Friday, August 12, 2022



Indian cyber agency gives VPN providers 3-months breather

New Delhi, June 28, 2022- The Indian Computer Emergency Response Team (CERT-In) has given virtual private network (VPN) providers another three months to comply with its new rules.

The new rules that were supposed to be effective from June 27 require VPN service providers along with data centres and cloud service providers, to store information such as names, email IDs, contact numbers, and IP addresses (among other things) of their customers for a period of five years.

The April 28 directive from India’s cyber agency sought additional compliance requirements for all VPN providers whose users are in the country.

Now, the new CERT-In direction will become effective on September 25.

The agency has directed data centres, virtual private server (VPS) providers, cloud service providers and VPN providers that this specific aspect of the direction will become effective on September 25.

“The extension of timelines for implementation of these Cyber Security Directions of 28th April, 2022 have been urged in respect of Micro, Small and Medium Enterprises (MSMEs) for providing reasonable time for generating capacity building required for implementation of these Directions,” said the CERT-In.

Nearly 22 cybersecurity experts on Monday sent a joint letter to CERT-In and the Ministry of Electronics and IT, asking them to defer implementation of the contentious new Directions issued in April.

“The Directions will have a negative impact on cybersecurity and privacy, and public consultation must be undertaken to ensure that the views of all stakeholders, including subject matter experts, are taken into account,” the letter read.

“Unchecked surveillance is a pressing concern in India — one that is severely aggravated by the new data retention mandate in CERT-In’s Directions, which impact millions of people connected in India,a said Raman Jit Singh Chima, Asia Pacific Policy Director and Senior International Counsel at Access Now, a non-profit.

“Requiring service providers, including VPN providers, to log information that they may otherwise not collect, for five years or more, violates the right to privacy protected by the Indian Constitution,” he added.

Leading VPN service providers NordVPN, Surfshark and ExpressVPN have removed their servers from India over the new directions.

CERT-In later issued a set of clarifications, stating that the rules of maintaining customer logs will not apply to enterprise and corporate VPNs.  (Agency)

Subscribe to YesPunjab Telegram Channel & receive important news updates

- Advertisement -

Yes Punjab - TOP STORIES

Punjab News

Sikh News

Transfers, Postings, Promotions

- Advertisement -spot_img

Stay Connected






Need for speed: The 5G promise, its enablers and roadblocks – by T.V. Ramachandran

The US Federal Communications Commission (FCC) recently proposed revising the definition of broadband to a minimum download speed of 100 mbps, and uploads at...

Civil services have to improve for better governance – by DC Pathak

There is a widely shared view that the All India Services, which provided the 'steel frame' of governance in a democratic India, granting Constitutional...

Will Pak Army Chief Bajwa or his successor reconcile ties with India? – by Rana Banerji

New Delhi, Aug 2, 2022- On July 25, the Supreme Court's three Judge bench headed by Chief Justice Omar Ata Bandial controversially struck down...


Health & Fitness

Low vitamin D could be behind chronic inflammation

Sydney, Aug 8, 2022- Researchers have found a direct link between low levels of vitamin D and high levels of inflammation. The findings, led by a team from University of South Australia, provides an important biomarker to identify people at higher risk of or severity of chronic illnesses with an inflammatory component. Inflammation is an essential part of the body's healing...

Gadgets & Tech

error: Content is protected !!