The Indian government has passed a law that now demands all VPN service providers record their users for five years. Although necessary from a security point of view, this new rule violates the basic tenets of a VPN and has rendered them pointless for several users.
Individuals and businesses use VPNs to encrypt their online presence and activities. The new national directive applies not only to VPN companies but also to cloud service providers, data centers, and crypto exchanges to collect specific, extensive customer data and hold onto it for at least five years. Companies will also have to report “unauthorized access to social media accounts” as part of the directive.
A VPN function is to mask the IP address and assigns them a temporary or a shadow IP address. Most commonly, this is used to transcend geopolitical boundaries, and access content on the internet restricted in certain areas. VPNs have been essential for users who want to maintain their online privacy for a long time.
Corporate agencies also use VPNs to allow their employees to remotely log in to their work systems without risking any compromises that would put them in jeopardy.
The core feature of a VPN is that the websites you visit are delinked from your IP address. India has never had any legislation that outright banned VPNs. However, if VPN service providers do not comply with the directive, they will be rendered illegal.
While there are several benefits of using a VPN, especially for businesses and several corporate entities, a few harmful elements give VPNs a lousy reputation. We look at a few of the reasons that made the Indian Government introduce this mandate.
Strengthening National Security
Be it digital security or the security of our borders, a few harmful elements have been actively using VPNs to avoid being detected. Hackers worldwide use VPNs to operate and launch cyberattacks on government institutions. From infiltration of borders by smuggling cartels or sharing national secrets that would compromise a wall, there have been several recorded incidents in our history where people have used VPNs to collaborate with external forces. This is the biggest reason why the Government of India has made it necessary for service providers to keep a record of their user’s activities.
Several antisocial elements have used VPNs to disguise themselves and their locations so that they could post inflammatory statements and comments that would stoke communal fires in a society. For example, there have been several incidents where certain people have posed as residents of a different country or a community and made some pretty disturbing statements on social media.
Cracking Down On Money Laundering
With digital banking and cryptocurrency, money laundering has become very sophisticated and extremely difficult to crack down on. VPNs further complicate the issue. A person sitting in India can quickly get millions of dollars from illegal sources in the form of crypto without any identifiable trace.
Cracking Down On Online Piracy
There are legitimate ways of sharing and consuming goods protected by intellectual property rights, and then there’s piracy. Over the last couple of years, governments have cracked down on piracy rigorously. However, VPNs still allow bad actors to get away with online piracy.
Implementing Content Censorship
Censorship in India is a very tricky subject. On the one hand, there is the entire concept of freedom of speech and thought. On the other hand, we have several communities and sentiments to protect. Certain pieces of content often get prohibited from the public domain for their potential to incite communal tension. However, VPNs allowed users to consume such content and for it to be shared.
It will be interesting to see whether certain VPN companies launch India-specific VPNs that abide by the new directions set forth by the Indian Government or if they plan to stop servicing the Indian market. Indian corporate businesses are a significant source of income for several VPN and cloud service providers, thanks to the prolific IT businesses. Indeed, for many of these service providers based out of Asia, letting go of their Indian customer base isn’t a viable option.