Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy The Internet Network

Rejecting Data Demands, ExpressVPN Removes VPN Servers In India (indianexpress.com) 29

ExpressVPN has removed its servers from India, becoming the first major virtual private network (VPN) provider to do so in the aftermath of the recent cybersecurity rules introduced by the country's cybersecurity agency. The rules require VPN providers to store user data for a period of five years. ExpressVPN said it "refuses to participate in the Indian government's attempts to limit internet freedom." The India Express reports: In a blog post, the British Virgin Island-based company said that with the introduction of the new cybersecurity rules by the Indian Computer Emergency Response Team (CERT-In), it has made a "very straightforward decision to remove our Indian-based VPN servers." While ExpressVPN is the first to pull its services from India, other VPN providers like NordVPN have also taken a similar stance.

The guidelines, released by CERT-In on April 26, asked VPN service providers along with data centers and cloud service providers, to store information such as names, e-mail IDs, contact numbers, and IP addresses (among other things) of their customers for a period of five years. The government said it wants these details to fight cybercrime, but the industry argues that privacy is the main selling points of VPN services, and such a move would be in breach of the privacy cover provided by VPN platforms.

ExpressVPN described the cybersecurity rules as "broad" and "overreaching." "The law is also overreaching and so broad as to open up the window for potential abuse. We believe the damage done by potential misuse of this kind of law far outweighs any benefit that lawmakers claim would come from it," ExpressVPN said. It added that while CERT-In's rules are intended to fight cybercrime, they are "incompatible with the purpose of VPNs, which are designed to keep users' online activity private." Indian users of ExpressVPN will still be able to use its service via "virtual" India servers located in Singapore and the UK. "We will never collect logs of user activity, including no logging of browsing history, traffic destination, data content, or DNS queries. We also never store connection logs, meaning no logs of IP addresses, outgoing VPN IP addresses, connection timestamps, or session durations," the company said.

This discussion has been archived. No new comments can be posted.

Rejecting Data Demands, ExpressVPN Removes VPN Servers In India

Comments Filter:
  • by Notabadguy ( 961343 ) on Thursday June 02, 2022 @05:06PM (#62588206)

    India needs to spend more time cracking down on its internal cybercrime and world-leading fraudulent call center and scamming activities, and less time persecuting privacy advocates around the world.

    • by Anonymous Coward

      India isn't trying to persecute privacy advocates around the world. They are trying to crack down in dissidents any way they can, but since they are "anti-China", the world turns a blind eye.

      • It makes me think that these billion people countries should absolutely be broken up. No government should be responsible for one in seven human beings alive. IF they managed to keep control, it can only be done by authoritarian means. And, even if it is a democracy, if 400,000,000 people decent, should they be ignored for the 600,000,000? The country should be broken up into smaller states.

        This message brought to you by someone out of the Indian governments sphere of surveillance.
        • Interesting idea, but it ignores the basics of how a functioning nation-state exists. Think national resources, self-defense, economy, etc.

          Besides which, who is responsible for breaking it up? If it doesn't break itself up, do you want and expect other countries to invade and break it up? By what right does any country have to do so?

        • And, even if it is a democracy, if 400,000,000 people decent, should they be ignored for the 600,000,000? The country should be broken up into smaller states.

          You address this issue the same way it was done in the US: Split the country into districts, and put those 400,000,000 people into districts with smaller population. Now give each district almost equal power.

          That way, you get 600,000,000 people ignored in favor of the 400,000,000.

          Problem solved.

          • Isn't that backwards? The US is a Federation of sovereign States, so not split into districts but comprised of 50 distinct parts.
            • You can apply whatever semantics you want, and you can even bandy the weakest interpretation of the word "sovereign" this side of all those Native Americans' "Nations", but the outcome is the same.

        • I think people like you should be exterminated. Sitting on vast swathes of stolen land, bombs built by stolen money, threatening to use it on people with culture older than your genealogy and why? Because cause they are not exterminating pests like you.

          BTW, India was broken already so that it doesn't get close to Russia. How is your friend Pakistan doing? Not enough 911 I see.

        • Well, it is technically a Federation, so I think you're just advocating to shift more power from the Federal government to the States, right?
      • Yeah, electing a Socialist pretty much means it's going to be real difficult to elect anyone else ever again.
    • by taustin ( 171655 )

      Maybe the scammer fraud centers are using VPNs to hide their location to avoid prosecution.

      Maybe this is them cracking down on scammers.

      (I'm not holding my breath, though.)

  • In US, CIA/FBI runs center at ATT (and may be at other providers too) and collects all these data and ATT is not even allowed to talk about it. So if the same VPN operators are doing the same thing as India is asking, we won't even know about it because saying it publicly would be a crime by itself.

    • In US, CIA/FBI runs center at ATT (and may be at other providers too) and collects all these data and ATT is not even allowed to talk about it.

      Never forget Qwest [wikipedia.org]

      So if the same VPN operators are doing the same thing as India is asking, we won't even know about it because saying it publicly would be a crime by itself.

      If they don't have a warrant canary, don't use them.

      Even if they do, don't use them. Use a foreign provider.

  • Unlike most countries, India has a terrorist infestation. There are a myriad forces trying to ensure that the largest democracy disintegrates. Privacy does not trump human lives.
    • Unlike most countries, India has a terrorist infestation. There are a myriad forces trying to ensure that the largest democracy disintegrates. Privacy does not trump human lives.

      Ah yes. The old "I only beat you because I fucking love you." defense.

      • Ah yes. The old "I only beat you because I fucking love you." defense.

        Wow, so soon! The peaceful / CCP brigade is wide awake! If you are not one, go read up the paradox of tolerance.

        • by gweihir ( 88907 )

          , go read up the paradox of tolerance.

          Which _you_ obviously have not understood at all.

        • by lsllll ( 830002 )
          What does spying on your citizens have to do with tolerance? Or do you think that they need to spy in order to root out intolerance? I don't think you've really thought what you're saying through. India is NOT a tolerant country. They have to first get to be a free country and tolerant before they have to worry about intolerants.
    • by gweihir ( 88907 )

      Privacy does not trump human lives.

      Actually, privacy protects human lives. It is a matter of degree and scales, but your idiotic statement screams after being abused.

  • This is just one reason why Internet-connected devices are a bad idea.
    We got to the point where even turning it off and back on again doesn't help.

  • gj express, youre on the shortlist
  • India gov leaders are shooting themselves in the foot
  • Just spoke to PIA support: "With their data requirements of 5 years, we have removed our servers from India. You can connect to our India server to get India IP but the physical server is geolocated in Singapore." I think that they're all going to jump ship on this.

Like punning, programming is a play on words.

Working...