian government to block access to offending VPN providers or impose fines.

“The failure to furnish the information or non-compliance…may invite punitive action,” the regulations state. The new policy goes into effect on June 27.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

CHOOSE YOUR CHOICE GIFT CARD OFFER TODAY





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Subscribe

Popular

More like this
Related

Cloudflare Announces Privacy-Friendly Alternative to CAPTCHA

This site may earn affiliate commissions from the...

Retail Giant Amazon Planning to Open Warehouse in Washington County

One of the largest companies in the world...

Top Sites & Selling Tips

Who doesn’t love receiving gift cards? There’s nothing...

Cheshire Oaks Christmas tree climb to kick off festive calendar

THOSE with a head for heights...