India’s new policy requires VPN services to collect and potentially turn over data on their customers, including which IP addresses they’ve been using.
India’s new data-collection policy has prompted another VPN provider, NordVPN, to remove its servers from the country.
NordVPN today said it will shut down its physical servers in India on June 26, the day before the country’s government starts requiring VPN providers to log and potentially turn over data on local Indian users.
“That means that a VPN company with servers in India may no longer be able to guarantee privacy for its users. In light of this, NordVPN has made the decision to remove all its servers from India,” the VPN’s parent company, Nord Security, told us in a statement.
India’s new policy is ostensibly intended to fight cybercrime by making it easier for government authorities to identify and nab hackers. But it requires VPN providers to collect and turn over data on Indian users, including which IP addresses they’ve been using to browse the web.
As a result, the new regulations undermine the whole point of using a VPN, which can protect your privacy by masking your computer’s true IP address. The IP address data, in particular, could be used to map out a VPN user’s browsing habits if it’s coupled with information from other web providers.
ExpressVPN became the first service to announce it was shutting down its servers in India, followed by SurfShark. NordVPN is now the third major provider to pull the plug. All three have essentially said they can’t comply with India’s new policy because none of them ever log customer traffic.
“No-logging features are embedded in our server architecture and are at the core of our principles and standards. Moreover, we are committed to protecting the privacy of our customers. Therefore, we are no longer able to keep servers in India,” Nord Security told us.
However, the company’s statement made no mention of bailing from the Indian market. So it seems NordVPN will continue serving users in the country through its IT infrastructure elsewhere across the globe. The VPN provider currently has over 30 servers in India and 5,500 worldwide.
Nord Security also questioned the wisdom behind India’s data-collection policy, which also covers IT companies, data center, and internet service providers across the country.
“From what it seems, the amount of stored private information will be drastically increased throughout hundreds or maybe thousands of different companies. It is hard to imagine that all, especially small and medium enterprises, will have the proper means to ensure the security of such data,” the company added.
It’s unclear if NordVPN will operate virtual VPN servers with Indian IP addresses to replace its physical servers in the country. But the company plans on notifying all users about the upcoming change through the NordVPN app starting on June 20. In the meantime, don’t be surprised if other VPN providers announce similar actions and decide to pull their servers too.
Also Read : ExpressVPN For Business Review