The deadline to comply with Indian government’s new data-collection rules fastly approaching, many VPN companies from across the globe have pulled their servers out of the country in a bid to protect their users’ privacy.
CERT-In will require VPN operators to collect and maintain customer information including names, email addresses, and IP addresses for at least five years, even after they have canceled their subscription or account.
VPN companies believe this move impacts user privacy and freedom of speech, and defeats the sole purpose of using VPNs, which encrypt users’ internet activity and mask their locations and identities.
According to an analysis, the first half of 2021, 348.7 million VPNs were installed, showing a 671 percent jump in growth when compared to the same period in 2020. This massive growth can be attributed to continuous internet shutdowns, a rise in digital scams, and the need for Indians to protect themselves online.
The government says it will not violate user privacy as information would be sought only on a case-by-case basis. This claim ignores the Indian government’s track record of surveilling critics, politicians, and activists. The country’s top court recommended that existing surveillance laws incorporate the right to privacy and introduce mechanisms for citizens to raise complaints against illegal surveillance.
Express VPN, Nord VPN, Proton VPN is also pulling its servers from India, report says. Meanwhile, other VPN companies are looking for solutions that have minimal impact on their users while also maintaining their privacy.