Express VPN’s tough decision against the new cyber security rules
ExpressVPN has pulled its servers from India after the CERT’s new cyber security regulations. The first major virtual private network (VPN) provider to do so in the country. ExpressVPN states that it refuses to participate in India’s attempt to cap internet freedom.
The new rules mandate that the VPN providers shall store user data for a term of five years. Data includes names, email IDs, contact numbers, and IP addresses of their clients. Moreover, The new cyber rules directed to report security breach incidents to CERT-In within six hours.
CERT works under the IT ministry and has asked e-commerce giant Amazon and virtual private network firms to keep their customers’ identities and IP addresses for at least five years, even after they discontinue the company’s services.
IT Minister Ashwini Vaishnav, in an interview, said, “nothing to worry about CERT-In’s norm. There is no privacy crisis. Suppose somebody puts on a mask and shoots; wouldn’t you ask them to remove that? It is like that.”
Top VPN infrastructure companies claim that the design of a VPN is to ensure the user’s anonymity; retaining any of the details of the users will be against their service and violates the user’s fundamental digital rights.
What is your opinion on the issue?
What's Your Reaction?
