India launches crackdown against these VPN service providers: The Indian government recently made new rules about cybersecurity and warned that cloud service providers and Virtual Private Network (VPN) owners who don’t follow them would be punished. The Minister of State for Electronics and IT, Rajeev Chandrasekhar, has clarified that VPN service providers who fail to follow the new rules will be forced to stop doing business in India.
Minister Chandrasekhar said that “any organization with good intentions will understand that a safe and reliable internet is to their benefit” when he recently released a list of frequently asked questions (FAQs) about the rules for reporting cyber breach incidents. He said that companies that offer cloud services, VPNs, data centers, and virtual private servers should keep users’ data for at least five years, as the Ministry of Electronics and Information Technology requires.
A PTI article also reported Chandrasekhar as saying, “No one can say that they won’t follow India’s rules and laws. If you don’t have logs, start keeping them. If a VPN wants to keep its users’ information private and opposes these rules, it must shut down.
The Indian Computer Emergency Response Team (CERT-In) explained that under these new rules, VPN providers in India are required to keep track of information like their clients’ names, addresses, phone numbers, length of subscription, email addresses, IP addresses, and the reasons why their clients use their services. At the end of June, the rules will go into force.
For those who aren’t familiar with VPN services, they let people hide where they are and use the internet without allowing ISPs to see what they’ve been looking at. Investigative writers and “good” hackers often use this service to get to blocked websites in their countries. Still, CERT-In’s guidelines say that any group that doesn’t follow these rules could be punished under subsection (7) of section 70B of the Information Technology Act. This could mean a year in jail, a fine of up to Rs. 1 lakh, or both.