A new rule would oblige VPN companies to collect and preserve a wide range of data on their clients for a period of five years.
The country’s Computer Emergency Response Team (CERT-in), which is overseen by the Ministry of Electronics and Information Technology, has issued a new set of guidelines in an effort to coordinate response activities as well as emergency measures with respect to cyber security incidents, reported ENTRACKR.
The report also stated that for five years, data centres and crypto exchanges must keep a wide range of data about their users.
Along with VPN providers’ data centres, cloud service providers, and Virtual Private Server providers must register customers’ names, ownership patterns, contact information and the reason for which they are hiring these services, the report added.
The new guidelines will take effect late in June, unless the compliance deadline is extended, as is common with such directives.
The order’s overall goal is to ensure that CERT-in can respond to cyber incidents within six hours of their discovery. However, the scope of data it is requesting IT businesses to save and deliver upon request appears extraordinary.
As per the CERT, organisations must report data breaches, fake mobile apps, server infrastructure assaults, and even unlawful access to a user’s social media accounts under CERT-in. Additionally, organisations that fail to disclose the required information are subject to Section 70B (7) of the IT Act, which carries a prison sentence of up to one year.
Most VPNs have a “no-logs” policy or, at the absolute least, only keep user data for a limited time. Many VPN providers and other IT businesses may be unable to do business in India as a result of CERT-new in’s guidelines, as they are no longer legally permitted to do so.
This new rule may cause concern among the VPN providers and users in India, where its adoption increased from 3.28% of the population in 2020 to 25.27% in the first half of 2021.
It is noteworthy that as per the reports from last year, in April, when a fresh lockdown was declared in Delhi due to a new wave of Covid-19, VPN demand increased by 53% in the region.
Read all the Latest Tech News here
Comments
0 comment