Sunday, December 15, 2024
spot_img

Now NordVPN to remove servers from India over new CERT-In data norms

Date:

Share post:

spot_img
spot_img

New Delhi, June 14 (IANS) Leading virtual private network (VPN) service provider NordVPN on Tuesday announced it will remove servers from India over a recent cybersecurity directive from the Indian Computer Emergency Response Team (CERT-In).

Panama-based NordVPN joins Surfshark and ExpressVPN in removing its servers from the country over the April 28 directive from India’s cyber agency that seeks additional compliance requirements for all VPN providers whose users are in the country.

“As one of the industry leaders, we adhere to strict privacy policies, which means we don’t collect or store customer data. No-logging features are embedded in our server architecture and are at the core of our principles and standards,” a NordVPN spokesperson said in a statement.

“Moreover, we are committed to protecting the privacy of our customers. Therefore, we are no longer able to keep servers in India,” the company added.

The new cybersecurity norms asked VPN service providers along with data centres and cloud service providers, to store information such as names, email IDs, contact numbers, and IP addresses (among other things) of their customers for a period of five years.

CERT-In later issued a set of clarifications, stating that the rules of maintaining customer logs will not apply to enterprise and corporate virtual private networks (VPNs).

Earlier this month, ExpressVPN announced it has removed its India servers from the country, terming the CERT-In norms as “incompatible with the purpose of VPNs, which are designed to keep users’ online activity private”.

Surfshark later announced to shut down its servers in the country.

Another player Proton VPN said in a tweet that the new CERT-In norms are “an assault on privacy, and that it will continue maintaining its no-log policy”.

“The new Indian VPN regulations are an assault on #privacy and threaten to put citizens under a microscope of surveillance. We remain committed to our no-logs policy and recommend everyone using our servers in India to follow these guidelines,” it had tweeted.

Internet Freedom Foundation (IFF) had called on CERT-In to recall “Directions on Information Security Practices issued on April 28 that go into effect on June 27”.

“These directions are vague. They undermine user privacy and information security, contrary to CERT’s mandate,” the IFF had tweeted.

“At the outset we note that non-compliance of these directions issued under Section 70B carry a potential criminal liability for imprisonment. Hence, there needs to be greater care on, who they apply; what are the compliance demands; and their link to cyber security,” it added.

The directions apply to “all service providers, intermediaries, data centers, body corporate and government organizations”.

spot_img
spot_img

Related articles

A President’s Bodyguard shows his skills at the President’s Bodyguard Parade Ground in New Delhi on Saturday

A President’s Bodyguard shows his skills at the President’s Bodyguard Parade Ground in New Delhi on Saturday. (PTI)

B’deshi drones near Sohra, Shella border raise concerns

By Our Reporter SHILLONG, Dec 14: Several Bangladeshi Bayraktar TB2 unmanned aerial vehicles (UAVs) have been detected flying close...

‘Ban’ on worship at cave: Assam group threatens to disrupt road links to M’laya

From Our Special Correspondent GUWAHATI, Dec 14: An Assam-based organisation called Kutumba Suraksha Parishad (KSP) has reiterated its threat...

Bill on simultaneous polls undemocratic: State Cong

By Our Reporter SHILLONG, Dec 14: The Opposition Congress has termed the ‘one nation one election’ (ONOE) bill to...