Rahul Verma reports:
The Indian government has introduced a new IT policy that requires virtual private network companies (VPNs) to collect extensive customer data and maintain it for five years or more. The directive came from Computer Emergency Response Team, CERT-in. The new policy lists data centers and crypto exchanges under the same provision. The new policy will get into effect starting in late June 2022.
VPN companies will have to keep user information even after they delete their account or cancel their subscription.
Read more at Business Insider India.
VPN providers are debating pulling out of India. NordVPN says it may pull out to protect users’ privacy. Other VPN providers are considering their options.