{"id":183039,"date":"2022-05-06T20:17:41","date_gmt":"2022-05-06T14:47:41","guid":{"rendered":"https:\/\/blog.forumias.com\/?p=183039"},"modified":"2022-05-06T20:17:41","modified_gmt":"2022-05-06T14:47:41","slug":"how-indias-new-vpn-rules-change-the-status-quo","status":"publish","type":"post","link":"https:\/\/forumias.com\/blog\/how-indias-new-vpn-rules-change-the-status-quo\/","title":{"rendered":"How India\u2019s new VPN rules change the status quo"},"content":{"rendered":"\n<p><strong>News<\/strong>: On 28 April 2022, the Indian Computer Emergency Response Team (Cert-In) issued new directives that require Virtual Private Network (VPN) providers to store user data for five years.<\/p>\n<h5><strong>What does the directive say?<\/strong><\/h5>\n<p>Under the new directions,<\/p>\n<p><strong>Storage of user data<\/strong>:<\/p>\n<p><strong>&#8211;<\/strong> VPN providers will need to store validated customer names, their physical addresses, email ids, phone numbers, and the reason they are using the service, along with the dates they use it and their \u201cownership pattern&#8221;.<\/p>\n<p><strong>&#8211;<\/strong> In addition, Cert is also asking VPN providers to keep a <strong>record of the IP and email addresses<\/strong> that the customer uses to register the service, along with the timestamp of registration.<\/p>\n<p><strong>&#8211;<\/strong> Most importantly, however, VPN providers will have to <strong>store all IP addresses issued to a customer<\/strong> and a list of IP addresses that its customers generally use.<\/p>\n<h5><strong>What does this mean for VPN providers?<\/strong><\/h5>\n<p>VPNs basically <strong>obscure a person\u2019s internet usage<\/strong> by jumping the signal off multiple servers. A log of these servers can easily <strong>lead law enforcement agencies back to the original user. <\/strong><\/p>\n<p>That is why most top VPN operators provide a \u201cno logging&#8221; service\u2014at least for paying users. This means they do not keep logs of the user\u2019s usage history or the IP addresses of servers involved. Such services could be in violation of Cert\u2019s rules by simply operating in India.<\/p>\n<p>However, \u2018no logs\u2019 does not mean zero logs. VPN services still need to maintain some logs to run their service efficiently.<\/p>\n<p>The Indian government has not banned VPNs yet, so <strong>they can still be used to access content<\/strong> that is blocked in an area, which is the most common usage of these services. However, journalists, activists, and others who use such services to hide their internet footprint will have to think twice about them.<\/p>\n<h5><strong>What does it mean for users?<\/strong><\/h5>\n<p>For law enforcement agencies, a move like this will make it <strong>easier to track criminals who use VPNs<\/strong> to hide their internet footprint.<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Potential misuse<\/strong><\/span><\/p>\n<p>&#8211; Experts have pointed out that governments and their agencies can <strong>easily misuse such a rule, <\/strong>and it may actually <strong>drive such users towards the <span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/forumias.com\/blog\/answered-what-is-darknet-discuss-its-potential-dangers-and-urgent-need-for-a-data-protection-law-2\/\">dark and deep web<\/a><\/span><\/strong>, which are much tougher to police than VPN services.<\/p>\n<p>It is also unclear whether the\u200aCentre\u200awill\u200ause\u200athis\u200ato\u200atake action against users accessing content that is blocked in India using VPNs, such as the game PUBG Mobile.<\/p>\n<p><strong>Source<\/strong>: This post is based on the article \u201c<strong>How India\u2019s new VPN rules change the status quo<\/strong>\u201d published in <strong>Livemint<\/strong> on <strong>6th May 22<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>News: On 28 April 2022, the Indian Computer Emergency Response Team (Cert-In) issued new directives that require Virtual Private Network (VPN) providers to store user data for five years. What does the directive say? Under the new directions, Storage of user data: &#8211; VPN providers will need to store validated customer names, their physical addresses,&hellip; <a class=\"more-link\" href=\"https:\/\/forumias.com\/blog\/how-indias-new-vpn-rules-change-the-status-quo\/\">Continue reading <span class=\"screen-reader-text\">How India\u2019s new VPN rules change the status quo<\/span><\/a><\/p>\n","protected":false},"author":10328,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1230,9],"tags":[216,10501],"class_list":["post-183039","post","type-post","status-publish","format-standard","hentry","category-9-pm-daily-articles","category-public","tag-gs-paper-3","tag-live-mint","entry"],"jetpack_featured_media_url":"","views":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/183039","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/users\/10328"}],"replies":[{"embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/comments?post=183039"}],"version-history":[{"count":0,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/posts\/183039\/revisions"}],"wp:attachment":[{"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/media?parent=183039"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/categories?post=183039"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forumias.com\/blog\/wp-json\/wp\/v2\/tags?post=183039"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}