A day after the minister of state for electronics and IT Rajeev Chandrasekhar warned VPN service providers to comply with the new guidelines or exit from India, the companies have vowed to uphold user privacy, even at the cost of facing the government's ire. The recent CERT-In directive that mandated service providers to maintain customer logs for five years did not sit well with VPN firms.
VPN providers have responded to the government's regulations and refused compliance, terming them "unimplementable" and "ridiculous."
"Windscribe does not collect or store the origin country of any customer. We have no idea where a person is from when they use our service, so Rajeev Chandrasekhar's requirements are impossible to implement," Yegor Sak, founder of Canada-based VPN firm Windscribe, told Money Control.
"Our service is free and available to anyone. We will not compromise the privacy of all our users to comply with these ridiculous requirements originating from a single country," Sak added.
Another VPN provider Mullvad is of a similar opinion.
"It is impossible for a privacy focused VPN to legally operate in India under that law." Jan Jonsson, CEO of Sweden-based, said, adding the company does not have any VPN servers, staff or infrastructure in India. "This does not apply for Mullvad, so no, we will not comply," Jonsson told Moneycontrol.
NordVPN has also said that it would remove its servers from India if it comes to that. The government hasn't responded to this collective stand against CERT-In's directive.
Comply or leave; India warns VPN services
CERT-In's directive mandated VPN service providers and cloud service providers have to maintain customer logs such as their names, IP addresses, etc., for a period of five years. It was later clarified that corporate and enterprise VPNs are exempted from the regulations.
Chandrasekhar warned VPN services in India to maintain logs or exit the country. "There is no opportunity for somebody to say we will not follow the laws and rules of India. If you don't have the logs, start maintaining the logs. If you're a VPN that wants to hide and be anonymous about those who use VPNs... (then) you will have to pull out (from the country)," he said.