Close

May 20, 2022

India’s Restrictive VPN Law Should Be a Warning to Us All

NOTE: This article is off-topic. That is, it does not concern anything to do with genealogy, DNA, or related topics normally found in this newsletter. However, I have written several times about the wisdom of using VPNs to preserve your privacy from hackers, invasive corporate advertising, and from governments spying on their citizens.

VPNs as a scapegoat whilst removing freedom of choice.

From an article by Sebastian Schaub published in the TechRadar web site at https://www.techradar.com/opinion/indias-restrictive-vpn-law-should-be-a-warning-to-us-all:

People who subscribe to VPN services will generally be driven by two main factors – privacy and security. Clearly, such users value their privacy for many different reasons, choosing to remain private whilst going about their online business. Any move to restrict or even remove privacy effectively seeks to undermine those who provide VPN services. So it is worrying to see news developing in India where new directions published by the Ministry of Electronics and Information Technology seek the power to be able to identify VPN users – goodbye privacy. This can only be viewed as another overly restrictive law that essentially compromises the privacy and security of almost all VPN users. 

Despite the public backlash, India is pressing ahead with its new cybersecurity rules that will require cloud service providers and VPN operators to maintain names of their customers and their IP addresses. For services that won’t comply? India has informed them they will need to cease operations in the country, according to The Indian Computer Emergency Response Team.

India had already threatened to do something similar last year whereby a parliamentary committee wanted the Indian government to ban VPNs altogether on the basis that the criminal fraternity were using VPN encryption to commit crime. India wouldn’t be the first country to try and curtail VPN services using similar excuses. Russia blocked access to VPN service providers that included the likes of NordVPN and Express VPN with very vague references to extremism, narcotics and child pornography. China controls most parts of the internet available to citizens and therefore sees the use of any VPN service as an obstacle to achieving absolute cyber sovereignty within its borders.

And this is what any interference by governments on VPN services boils down to. It is a reflection of their desire to control the internet and block access to what they consider prohibited information and resources. However, any technology can be misused but the overwhelming majority of VPN usage is for legal and legitimate purposes. All around the world, many millions of consumers and businesses rely on VPNs for essential online protection. Our own data has illustrated this in the past. During social unrest in Indonesia last year, the government imposed blocks on WhatsApp and Instagram – we saw our traffic increase by a massive 300%, a clear reflection of the will of the Indonesian people wanting to control their freedom and expression of speech.

Any curbs on VPN usage, especially where you set out to restrict or remove privacy, is an attack on internet freedom in general.

The full article is much longer. You can read the entire thing at: https://www.techradar.com/opinion/indias-restrictive-vpn-law-should-be-a-warning-to-us-all.

Comments from Dick Eastman:

The latest move by the Indian government should be a warning to all internet users: Big Brother is watching you.

The Indian government is rather unique in that the government announces such things publicly. Most other governments already use similar methods but rarely make public announcements about them. If you value your online privacy (and you should!), it is time to hide your online activities.

You might claim, “But I don’t do anything illegal.” To which I would respond, “Why do you have a door on the toilet or curtains in your house? Just because you’re not doing anything illegal doesn’t mean that you have to share everything you do with strangers.”

I wonder if the next statement from the Indian government will state that all private letters sent through the postal service must be written on post cards, not sealed in envelopes. That would greatly simplify government snooping.

(OK, so written private letters are rare nowadays, being replaced by e-mail. But I will suggest the above paragraph raises a bigger question: What is the purpose of government? To spy on its citizens or to protect the privacy rights of those citizens?)

Luckily, there are several easy methods to obfuscate your online communications so that even government spies and others cannot read your online activities:

1. Sign up for a VPN service based in a country that is far more liberal about protecting your privacy and where spying on citizens is illegal. Those countries include: Switzerland, Germany, the Scandinavian countries, and Iceland. There are probably others also, but those are the ones I can think of right now. You want to avoid VPN services based in Russia, China, the Arab countries, the United Kingdom, Canada, or the USA or in any other country with a repressive government. Repressive governments probably do the same thing as India except they don’t publicize such things.

2. Build your own VPN where you and your correspondents are the only ones who have the capability to read your communications. I wrote about one such solution in an earlier article: (+) Hands-On with My New DPN (available only to Plus Edition subscribers but still available to them at: https://eogn.com/(*)-Plus-Edition-News-Articles/12759512). You can also find many online articles about creating your own personal VPN by starting at https://bit.ly/3wyg0Q8.

3. Skip VPNs completely and switch to the FREE Tor Browser. This is explained at: https://www.torproject.org/ but it only protects you on the World Wide Web, not in email, file transfers, most online chat protocols, and other online activities. Tor also slows down your web activities significantly.

My personal belief: I believe EVERY online user has a right to privacy. I further believe every bit of communications online should be fully encrypted in such a manner that can only be decrypted by the originator and the addressee(s) of those communications. I believe this even though I don’t (knowingly) do anything illegal. I lead a rather open life. However, I simply don’t like anyone snooping around in my activities.

What do you think? Does a hacker, criminal, online site (like Facebook), a government (including all FUTURE ADMINISTRATIONS) have a legal right to monitor everything you write or say?

If governments do have that right, welcome to 1984!