Government invites VPN service providers for discussions after ExpressVPN and Surfshark shut down servers in India

Government invites VPN service providers for discussions after ExpressVPN and Surfshark shut down servers in India
Representational image.Unsplash
  • The government has reportedly invited VPN service providers to discuss the new cybersecurity guidelines.
  • The new guidelines by the government mandate VPN service providers to record and store user data.
  • This comes after ExpressVPN and Surfshark announced that they are shutting down servers in India.
The Ministry of Electronics and Information Technology has invited virtual private network (VPN) service providers and other stakeholders such as cybersecurity experts, legal experts and tech policy groups to discuss the cybersecurity guidelines issued by the Indian Computer Emergency Response Team’s (Cert-In).

The country’s cyber watchdog on April 28 had issued guidelines that mandated VPN service providers to record and store user data for a period of five years. The guidelines are scheduled to come into effect from June end.

Recording and sharing user data goes against the basic principles of VPN and companies have expressed their reservations over the new guidelines.

Complimentary Tech Event
Discover the future of SaaS in India
The 6-part video series will capture the vision of Indian SaaS leaders and highlight the potential for the sector in the decades to come.25th Aug, 2022 Starts at 04:00 PM (40 mins)Register Now
Our Speakers
Dan Sheeran
Sandeep Gupta
Soon after the announcement, companies like ExpressVPN, NordVPN and PureVPN among others had criticized the guidelines, claiming that they do not record any user data.

ExpressVPN and Surfshark, two popular VPN service providers have already announced that they are shutting down their servers in India over the new VPN guidelines issued by the government.


According to an Economic Times report, the IT ministry has invited the stakeholders to discuss the impact of the guidelines issued by Cert-In on April 28.

“It is a high-level meeting in which policy heads from various companies will also be present. There will be discussions primarily on the Cert-In directives which were issued on April 28, and whether it has had an adverse impact on the startup ecosystem yet. We also expect senior officials from other ministries to be present,” a source familiar with the matter told ET.

VPN service providers aren’t the only ones that are against the new guidelines. The Internet Freedom Foundation said, “The directions were released by CERT-In without any public consultation with technology and cyber security experts, which has led to the inclusion of multiple unwarranted provisions.”


Corporate VPNs will reportedly not be affected by the new VPN guidelines in India

After ExpressVPN, Surfshark is shutting down servers in India over government guidelines

SBI Cards, PhonePe, Google Pay to benefit from RBI allowing credit cards to be linked to UPI, say analysts