Indian Govt’s New Order Asks VPN Companies to Collect and Provide it with User Data

The new order issued by CERT-in will be a major challenge to most VPN companies.


The Indian government has released a new order for Virtual Private Network (VPN) companies. The VPN companies have been asked to collect the user’s data for five years on their servers and hand it over to the government. This order is applicable for Cloud and Crypto companies as well. Entracker reports that companies not complying with the order could face up to a year in prison under the Section 70B(7).

The order has been released by a department under the Ministry of Electronics and IT. known as Computer Emergency Response Team (CERT-in). The department has asked the VPN companies to collect their customer names and validate them. Further, they should have to store the details such as IP addresses, usage patterns, and various forms of identifiable information. These rules are said to have come in as an effort to “coordinate response activities as well as emergency measures with respect to cyber security incidents.

No Way Around it

If you are thinking that canceling the subscription or deleting the account will restrict these companies from collecting your data, then you are wrong. Even if you cancel your subscription or delete the account, the companies will still be allowed to store your data legally as per the new order.

The VPN, cloud, and most of the database companies will have to start storing the user’s data from June 27, 2021. However, the CERT-in is expected to extend the timeline to give respective companies to give more time to comply with the new law. It is not clear whether this law is applicable to Indian companies only or also to the foreign organizations that work in the Indian ecosystem.

Also Read: Best Free VPN for PC in India: Proton VPN, Windscribe,, and More

This law will be a challenging step for most VPN companies as they offer a no-logs policy or store the user’s data on a temporary basis. The Virtual Private Network app is used by users to hide their original IP address and online activities. They are also useful in multiple ways such as keeping hackers away from accessing your IP address, browsing a restricted website, and accessing any personal data on a public Wi-Fi.

What do you think about the new law issued by the Indian government and will you like the government to have access to your online activities? Let us know in the comments section.