After India, Now US Aims To Crackdown On VPN Service Providers

Most of the companies offering Virtual Private Network (VPN) services for individuals have been accused by US lawmakers of abusive and deceptive data practices after India

A VPN is an online service that purports to give users more security when connecting to the Internet.

Deceptive advertising and abusive data practices abound in the consumer VPN industry, the lawmakers said.

As described in the letter by Anna G. Eshoo (D-CA) and Ron Wyden (D-OR), the consumer VPN industry engages in a number of abusive practices, including promoting false and misleading claims about its services, selling user data, and providing user activity logs to law enforcement, despite promising "total anonymity," and a lack of oversight.

The VPN industry is extremely opaque, and many VPN providers exploit, mislead, and take advantage of unwitting consumers, the lawmakers added.

In India, a directive from the CERT-In (Indian Computer Emergency Response Team) has also sought to impose additional compliance requirements on VPN providers.

The new rules, to be effective from September 25 that requires VPN service providers along with data centres and cloud service providers, to store information such as names, email IDs, contact numbers, and IP addresses (among other things) of their customers for a period of 5 years.

After new directions, Leading VPN service providers Surfshark, NordVPN, and ExpressVPN have removed their servers from India.

It is extremely difficult for people to determine which VPN service to trust, especially when they are in a crisis.