India has pushed back the deadline for new rules governing VPNs by three months amid an uproar that has seen some providers leave the country.
India’s Computer Emergency Response Team (CERT-in) was set to enforce new rules that would require VPN providers to maintain information and records on their customers, including full names, contact info, reason for using a VPN, dates when they used it, and much more. According to TechCrunch, India has decided to delay the implementation of the rules for three months until September 25.
VPNs have been working to respond to the new rules. ExpressVPN and NordVPN made the decision to shut down their servers in-country, while other VPN providers threatened to do the same. Both companies would still provide services to the market, but customers in India would need to connect via servers outside the country. Other providers are still trying to determine the best path forward for them and their customers.
Cybersecurity experts around the globe have denounced the regulation, saying it would severely weaken privacy and security for the Indian market. It remains to be seen if India will back down permanently or if this is just a temporary reprieve.