NEW DELHI: India has passed a law that now requires all virtual private network (VPN) service providers to retain user data for at least five years. The national directive does not only apply to VPN companies, but to cloud service providers, data centers, and crypto exchanges to collect specific, rich customer data, even when users delete their accounts or unsubscribe. Businesses need to store usernames IP addresses, usage patterns, other forms of identifiable information, and report “unauthorized access to social media accounts” as part of the policy. Those who do not comply face up to a year in prison.
The Cybercrime Policy issued by India’s cyber watchdog – the Indian Computer Emergency Response Team (CERT-In) – comes into effect on June 27, 2022 and requires VPN providers to provide the following data as part of the know-your-customer to store (KYC) policy for five years:
Validated name of subscribers/customers

Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.