The Computer Emergency Response Team of India (CERT-in), which is under the Ministry of Electronics and Information Technology, issued a new directive on Thursday, forcing crypto exchanges, virtual private network (VPN) providers, and data centers to store a wide range of user data for up to five years.
Under the newly issued directive, crypto exchanges operating in India will be required to store customer names, ownership patterns, contact information, and various other data.
Cryptocurrency exchanges and VPN service providers are also required to report any cyber incident within six hours of its occurrence and must hand over collected data to authorities upon warrant.. The official directive read:
“When required by order/instruction of CERT-In, for the purposes of response to cyber incidents, protective and preventive actions related to cyber incidents, the service provider/intermediary/data center/legal entity is mandated to take action or provide information or any such assistance to CERT-In”.
The new directives will take effect on June 22, which may force many privacy-focused VPN service providers and crypto platforms that do not collect and store critical user data to shut down their operations.
CERT-in claims that the new directives are meant to help them take action against cybercrime within six hours, however, the variety of data they ask platforms to store and deliver has drawn attention due to privacy concerns among users. An user wrote:
“Our government wants to control people’s private lives and our constitution doesn’t allow it, but to be honest, no one in India is very conscious about personal data.”
However, some crypto exchange owners welcomed the step, saying it will help prosecute tax evaders. Unocoin CEO Sathvik Vishwanath told Cointelegraph:
“This is a good move and helps crypto players get clarity on what data they would be storing. The data would help prosecute tax evaders and any crime that occurs using cryptocurrencies.”
At this point, it is unclear whether the new rules would be applicable to crypto exchanges that operate only in India or to foreign exchanges that offer their services to Indians as well. Nevertheless, Looking at the crypto guidelines above, it could well be applicable to all platforms.
The new data collection directives come at a time when the country’s regressive crypto tax policy has already led to a sharp decline in trading volume and user activity on Indian crypto exchanges.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.