Indian government wants VPNs to store and share user data


A new directive from the Ministry of Electronics and Information Technology (MeitY) and the Indian Computer Emergency Response Team (CERT-in) requires VPN companies to retain data on users for 5 years or more. The rule also applies to data centres and cryptocurrency exchanges and will come into effect from July 27.

According to a new directive, the government institutions have obligated these businesses to retain and report instances of cyber security breaches or any such related incidents and retain data on users for up to 5 years or more.

With rising cases of cyber attacks on organisations and businesses since the outbreak of COVID19, the government agencies have observed that they have been unable to get access to updated information or either face delay in transmission of the latest attacks. This has been a hindrance for the agencies to work in a more efficient and faster manner.

Read more…
Source: TechRadar