# India Draws Up Tough New Rules for VPN Firms, With Jail Time Looming for Non-Compliant Officers

> The Indian government is preparing a strict legal framework that will force foreign VPN companies to open local offices and appoint compliance officers, with jail time on the table for officers who defy the rules.

**Type:** article · **Category:** Technology · **Published:** 2026-07-03 · **Source:** TrendKia
**Canonical:** https://trendkia.com/en/technology/videshi-vpn-knpaniyon-para-sarakara-ki-nai-sakhti-phisa-na-kholane-para-adhikariyon-ko-ho-sakati-hai-jela-4283 · **Language:** English
**Tags:** VPN companies, CERT-In, data privacy, internet censorship, MeitY, Telegram ban, cyber law

Foreign companies running virtual private network, or VPN, services in India are about to face a much tighter regulatory leash. The central government is drafting a strict legal framework that will require every foreign VPN provider to set up a permanent office inside India and appoint local compliance officers who can be held accountable to Indian authorities. Any company that refuses to follow the government's rules and directions could see its India-based officers land in jail, not just face fines or a service ban.

## Why the Crackdown Now
This crackdown has not come out of nowhere. Its root cause is straightforward: VPN companies have repeatedly ignored government orders instead of cooperating with them. Back in 2022, the Indian Computer Emergency Response Team, or CERT-In, issued a directive making it mandatory for VPN companies to store sensitive user data such as names, email IDs, mobile numbers and IP addresses for five years. Major players including ExpressVPN, NordVPN, Proton VPN and Surfshark refused to comply with that order and simply pulled their physical servers out of India altogether instead of handing over user data to Indian agencies. That defiance is exactly why the government is now working on a much tougher law aimed at foreign VPN providers.

## How a VPN Works, and Why It Worries the Government
A VPN essentially masks a user's real IP address and routes their internet traffic through a server located in another country. That makes it look as though the user is browsing from somewhere outside India, even when they are sitting inside the country. This same bypass trick is what allows websites, apps and other online content blocked by the government to be accessed with ease inside India, which is precisely what has worried authorities.

## VPN Became a Backdoor to Blocked Content
Over the past several months, it has become common for people to use VPNs freely to reach websites, apps and online content that the government has blocked in India. Earlier this year, the government temporarily blocked Telegram ahead of the NEET-UG re-test. During that period, Proton VPN's general manager, David Peterson, revealed that registrations for the company's VPN app from India suddenly jumped by more than 120 percent. The government subsequently blocked both his post about that spike and his X account inside India.

## Only Two Options Left for Foreign VPN Firms
The Ministry of Electronics and Information Technology, or MeitY, has not issued any official statement on the matter yet. But once the new law comes into force, foreign VPN companies will effectively be left with only two choices. They can either open a legal office in India, cooperate fully with government investigations and share user data when asked, or they can walk away from a market of hundreds of millions of Indian users for good.

## What this means for you
The new rules will directly affect the many Indian users who rely on VPNs for privacy or to reach blocked content.

- **For VPN users:** if foreign providers open Indian offices and start sharing data with the government, user privacy will no longer be what it used to be.
- **For app availability:** companies unwilling to meet the new conditions may exit India entirely, which could mean losing access to services like ExpressVPN, NordVPN, Proton VPN or Surfshark.
- **For access to blocked content:** using a VPN to reach websites and apps blocked by the government could become noticeably harder.

## Questions & Answers

### 1. Why is the government cracking down on foreign VPN companies?
Because companies like ExpressVPN, NordVPN, Proton VPN and Surfshark refused to comply with CERT-In's 2022 data retention order and pulled their servers out of India instead.

### 2. What will foreign VPN companies have to do under the new law?
They will have to open a permanent office in India and appoint local compliance officers.

### 3. What happens if companies refuse to follow the government's rules?
Officers of that company based in India could face jail time.

### 4. What did CERT-In's 2022 directive require?
It made it mandatory for VPN companies to store user data such as names, email IDs, mobile numbers and IP addresses for five years.

### 5. When and why was Telegram blocked?
The government temporarily blocked Telegram earlier this year ahead of the NEET-UG re-test.

### 6. What did David Peterson reveal?
Proton VPN's general manager David Peterson said registrations for the company's VPN app from India jumped by more than 120 percent during the Telegram block.

### 7. Has MeitY made any official statement on this?
No, the Ministry of Electronics and Information Technology has not issued an official statement yet.

### 8. What options will foreign VPN companies have once the new law takes effect?
They can either open a legal office in India and cooperate with investigations while sharing user data, or exit the Indian market entirely.

---
_TrendKia — Har trend, sabse pehle.. Machine-readable view; canonical HTML at the URL above._