Recently, the Indian Computer Emergency Response Team (Cert-In) issued new directives that require Virtual Private Network (VPN) providers to store user data for five years.
What is VPN?
- VPN describes the opportunity to establish a protected network connection when using public networks.
- It encrypts internet traffic and disguise a user’s online identity.
- This makes it more difficult for third parties to track your activities online and steal data.
- The encryption takes place in real time.
How does it work:
- A VPN hides your IP address by letting the network redirect it through a specially configured remote server run by a VPN host.
- This means that if you surf online with a VPN, the VPN server becomes the source of your data.
- This means your Internet Service Provider (ISP) and other third parties cannot see which websites you visit or what data you send and receive online.
- A VPN works like a filter that turns all your data into “gibberish”. Even if someone were to get their hands on your data, it would be useless.
What does the new CERT-IN directive say?
- VPN providers will need to store validated customer names, their physical addresses, email ids, phone numbers, and the reason they are using the service, along with the dates they use it and their “ownership pattern”.
- In addition, Cert is also asking VPN providers to keep a record of the IP and email addresses that the customer uses to register the service, along with the timestamp of registration.
- Most importantly, however, VPN providers will have to store all IP addresses issued to a customer and a list of IP addresses that its customers generally use.
What does this mean for VPN providers?
- VPN services are in violation of Cert’s rules by simply operating in India.
- The Indian government has not banned VPNs yet, so they can still be used to access content that is blocked in an area, which is the most common usage of these services.
- However, journalists, activists, and others who use such services to hide their internet footprint will have to think twice about them.
- Crime control: For law enforcement agencies, a move like this will make it easier to track criminals who use VPNs to hide their internet footprint.
- Curbing dark-net activities: Users these days are shifting towards the dark and deep web, which are much tougher to police than VPN services.
READ MORE: Daily Prelims Booster
READ MORE: Daily News Analysis