New Delhi: Weeks after CERT-In or Computer Emergency Response Team asked virtual network providers (VPN) service providers in India to collect and store extensive user data for at least five years, British Virgin Islands-headquartered popular VPN service provider ExpressVPN has removed its India servers. The leading VPN service company announced on Twitter that it is removing all India-based servers.
"ExpressVPN removes VPN servers in India. Users will still be able to connect to VPN server locations that will give them Indian IP addresses," the company wrote on Twitter on Thursday.
Don't miss: Will New CERT-In Rules Affect Users And VPN Players? Here's What NordVPN And Experts Say
"With a recent data law introduced in India requiring all VPN providers to store user information for at least five years, ExpressVPN has made the very straightforward decision to remove our Indian-based VPN servers. Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located in India. These 'virtual' India servers will instead be physically located in Singapore and the UK," the company wrote in a blog post.
Know all about ExpressVPN
The company is a renowned VPN (Virtual Private Network) service provider which was widely popular among Indian internet users. Founded 13 years ago, ExpressVPN is headquartered in the British Virgin Islands and is owned by Kape Technologies, an adware platform based in the UK. ExpressVPN is also a founding member of an advocacy group for online safety of internet users named VPN Trust Initiative.
Last year, Kape Technologies had acquired ExpressVPN as part of a $936 million deal, when the parent firm had added ExpressVPN to its existing portfolio of other VPN services and anti-virus solutions.
What do new CERT-In rules for VPN firms say
Meanwhile, earlier in May, India's nodal agency CERT-In that deals with cyber security threats, hacking and phishing asked VPN service providers in the country to collect and store extensive user data for at least five years, citing objectives like fighting cybercrime and invoking the country's integrity and sovereignty. The new CERT-In rules come into effect later this month.
ABP Live had spoken to NordVPN, a leading VPN service provider operating in India that said the directive will hurt VPN companies in the country to some extent. NordVPN had also mentioned that it intends to have a dialogue with the government for a "middle ground".