India has taken a significant step in its efforts to regulate online privacy and data security by removing several high-profile VPN apps from the Apple App Store and Google Play Store. Among the apps pulled were Cloudflare’s widely used 1.1.1.1, as well as Hide.me and PrivadoVPN. The Ministry of Home Affairs, through its Cyber Crime Coordination Centre, issued the takedown orders, citing violations of Indian laws related to data retention and user privacy. While the Ministry, Apple, Google, and Cloudflare have not publicly commented on the removals, the action signals a broader crackdown on internet privacy tools in the country.
The removal of these VPN apps is tied to the implementation of India’s 2022 regulatory framework, which places stringent requirements on VPN providers and cloud service operators. Under these rules, VPN providers must maintain detailed logs of user data, including names, addresses, IP addresses, and transaction histories, for a period of five years. This requirement has faced backlash from many major VPN companies, some of which, like NordVPN, ExpressVPN, and Surfshark, have expressed concerns about the potential impact on user privacy and have chosen to withdraw their server infrastructure from India.
This development is part of India’s ongoing push to enhance cybersecurity and counter online threats. However, critics argue that the regulations may infringe on privacy rights and undermine the principles of anonymity and security that VPN services are meant to provide. The government’s increasing focus on controlling VPN usage raises concerns among privacy advocates, who fear that such measures could pave the way for greater surveillance and censorship online.
Despite the regulatory hurdles, some VPN services like NordVPN, ExpressVPN, and Surfshark continue to offer services to Indian users but have stopped marketing their apps in the country. The situation highlights the delicate balance between government regulation, cybersecurity, and the protection of individual privacy. As India continues to enforce these data retention laws, the global VPN industry will likely face increasing challenges in navigating the country’s evolving digital landscape.
