New VPN Norms - Government's Take On Privacy

New VPN Norms – Government’s Take On Privacy

VPN has always been a subject of debate in India. 

As per AtlasVPN’s report, India had over 348 million VPN downloads in 2021. Despite having such popularity in 2021, the government recommended a VPN ban in India for privacy concerns. Although the ban didn’t occur, the Indian government has introduced some new VPN norms or regulations for users, mainly for VPN companies. 

In April 2022, India’s Computer Emergency Response Team (CERT) announced a new regulation that VPN companies in India will have to collect and store customers’ data for at least five or more years. 

Unsurprisingly, these new VPN Norms are creating a lot of buzzes. How will this new law affect VPNs? How will it impact users? Are VPNs illegal in India? There are lots of questions arising. 

To answer all your questions, we’ve compiled everything you need to know about the new VPN norms in India. But before digging deeper, let’s start with the basics: What is a VPN? 

What Is A VPN?

A virtual private network (VPN) is a technology that allows you to connect securely to private networks over public networks. It creates an encrypted connection between your computer and a server so that your internet traffic is encrypted and can’t be intercepted by anyone else.

With a VPN, you can access websites in countries where they might not be available, or you can use it to get around censorship (a lot of countries have strict firewalls that block specific sites), secure remote work, and browse the internet anonymously.

What Are The New VPN Norms?

The key takeaways from the new VPN rules are:

  • According to the new law, all VPNs must gather and store user data (user names, physical address, email address, and phone numbers) for five or more years. 
  • VPN companies also have to keep a log of the reason behind using the service. 
  • VPNs should record all the IP addresses used by users to register. 
  • Along with VPN services, virtual service network providers, data centers, and cloud service providers have also been requested to keep track and store similar user data. 
  • VPN services must report cybersecurity incidents to CERT within six hours of becoming aware of them. 

What Is the Government’s Take On These New VPN Norms?

The main purpose of the government behind imposing these new VPN rules is to improve the “cyber security posture” and ensure people have access to a “safe and trusted internet”.

The CERT also informed that they had identified gaps in safeguarding against online threats. That’s why they’ve published the new norms to prevent cyber attacks. 

“If you are a VPN provider, if you are a data centre operator, if you are a cloud provider, and if you’re an enterprise, you have an obligation to know who’s using your VPN infrastructure… If there is a detected cyber incident or cyber breach — from one of the people using your VPN or your cloud or your data centre, it is your obligation to produce the data,”Rajeev Chandrasekhar,  Union Minister of State for Electronics and Information Technology

How The New VPN Norms Impact Users & Companies 

The new rules received a lot of backlashes from the VPN companies. After all, the primary goal of VPN services is not to collect users’ personal information. 

The new norms will force these companies to store customer data which will increase costs and affect user privacy. 

India is among the top 10 VPN users around the globe. Various companies and individuals use VPN services to safely access private WiFi networks, remain anonymous, and many more. 

Several techies, students, and companies use VPNs to protect their data from third-party apps.

But with the new norms, they must go through a KYC process while registering a VPN. So, all VPN users will have their private data exposed to the government. 

It is also unclear how the government may use this data in the future. This raises a concern about the right to privacy for every individual. 

The Internet Freedom Foundation said the new norms lead to more concerns, such as the private enterprises and government “having more data than necessary”.

Several VPN companies like NordVPN, ProtonVPN, SurfShark, and ExpressVPN, have said that they are planning not to follow the newly imposed rules of India. After all, privacy is the main reason behind users investing in their premium plans. 

As per several VPN companies, they’ll continue to offer their no-logs policy to the users and threaten to pull back their service from India. 

The Bottom Line 

Despite all the backlashes from cybersecurity experts, stakeholder companies, and business advisory groups, the Indian government is pretty much firm on their new VPN norms. 

“If you don’t want to go by these rules, and if you want to pull out, then frankly … you have to pull out.” – Rajeev Chandrasekhar,  Union Minister of State for Electronics and Information Technology

The privacy experts have sought public consultation on this matter, asking for more tech industry involvement to find a solution that suits every individual. Lastly, it’s needless to say that it will be interesting to see if the VPN companies manage to implement the new norms before the deadline of September 25, 2022.   

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs, easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.
You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

Data Fabric To Weave Safer Financial Technology- How It Can Be Used To Improve Financial Services

The excellent offerings of fintech firms derive from the creativity of startup founders and the people they drive to work for their companies, who have changed the financial technology industry as we know it. These innovators see everything possible and let their imaginations run wild when crafting ways to enhance our digital interactions. As a result of this dynamism, some fintech startups have achieved incredible success.

