Rejecting Centre's data demand, ExpressVPN removes VPN servers in India
Virtual private network (VPN) provider ExpressVPN has made a statement move by deciding to remove its servers from India. The company announced that the decision is in the backdrop of India's Computer Emergency Response Team's (CERT-in) directive on data storage. The VPN provider called the order "overreaching" and "incompatible with the purpose of VPNs." The company, however, has other plans for its Indian users.
Why does this story matter?
The reasoning behind the CERT-in directive is that it will prevent cyber attacks. However, the directions in the order went against the basic ethos of VPN providers. Other leading VPN providers such as NordVPN, Surfshark, and ProtonVPN have also expressed concerns and may follow in the footsteps of ExpressVPN. India currently has more than 270 million VPN users.
Users of ExpressVPN can still access internet using Indian IP
The users of ExpressVPN will not have access to India-based VPN servers after the latest decision. However, through virtual servers based in Singapore and UK, users will still be able to connect to servers that provide Indian IP. The VPN provider also assured Indian customers that "their online traffic is not being logged or stored, and that it's not being monitored by their government."
Centre asks companies to store data for minimum 5 years
The directive issued by CERT-in, which will come into force from June 27, mandates VPN companies, among others, to collect and store user data for at least five years. They are also required to enable logs and maintain them for a rolling period of 180 days. In case of cyber security incidents, the directive is applicable to all entities offering services in India.
NordVPN will exit if the situation persists
ExpressVPN is not the only VPN provider that is deliberating its future in India. NordVPN has announced that if the current position does not change in the coming days, it will follow ExpressVPN's path and remove physical servers from the country. Similarly, other providers like Surfshark and ProtonVPN have expressed their concerns. It is likely that they will also follow their peers.
