India has just issued a new order that appears to be a step against data privacy. The government is now asking VPN based companies to collect and provide it with user data.

India

According to an Entrackr report, the government wants Virtual Private Network firms to collect the user’s data for five years on their servers and then eventually hand it over to the government. This order is not limited to just VPN based companies and even targets Cloud and Crypto based firms as well. The report adds that firms that do not comply with this order may face prison sentence up to a year under the Section 70B(7). This order has been issues by a department under the Ministry of Electronics and IT, which is known as Computer Emergency Response Team (CERT-in).

The department has urged VPN companies to collect sensitive user data, which includes their customer’s names after validating them. Furthermore, they would even have to store other forms of information of the user like their IP addresses, usage patterns, and even other forms of identifiable information as well. All in all, the IT Ministry department stated that these efforts are being made to “coordinate response activities as well as emergency measures with respect to cyber security incidents.” However, this is a major step against data privacy since companies are now legally allowed and required to collect and store your data as per the new order.

India

The VPN, cloud, and crytpo based firms will begin collecting data starting from the date of 27th June 2021. So, the process is already underway. Unfortunately, many firms might face difficulties (especially VPN firms) that advertise their services with a no logs policy. Additionally, VPN users typically use the service to hide their original IP address and online footprint. This even helps in hiding their IP addresses from malicious individuals like hackers. So, collecting such user data defeats the purpose and makes data leaks more likely in the near future.

RELATED:

 

RELATED ARTICLESMORE FROM AUTHOR