A Virtual Private Network, also known as VPN, is a service that allows users to establish a safe network connection when using public networks. VPNs function by encrypting internet traffic and hiding the user’s online identity, which makes it more difficult for third parties to track online activities and steal data. An Internet Protocol Address (IP Address) is a numerical label allotted to each device that is connected to a computer network. The Indian Computer Emergency Response Team (CERT-In) is an organization under the Ministry of Electronics and Information Technology whose primary aim is to secure Indian cyberspace.
Role and Functioning of VPNs
VPNs function by hiding the user’s IP address, redirecting it through a remote server run by a VPN host. When a user is surfing online with a VPN, the VPN server becomes the source of data. This means Internet Service Providers (ISP) and other third parties cannot see which websites the user visits or what data is sent and received online.
Benefits and Limitations of VPNs
A VPN connection disguises online data traffic and protects it from external access. However, unencrypted data can be viewed by anyone who has network access. Moreover, regional web content is not always accessible from everywhere. With VPN location spoofing, one can switch a server to another country and effectively change location. VPN services connect to private servers and use encryption methods to reduce the risk of data leakage. Despite the advantages, there are some drawbacks such as reduced internet speed and vulnerability to malware.
New Rules Related to VPNs in India
The Union Ministry of Electronics and Information Technology recently issued new norms that require VPN companies to record personal information of their users for a period of five years, including names, email id, phone number, and IP address. Furthermore, these entities are required to report cybersecurity incidents to CERT-In within six hours of becoming or being made aware of them.
Rationale Behind the New Rules
The key objective behind these new rules is to “enhance overall cyber security posture and ensure a safe & trusted internet in the country”. It was also noted that CERT-In has identified “gaps” in its methods of analyzing online threats, which necessitated the new norms for reporting cyber incidents.
Virtual Servers – A Brief Overview
A Virtual Server is a simulated server environment built on an actual physical server. This virtualization technique allows organizations to use processing power and resources more efficiently. Such servers also offer higher security levels as the operating system and applications are enclosed in a virtual machine, which helps confine security attacks and malicious activities within the virtual machine.
Issues With the New VPN Rules
As per the new guidelines, customers will have to go through a stringent know-your-customer (KYC) process while signing up to use a VPN and will have to state the purpose of using the services. Many VPN providers are mulling the implications of the new rules and some have even threatened to pull back their service from the country. For example, Nord VPN, one of the world’s largest VPN providers, has announced it is moving its servers out of India.
Last Modified: February 15, 2024