New VPN rules in India, why companies are upset and what they mean for you
Some of the world’s most well-known virtual private network (VPN) service providers have declared that they will be pulling their servers out of India. Companies such as Surfshark, ExpressVPN, and NordVPN have announced that their servers in India will be taken down as a result of an April 28 instruction by India’s cyber agency, the Computer Emergency Response Team (CERT-In). With 270 million users, India ranks among the top 20 nations in VPN usage according to AtlasVPN’s global index.
Here’s why VPN providers are concerned, what the new guidelines state, and whether or not they make using VPNs in India illegal.
Â
Why do so many Indians use VPN?
With the rise in cybercrime, Indian users’ online browsing is becoming increasingly vulnerable to hacking and the theft of personal information. According to the latest figures from India’s National Crime Record Bureau, cybercrime cases climbed by 63.5 per cent in 2019. These examples include not only money heists but also the seizure of email accounts in order to demand a ransom.
Online users must take precautions to protect their sensitive information, and the best way to do so is to use a reputable VPN provider.Â
Because of the surge in cybercrime, Indian users’ online browsing is becoming increasingly exposed to hacking and data theft. Cybercrime crimes increased by 63.5 per cent in 2019, according to the latest numbers from India’s National Crime Record Bureau. Not only are money heists an example, but so is the seizure of email accounts in order to demand a ransom.
Users must take care to protect sensitive information when using the internet, and the best method to do so is to use a reliable VPN provider. Using a VPN (virtual private network) when you go online can provide many benefits:
1. Hides your private information
Hides your private information websites and apps can monitor your internet activities in real-time and analyse the information they collect. A VPN can help keep the information you send and receive anonymous and safe by preventing web browsers and others from accessing your connection. Some VPNs also secure your data with military-grade 256-bit encryption.
2. Escape data-throttling
When you’ve used a specific amount of data, your internet service provider slows down your connection due to data throttling. Not only will your data be safe from prying eyes like ISPs and others, but a bandwidth cap won’t limit you if you use a VPN. ISPs can set data caps to help some of their customers get the most out of their internet.
3. Avoid bandwidth-throttling
You may have experienced bandwidth throttling if you’ve noticed slower internet speeds on some websites at times. ISPs — or anyone with administrative access to your network — could blame the sluggishness. A VPN can assist you. By encrypting your device’s internet traffic, it can prevent sluggishness. This hides the destination of your online traffic and prevents others on the same network from viewing it.
4. Access region-blocked services like PUBG Mobile*
Some VPNs may be able to access geo-restricted apps and content, such as PUBG Mobile (which will be banned in India in September 2020), Netflix, and other services*. How? A VPN can mask your IP address, making it appear that you’re browsing in a different area or zone where access is permitted. Note: Always check your local streaming service’s Terms of Service agreements to see what’s allowed and respect those rules. Even though using a VPN is totally legal in India, there have been a few instances where the government (police) has penalised locals for doing so.Â
5. Avoid censorship when travelling abroad*
VPNs can assist you in circumventing regional limitations. Some countries, for example, limit or prohibit access to certain websites, such as social media platforms, or censor specific content. A VPN, on the other hand, may be able to assist you in gaining access by making your traffic appear to originate from a different location. Keep in mind that it is the user’s obligation to determine whether or not using a VPN is legal, as well as to verify the legislation of the country (to which you are travelling) before using one.
6. Get regional sports coverage that isn’t accessible in your area*
For example, Sky Sports (accessible only in the United Kingdom and Ireland) does not have broadcast rights in India. Nonetheless, a VPN will be able to allow you to watch such a station.
7. Offer cheaper leased-line alternatives
Businesses, in particular, might benefit from the use of a VPN. Companies may, for example, avoid paying for expensive network capacity lines by using VPNs to connect their offices. Instead, they could use public infrastructure, such as local leased lines or broadband connections from a local ISP, to connect.
8. Offer cheaper long-distance telephone charges
Long-distance phone charges can be reduced with the use of a VPN. For example, instead of connecting to a company’s intranet using remote access servers and dial-up networks, you may use a VPN to connect to your local ISP access point.
9. Provide network scalability
The costs of establishing a dedicated private network rise in tandem with the size of the firm. Businesses can use Internet-based VPNs to tap into existing network lines and network capability, potentially enabling remote and foreign locations better reach and service quality.
10. Reduce support costs
Because support can be outsourced to third-party service providers who can sustain a reduced cost structure due to their many clients, using a VPN may assist a corporation in decreasing the expense of operating servers.
