VPN providers may be forced to pull out of the Indian market over a new law that undermines the privacy VPNs offer.
India passed the Cyber Security Directions, a directive that requires VPN providers to keep records of customer names, IP addresses, email address, financial transactions, and more for a period of five years. India has now signaled there will be no tolerance for companies that refuse to comply, according to TechCrunch.
Numerous companies have expressed concern over the laws, especially VPN providers that specifically guarantee anonymity. Many, such as Mullvad, NordVPN, ExpressVPN, ProtonVPN, and others guarantee their customers a service that doesn’t track them or keep the kind of logs the Indian government wants.
“The new Indian VPN regulations are an assault on privacy and threaten to put citizens under a microscope of surveillance. We remain committed to our no-logs policy,” said ProtonVPN.
Rajeev Chandrasekhar, the junior IT minister of India, told TechCrunch that VPN providers who conceal who uses their services “will have to pull out.”
The only services exempted are corporate and enterprise VPNs. The new directive goes into effect for everyone else in June.
