Directions to VPN providers to collect customer data

Recently, the Indian Computer Emergency Response Team (CERT-In) issued a new directive to Virtual private network (VPN) service providers.

What is the directive about?

The CERT-In directive mandates that Virtual private network (VPN) service providers must maintain all customer data for five years.

What data should be maintained by the VPN service providers?

The CERT-In asked VPN service providers to maintain details such as the validated names of their customers, the purpose and period for which they hired the service, the IP addresses allotted to these users, the email addresses, etc.

Why CERT-In want to collect these details?

The CERT-In wants to effectively trace anti-social elements and cybercriminals indulging in various nefarious activities online.

What is a Virtual private network (VPN)?

A virtual private network (VPN) creates a safe network within the larger global network of the internet and masks the Internet Protocol address (IP address) of the user.

How does a Virtual private network (VPN) work?

A virtual private network (VPN) acts as a tunnel and takes data originating from one server and masks it in a different identity before delivering it to the destination server (rerouting data). Thus, a VPN creates proxy identities of data and delivers it safely without disturbing the content of the data.

What is the advantage of VPN?

The main advantage is that VPN provides privacy or anonymity. VPN has also been of vital importance in countries that try to suppress dissent.

How did VPN service providers react to the new directive?

According to VPN service providers, the new directive will result in a total loss of privacy for the users. Since privacy is the most important unique selling point of such services, loss of privacy will destroy the business.

What is CERT-in?

Computer Emergency Response Team (CERT-In) is the government’s nodal agency for detecting and responding to cyber incidents. It is under the Union ministry of electronics and information technology (MeitY).


Month: 

Category: 

Leave a Reply

Your email address will not be published. Required fields are marked *