What do the government’s new VPN rules say?
According to the new cybersecurity standards, VPN service providers, as well as data centres and cloud service providers, must preserve client information such as names, email addresses, phone numbers, and IP addresses (among other things) for a period of 5 years.
This is what the rules say: Data Centers, Virtual Private Server (VPS) providers, Cloud Service providers, and Virtual Private Network Service (VPN Service) providers will be required to register the following accurate information, which they must keep for a period of 5 years or longer as required by law after any cancellation or withdrawal of the registration, as applicable:
* Validated names of subscribers
* Period of hire
* IPs allotted to / being used by the members
* Email and IP address, and time stamp used at the time of registration / on-boarding
* Reason for hiring services
* Address and contact numbers
* Ownership pattern of the subscribers/customers hiring services
Who all do the new VPN rules apply to and not
“All service providers, intermediaries, data centres, body corporates, and government agencies” are subject to the new guidelines. On May 12, CERT-In emphasised that the restrictions for keeping customer logs would only apply to individual VPN clients, not business or corporate VPNs.
What do these VPN service providers have to say about shutting India’s servers down?
“We follow stringent privacy standards as one of the industry leaders, which means we don’t collect or store client data. Our server architecture includes no-logging capabilities, which are at the heart of our values and standards,” a NordVPN representative stated.
“Furthermore, we are dedicated to safeguarding our customers’ privacy. As a result, we can no longer maintain servers in India, “the business added.
The CERT-In standards are “incompatible with the objective of VPNs, which are supposed to keep users’ online behaviour private,” according to ExpressVPN. Another player, Proton VPN, claimed in a tweet that the new CERT-In regulations are an “attack on privacy” and that it will keep its no-log policy in place. Surfshark has stated that it “proudly works” under a rigorous “no logs” policy and that the Cert-directives In’s “run against the core ethos of the company,” hence the company will shut down its physical servers in India before the new law takes effect.
Do the new rules make ban VPNs in India
No, the new regulations do not make using VPNs in India illegal. They are not prohibited. The government has imposed some limitations on users and increased compliance requirements for VPN providers. According to the administration, this was done to combat cybercrime and protect national security.
How will the new rules affect VPN users in India?
VPN users in India may face a severe know-your-customer (KYC) verification process when signing up for a VPN service under the new legislation. This could include explaining why they’re using it. Internet freedom activists claim that this could reveal users’ personal information to the authorities.
Does this mean these VPN service providers will not serve users in India?
There is currently no clarity about this. So far, none of these corporations has made a clear statement on the subject. Users of ExpressVPN will still be able to connect to servers that will give them Indian IP addresses and allow them to access the internet as if they were in India, according to the company. These ‘virtual’ India servers, according to the company, will be physically located in Singapore and the United Kingdom.
What is the government saying about VPN companies removing servers from India?
Despite corporate pressure, the government has taken a tough stance on the matter so far. VPN businesses that do not follow the cyber-security requirements are “free to leave India,” according to Rajeev Chandrasekhar, the Minister of State for Electronics and Information Technology. “Start keeping logs if you don’t already have them. If you’re a VPN that wants to hide and remain anonymous about those who use VPNs to do business in India, and you don’t want to follow these rules, you should simply leave India. That is your only chance,” Chandrasekhar expressed his thoughts.
The government is seeking global action against VPNs (among other tools) to curb cybercrime.
Despite business pressure, the government has so far taken a hard line on the issue. According to Rajeev Chandrasekhar, Minister of State for Electronics and Information Technology, VPN companies that do not fulfil the cyber-security regulations are “free to leave India.” “If you haven’t already, start keeping logs. If you’re a VPN wishing to stay anonymous about those who use VPNs to do business in India and don’t want to obey these guidelines, you should leave India. That is your only opportunity, “Chandrasekhar voiced his opinion.
Which countries have banned VPNs?
Currently, some nations regulate VPNs, while others outright prohibit them. China, Belarus, Iraq, North Korea, Oman, Russia, and the United Arab Emirates are the nations where VPN is not permitted. Because of internet filtering rules in other countries, utilising a VPN is risky.
What about Europe, the United Kingdom, and the United States?
There are no laws in the United Kingdom prohibiting VPN use. However, the country’s Investigatory Powers Act 2016 does provide UK intelligence services with authority to acquire communication data in bulk. VPNs are similarly unrestricted in the EU and the US. However, they have free reign and can be prosecuted by the government in certain circumstances involving national security and law and order.
