India’s new regulation on “online privacy protection” is already having significant consequences… on VPNs! All VPN services (or almost) have stopped their activities in the country. new law Computer Emergency Response Team (CERT) requires this service to retain its users’ data for 5 years (name, IP address, email address) in order to transmit this data to the authorities on a simple request, most of which cannot be done technically (servers are often moved to tax havens) or don’t want to do it (because it violates the same service confidentiality promise). The giant NordVPN has just stopped its activities in India, the servers are located in Panama.
Service iCloud Private Relay also affected by CRT, but Apple has not reacted to this new deal. iCloud Private Relay is a VPN service only available for Safari, but there’s no reason for Apple to circumvent the new rules. Apple’s silence in this regard has become even more significant as many Indian Internet users have been screaming in frustration for several days calling for an end to free Internet in their country. The fact remains that Apple has massively removed some of it supply chain in India, and that in this context, it is not impossible for Apple to cynically take the decision not to throw oil on the fire in order to stay on the local decision-maker’s parchment paper.