Conventional banks are catching up with newer fintech companies by providing fintech-like experiences and innovative new products. Perhaps these banks are inspired or threatened by what they see in the fintech industry. But, regardless of their drive and motivations, they are increasingly willing to up their game to the plate and compete with novel fintech offerings. This is because fintech and multiple banks — at least those that want to be around in the future — clearly understand that state-of-the-art technology is vital to remain competitive in the sector.

Thus, banks, other financial institutions, and fintech companies deploy new technology to meet their implied promise to customers that if the customers come to them, they will get better services, offerings, and products. This is how AI-artificial intelligence, machine learning, deep learning, big data, and data science have entered the finance industry. Therefore, financial institutions should obtain as much data as possible to use this technology and provide a competitive service and good user experience without compromising data privacy.

The Fundamental Requirement In Financial Technology

This fundamentally requires financial institutions(FIs) to consider the regulatory constraints on data access and use. A further challenge is that, while many companies might be great at collecting mass and personal data, they may actually have difficulties uncovering actionable insights that could help them provide better banking offerings and customer experiences. It certainly does not help that more extensive and older financial companies deal with data silos, legacy systems, and unstructured data. And then, there is the big baddie of cyber security, which leads many executives to hold back when developing new strategies for collecting and using customer data.

Data is the new oil. It’s precious, but they can not use it if it is unrefined. It has to be transformed into gas, plastic, chemicals, etc., to create a valuable entity that drives profitable activity, so all data(even personal data) must be broken down and analyzed to generate value.

Many would agree with this analogy. But unfortunately, companies have difficulty truly managing the vast amount of data and information available in our technologically networking world. This data is stored in various formats and places, making it challenging to fully utilize its power and potential. In addition, this data is increasing exponentially due to the digital footprint that all the customers leave on all the available online services they use.

Data Fabric- Handling The Issue Of Mass And Personal Data In Financial Technology

The problem is that we have too much data. This is precisely where data fabric will help companies. The data fabric’s value is that it enables improved insights because it provides access to more data from an extensive pool of varied and distributed data sources. This is on-premises or in public clouds that businesses usually use and identifies the specific relationships between data to provide better context. In addition, the data fabric ensures proper data governance, which is vital when scaling the utilization of data for analytics and AI.

This ensures proper data governance and allows companies to implement a winning technology strategy. In addition, a data fabric architecture will enable companies to utilize a hybrid and a mixture of multiple clouds, allowing portability in data storage and applications. For instance, IBM’s definition of a hybrid cloud includes on-prem data stores and applications, not necessarily just an on-prem private cloud.

Despite the challenges and hurdles posed by an excess of data, numerous players in the financial technology sphere are moving in the right direction, seeking to overcome the significant obstacles that come with the increased implementation of artificial intelligence and customer demands for personalization. Data fabric addresses multiple issues companies face in their attempts to better and update their technology strategies. Furthermore, it helps institutions comply with strict privacy regulations while using customer data.

Taking It A Step Further

In financial technology services, tech-savvy users long for personalized offerings that consider their financial history and present financial situation to give solutions based on the current requirements and anticipate future needs. To meet this requirement, companies need many data points to make sense of the vast amount of data collected from their customers and give them comprehensive solutions.

If a company knows its customers better and designs solutions based on this knowledge, there will be benefits for the customer and the company.

Many would wish financial companies to take their sophisticated pasts and presents into account to provide them with a more “humanized” banking experience, regardless of the growing use of technology required to reach this.

Faster extraction of the insights is a value of a data fabric; the embedded capability of governance ensures that appropriate data privacy and security is maintained — this is especially critical in the FSS industry. Also, data does not have to be moved and can stay secure at its source per the comment above is essential for highly regulated industries such as Financial Services.

Suppose a company is not up to speed with the better, richer insights gained from properly implementing a data fabric architecture. In that case, it will likely lose out to its competitors. The primary reason is that the customers may move to newer banking providers whose financial solutions are better matched to their current life situation and seamlessly adapt to their future needs.

Racing The Race With Data Fabric

The race is becoming increasingly tense — within the crowded space of new financial competitors, ranging from fintech startups and banks to non-financial companies taking advantage of this embedded-finance trend.

For the future victors in the financial sphere, the right data fabric strategy is not merely an option but a necessity. 

Any such form of revamping or upgrading in any organization, done alone, is not smart. It’s always better to see how experienced experts can help you out. Signzy holds a plethora of resources that can improve your processes to a greater extent. With our AI-driven products and services, you can make things better.

About Signzy

Signzy is a market-leading platform that is redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering totally customizable workflows. It gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru, and it has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.