India-based VPN to challenge new data law in court

News
By published

Many VPNs already left country to safeguard customer privacy

Hand holding a smartphone with VPN logo on screen and the Indian flag on the background
(Image credit: Shutterstock)

Pune-based VPN service SnTHostings has filed a lawsuit to challenge the legality of India's new data law in court.  

After it came into force on September 25, new CERT-In directives require all VPN providers based in the country to store users' personal data for up to five years. Companies will also be forced to hand this information over to authorities upon request. Those failing to comply with the new rules can face up to one year in prison. 

This is why some of the best VPN services around have already announced their decision to shut down their Indian servers to safeguard their customers' privacy. 

ExpressVPN's exit from India in June kickstarted the exodus. Then, there was Surfshark's pledge to remove its physical serversHide.me's announcement to pull the plug, and NordVPN's departure citing fears over freedom of speech. Proton VPN was the last to join the exiting group claiming that the new law is against everything it stands for

SnTHostings contacted privacy advocates at the Internet Freedom Foundation (IFF) in April, right after the new rules were announced. After an inconclusive pledge to CERT-In to withdraw such directions, the New Delhi-based organization is now legally assisting the provider.  

See more

"The entities mentioned above could leave India because they are international corporations which can afford to continue providing their services in other jurisdictions. However, for the Petitioner, relocating to another country would be extremely expensive and will drastically undermine the viability of his business," read the legal petition

Beside virtual private network software, SnTHosting has also been providing VPS, Remote Desktop Protocol and Dedicated Root Services to over 15,000 customers since 2013. 

Read more

> Any VPN with servers in India must now store activity logs on users

> How new Indian privacy law will have 'negative impact on people's privacy'

> Our pick of the best India VPN around right now

As IFF explained in a blog post, the petition seeks to "protect innovation, VPN service providers and privacy of internet users in India."

They especially stressed the fact that CERT-In new directives are against everything secure VPN services represent, violating both the right to privacy of citizens and the right to trade for the company. 

"In addition to the above, maintaining data of every activity of every customer is incredibly expensive and such a direction effectively drives small or medium enterprises such as SnTHostings out of business," IFF wrote. 

The hearing is set to begin on December 9, with Advocate Samar Bansal appearing on behalf of SnTHostings. 

Why is India's new data retention law controversial?

Despite India's new data retention law coming as an effort to clamp down on cybercrime, its regulations have been sparking many concerns across the tech sector and privacy advocating groups. 

According to SnTHosting the "unnecessary" creation of new databases with unique and previously unavailable private information of persons can "increase possible targets for rogue elements to exploit."

What's more, India's backsliding media freedom and the infamy of recording more internet shutdowns than any other country in the world amplify even more the worries that intrusive regulations could be misused to foster mass surveillance. 

India flag on laptop screen

(Image credit: Shutterstock)

VPN providers are just some of the companies subjected to the new CERT-In directives. Other services include data centers, cloud storage services, virtual private servers, and cryptocurrency exchanges. 

The amount of stored private information could be massive, across thousands of different companies. This opens a few doubts about new regulations' feasibility. 

And it's not just privacy worries. As IFF pointed out, India's new data law could put out of business a lot of medium and small firms. This will have a negative impact on its fast-growing IT sector too, perhaps translating into higher fees for India VPN users overall. 

Chiara Castro
Chiara Castro
News Editor (Tech Software)

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life – wherever cybersecurity, markets, and politics tangle up. She writes news, interviews, and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar and TechRadar Pro. Got a story, tip-off, or something tech-interesting to say? Reach out to chiara.castro@futurenet.com

Read more
Laptop with binary computer code and India flag on the screen
VPNs are disappearing from India's app stores – and a 2022 law may be the culprit
A logo of the Pakistan Telecommunication Authority (PTA) is seen on its headquarters building in Islamabad on August 16, 2024.
Pakistan's quest to regulate VPN usage is still up and running
Myanmar flag
Myanmar enforces new cybersecurity law – and VPN usage is the main target
piracy
Canal+ wants to block VPN usage – and VPN providers are fuming
Woman hands and flag of Venezuela on computer, laptop keyboard
After TikTok, Venezuela blocks VPN websites
A VPN running on a mobile device
US age verification laws put your privacy at risk – and "VPNs are not a solution”
Latest in VPN Privacy & Security
Demonstrators protesting against the arrest of the Mayor of Istanbul Ekrem Imamoglu block Atatürk Boulevard on March 22, 2025 in Ankara, Türkiye.
Turkey's social media ban has been lifted, but VPN usage is still high
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
Digital hand set location on map with two pins. AI technology in GPs, innovation delivery, map location, future transport logistic, route path concept. GPs point. New office location, change address
What does your IP address reveal about you?
A stethoscope next to a laptop on a pink background
How to check if your VPN is working
Teenager playing on a gaming PC with two monitors
Is using a VPN while gaming cheating? 5 myths you shouldn't believe about gaming with a VPN
Neon blue email symbols on a black background
Why am I suddenly getting so many spam emails?
Latest in News
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about Avengers: Doomsday's cast on YouTube, and I think it's going to be a long-winded reveal
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Microsoft Copiot Studio deep reasoning and agent flows
Microsoft reveals OpenAI-powered Copilot AI agents to bosot your work research and data analysis
More about vpn privacy security
NordVPN CTO Marijus Briedis speaking at a panel during RightsCon 2025 in Taipei, Taiwan, on February 25.

Cyber threats are evolving everywhere – and "prevention alone is insufficient," says NordVPN CTO
Proton CEO and founder Andy Yen poses next to the Proton logo at the headquarters of the encrypted email and VPN services company in Geneva.

Encryption backdoors: privacy can be misused, "but the cost of a world without is so much higher"
Garmin clippd integration

Garmin's golf watches just got a big software integration upgrade to help you improve your game
See more latest
Most Popular
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Microsoft Copiot Studio deep reasoning and agent flows
Microsoft reveals OpenAI-powered Copilot AI agents to bosot your work research and data analysis
Nissan 2026 line-up
Nissan is back to its bold best with new EV lineup that's led by a third-generation Leaf – and yes, it's an SUV
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
Image of Naoe in AC Shadows
Assassin's Creed Shadows best graphics settings for PS5, PS5 Pro, and Xbox Series X
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about Avengers: Doomsday's cast on YouTube, and I think it's going to be a long-winded reveal
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch