India’s New VPN Policy Delayed by Three Months

India’s New VPN Policy Delayed by Three Months

Back in May, India’s CERT (Computer Emergency Response Team) and the Ministry of Electronics and Information Technology (MeitY) came up with new cybersecurity policies that required VPN providers to store user data, and these were set to go live on June 27. However, after much backlash, CERT-In has decided to delay the new VPN policy by three months. Here are the details to know.

India’s VPN Policy Timeline Extended

CERT-in has now announced that the new VPN policy will now come into effect, starting September 25thus, giving VPN providers more time to comply with the new rules.

See also  Oppo Find X5 Pro Leaked Renders Show-off Its New Design

In an official press releaseit is revealed that “MeitY and CERT-In are in receipt of requests for the extension of timelines for implementation of these Cyber ​​Security Directions of 28th April 2022 in respect of Micro, Small, and Medium Enterprises (MSMEs). Further, additional time has been sought for the implementation of a mechanism for validation of subscribers/customers by Data Centres, Virtual Private Server (VPS) providers, Cloud Service providers, and Virtual Private Network Service (VPN Service) providers.

This comes after various VPN providers opposed the decision. For those who don’t know, ExpressVPN and SurfShark VPN recently announced to remove their servers from India as they didn’t want to comply with the new VPN rules. Although, both of them will continue to work for Indian users via virtual servers in India.

See also  Samsung Galaxy Z Flip 4 Official Render Appears; Have a Look!

To refresh your memory, the new policy requires VPN providers and more to store user data like their names, IP addresses, email addresses, and phone numbers for at least five years† This is meant to curb cyber attacks. However, is clearly against the main purpose of these services, which is to provide users with a privacy-focused experience.

Additionally, ISPs and data centers are also required to maintain proper logs of their systems over a rolling 180-day period. You can learn more about the new policy about here†

It remains to be seen if this extension is a one-time thing or will continue, given that it has attracted the negative limelight. We will let you know more details on this once there are updates. So, stay tuned. Also, share your thoughts on the new development in the comments below.

See also  How to Enable or Disable Two-Factor Authentication (2FA) on Discord

Related Posts