In response to a recent cybersecurity regulation issued by the Indian Computer Emergency Response Team, virtual private network (VPN) provider ExpressVPN said on Thursday that it is deleting Indian-based VPN servers.
“Relax, our users will still be able to connect to VPN servers that will provide them with Indian IP addresses and allow them to access the internet as if they were in India,” the business stated. “Instead of being physically based in India, these ‘virtual’ India servers will be physically hosted in Singapore and the United Kingdom.”
The news comes as the CERT-In has enacted new controversial data retention laws that will take effect on June 27, 2022, and would require VPN service providers to save subscribers’ true identities, contact information, and allocated IP addresses for at least five years.
The logged user data will only be sought for “cyber incident response, protective, and preventive activities connected to cyber incidents,” according to CERT-In.
Since then, the government has emphasised that this rule does not apply to corporate and enterprise VPN solutions, and that it is exclusively directed at operators who provide proxy-like services to “public Internet subscribers/users.”
“The new data law, which is intended to aid in the battle against cybercrime, is incompatible with the objective of VPNs, which are designed to keep users’ internet behaviour private,” ExpressVPN stated. “The law is likewise overreaching and overbroad, creating the potential for misuse.”
The Cyber Security Directions also require companies to report security failings such as data breaches and ransomware attacks within six hours of becoming aware of them.
Featured Image: news9
💫FOLLOW US FOR MORE UPDATES. ❌WE DO NOT HAVE IRRITATING AND SPAMMY NEWSLETTERS. ✅EVERYTHING IS AND WILL BE FREE FOREVER. SEE YOU AGAIN IN YOUR STORIES AND FEED 🙂