VPN companies providing service in India with servers in India are needed to keep logs of customer names, I.P. addresses, and usage patterns.
As of June 27, 2022, data centers, virtual private server (VPS) providers, cloud service providers, and virtual private network (VPN) service providers must obey new data retention regulations. Companies are required to maintain logs for five years. Following are required logs :
- Validated names of subscribers/customers using the services
- Period of contract, including dates
- I.P.s allotted to / being used by the members
- Email address and I.P. address, and time stamp used at the time of registration / on-boarding
- The purpose for contracting services
- Validated address and contact numbers
- Ownership pattern of the subscribers/customers hiring services
The Indian Computer Emergency Response Team (CERT-In) new regulation has similar rules for virtual asset service companies, virtual asset exchange and wallet service providers. Exchanges and custodial wallet companies should keep all Know Your Customer (KYC) information and records of financial transactions for five years.
In response to this new rule, some VPN companies have removed their servers in India.
“Our customers will still be able to use VPN servers that will give them Indian I.P. addresses and allow them to access the internet as if they were based out of India. These “virtual” India servers will instead be physically located in Singapore and the U.K.”
“In terms of the user experience, there is minimal difference. For anyone wanting to connect to an Indian server, simply select the VPN server location “India (via Singapore)” or “India (via the U.K.).”
“Virtual server locations are not new to ExpressVPN; in fact, we have been operating our “India (via the U.K.)” server location for several years. With virtual locations, the registered I.P. address matches the country you have chosen to connect to, while the server is physically located in another country. Virtual locations are used, where necessary, to provide faster, more reliable connections.”
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.