Latest


Centre asks VPN firms to block sites leaking Indian user data

  •   Sun, Dec 14 2025 11:52:21 AM

Daijiworld Media Network - New Delhi

New Delhi, Dec 14: The Ministry of Electronics and Information Technology (MeitY) has issued a warning to Virtual Private Network (VPN) service providers, directing them to block websites allegedly leaking personal data of Indian users and to comply with existing Indian regulations governing VPN operations.

The advisory, issued late Thursday evening, cited a website that reportedly allowed users to track the location and personal details of Indians using phone numbers or addresses, allegedly based on leaked data. The URL in question has since redirected to a repository hosted on GitHub, a Microsoft-owned coding platform.

VPNs enable users to access the internet through remote servers, often offering encryption and bypassing website blocks imposed by Indian internet service providers. The Indian government has long expressed concern over anonymous internet usage, arguing that it facilitates cybercrime. In 2022, the Computer Emergency Response Team of India (CERT-In) mandated VPN providers to maintain logs of Indian users.

However, several VPN companies opposed the directive, stating that it conflicted with their core privacy policies. Major paid VPN services such as ExpressVPN and NordVPN subsequently relocated their India-based servers to Singapore, while continuing to offer services to Indian users through alternative routing.

GitHub did not respond to queries on whether it had received a takedown request related to the repository mentioned by the Ministry.

In its advisory, MeitY stated that certain websites were operating in violation of the law by publicly disclosing sensitive personal information, including names, mobile numbers, addresses, alternate contact details and email IDs of individuals in India, without authorisation. The Ministry warned that such platforms pose a serious risk to users and could be accessed using VPN services.

The Ministry reminded intermediaries of their due diligence obligations under the Information Technology Act, 2000, and the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, which prohibit hosting content that violates privacy, public order, national security or existing laws.

It further cautioned that VPN providers failing to block such URLs could face action under applicable laws, including the IT Act and the Bharatiya Nyaya Sanhita, 2023.

A senior official clarified that the advisory does not signal an imminent ban on VPN services, but questioned the necessity for such platforms to operate anonymously.
  

Top Stories


Leave a Comment

Title: Centre asks VPN firms to block sites leaking Indian user data



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like