HomeLatest NewsIndustryIndia’s new cyber rules get global push back, top tech companies sought to delay ‘controversial rules’ implementation
Industry

India’s new cyber rules get global push back, top tech companies sought to delay ‘controversial rules’ implementation

Tech Observer Desk
By Tech Observer Desk
Updated On
Listen . 1 min
Make us preferred on Google

The new set of ‘controversial rules’ is due to come into force later this month, which may create an ‘environment of fear rather than trust'.

Preferred Source of Google

Exclusive

In the latest push back to the Indian cybersecurity rules, a body representing top tech companies has warned the government and sought to delay the implementation of the new set of rules by one year.

The new set of ‘controversial rules’ due to come into force later this month will create an “environment of fear rather than trust,” the body said.

According to the and Mobile Association of India (IAMAI), which represents firms including Facebook, Google, and Reliance, wrote this week to India’s criticising a directive on cybersecurity set out in April.

Advertisement
EVENT
Saksham Bharat 2026
Saksham Bharat 2026
A multi-stakeholder dialogue on skilling gap in Cybersecurity, Data Resilience and AI — and the roadmap to a Saksham Bharat.
📅 Tue, 26 May 2026
📍 Mumbai, Bengaluru, Delhi
Register Now →
EVENT
VeeamON 2026 Tour India - Mumbai
VeeamON 2026 Tour India - Mumbai
A VeeamON 2026 India Leadership Series Mumbai for senior public sector and government technology leaders.
📅 Tue, 26 May 2026
📍 Grand Hyatt, BKC
Register Now →
EVENT
Cyber Surakshit Uttar Pradesh
Cyber Surakshit Uttar Pradesh
Find out strategies, frameworks and solutions for building a resilient and secure digital ecosystem across Uttar Pradesh.
📅 Thu, 28 May 2026
📍 Lucknow
Register Now →
EVENT
VeeamON 2026 Tour India - Bengaluru
VeeamON 2026 Tour India - Bengaluru
A VeeamON 2026 India Leadership Series Bengaluru for senior public sector and government technology leaders.
📅 Wed, 03 Jun 2026
📍 JW Marriott Hotel
Register Now →
EVENT
VeeamON 2026 Tour India - Delhi
VeeamON 2026 Tour India - Delhi
A VeeamON 2026 India Leadership Series Delhi for senior public sector and government technology leaders.
📅 Fri, 19 Jun 2026
📍 Shangri-La Eros
Register Now →
EVENT
Infosec Reimagined
Infosec Reimagined
Infosec Reimagined 2026 is the premier information security summit where top leaders—CISOs, CROs, CIOs, CTOs and risk executives—converge to redefine cyber resilience.
📅 Fri, 26 Jun 2026
📍 New Delhi
Register Now →
EVENT
Digital Senate
Digital Senate
Digital Senate is a premier conference uniting government leaders, technologists and innovators to share ideas, success stories and strategies on digital governance, public sector transformation, cybersecurity and emerging technologies in India.
📅 Thu, 30 Jul 2026
📍 New Delhi
Register Now →
EVENT
CIO Prism
CIO Prism
CIO Prism unites forward-thinking technology leaders to exchange transformative insights, shape digital strategies, and foster innovation, empowering enterprises to excel in an era of rapid technological change.
📅 Fri, 18 Sep 2026
📍 Goa
Register Now →

Among other changes, the directive from the Indian Computer Emergency Response Team (CERT) requires tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.

In the letter IAMAI proposed to extend the six-hour window, noting the global standard for reporting -security incidents is generally 72 hours. CERT, which comes under the IT ministry, has also asked cloud service providers such as and virtual private network (VPN) companies to retain the names of their customers and IP addresses for at least five years, even after they stop using the company’s services.

The cost of complying with such directives could be ‘massive’, and proposed penalties for violation including prison would lead to “entities ceasing operations in India for fear of running afoul,” the IAMAI letter said.

Advertisement

On Thursday, VPN service provider Express VPN removed its servers from India, saying it “refuses to participate in the Indian government’s attempts to limit internet freedom.” IAMAI’s letter follows one from 11 significant tech-aligned industry associations earlier this week, which said the new requirements made it difficult to do business in India.

India has tightened regulation of big tech firms in recent years, prompting pushback from the industry and in some cases even straining trade ties between New Delhi and Washington.

New Delhi has said the new rules were needed as cybersecurity incidents were reported regularly but the requisite information needed to investigate them was not always readily available from service providers.

ALSO READ

Get the day's headlines from Tech Observer straight in your inbox

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
Make us preferred on Google
Tech Observer Desk
Tech Observer Desk
Tech Observer Desk at TechObserver.in is a team of technology reporters led by a senior editor who brings latest updates and developments from the world of technology.
- Advertisement -
Powered By Veeam Logo
- Advertisement -

Subscribe to our Newsletter

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -

Latest in TECH

Mohd Ujaley

AI agents break legacy security models, Veeam CEO warns at VeeamON

Veeam Software CEO Anand Eswaran says zero-trust security models built for human users have broken down as autonomous AI agents move inside enterprises at machine speed, and that recovery, identity and data governance can no longer be treated as separate problems.

RELATED ARTICLES