Follow Us:
Monday, August 08, 2022

CERT-In extends new privacy rules for VPN providers to September 25

The deadline now has been extended to September 25, the Ministry of Electronics & IT (MeitY) said in a press statement.

By: Tech Desk | Pune |
Updated: June 29, 2022 8:59:38 am
The Indian IT Ministry has ordered VPN companies to collect and store users’ data for a period of at least five years. (File Image)

The Indian Computer Emergency Response Team (CERT-In) has given Virtual Private Network (VPN) providers and cloud service operators an extension of three months to comply with its newly drafted VPN rules. This comes as VPN providers such as SurfShark, NordVPN, and ExpressVPN removed their India servers citing a threat to the anonymity and privacy of users.

However, the deadline now has been extended to September 25, the Ministry of Electronics & IT (MeitY) said in a press statement.

On April 26, CERT-In had asked VPN service providers to maintain for five years or longer details such as the validated names of their customers, the period for which they hired the service, the IP addresses allotted to these users, the email addresses, the IP addresses and the time stamps used at the time of registration of the customers. It also wants VPN service providers to maintain data such as the purpose for which the customers used their services, their validated addresses and contact numbers, and the ownership pattern of the customers.

The ministry’s cyber-arm in an order stated that it is extending the timeline for implementation of these Cyber Security Directions upon several requests of micro, small and medium enterprises (MSMEs). It also received multiple requests from VPN, Data Centres, Virtual Private Server (VPS) providers,  and Cloud Service providers.

Subscriber Only Stories
UPSC Key-August 8, 2022: Why you should read ‘NITI Aayog’ or ‘Bottom-up A...Premium
Post for Tejashwi holds RJD hand, BJP waits and watchesPremium
UPSC Essentials: Key terms of the past week with MCQsPremium
C Raja Mohan writes | India, Bangladesh, Pakistan: What east can teach westPremium

Meanwhile, the government is fixed on its stance on the new VPN rules. CERT-In has in its April 26 directive also said that these details are necessary to prevent incitement or commission of any “cognisable offence using computer resources or for the handling of any cyber incident” which may lead to any disturbance in the “sovereignty or integrity of India, defence of India, security of the state, friendly relations with foreign states or public order”.

Earlier last month, Minister of State for Electronics and Information and Technology Rajeev Chandrashekhar warned VPN companies that if they do not adhere to the norms, they are free to exit the country. “If you’re a VPN that wants to hide and be anonymous about those who use VPNs and you don’t want to go by these rules, then if you want to pull out (from the country), frankly, that is the only opportunity you will have. You will have to pull out,” he said.

TWO IS ALWAYS BETTER | Our two-year subscription package offers you more at less

📣 Join our Telegram channel (The Indian Express) for the latest news and updates

For all the latest Technology News, download Indian Express App.

  • Newsguard
  • The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.
  • Newsguard
First published on: 28-06-2022 at 04:17:51 pm

Featured Stories