Monday, June 27, 2022
-Advertisement-
-Advertisement-
Tech ObserverNewsIndustryIndia’s new cyber rules get global push back, top tech companies sought to delay ‘controversial rules’ implementation

India’s new cyber rules get global push back, top tech companies sought to delay ‘controversial rules’ implementation

The new set of ‘controversial rules’ is due to come into force later this month, which may create an ‘environment of fear rather than trust'.

The new set of ‘controversial rules’ is due to come into force later this month, which may create an ‘environment of fear rather than trust'.

In the latest push back to the Indian cybersecurity rules, a body representing top tech companies has warned the government and sought to delay the implementation of the new set of rules by one year.

The new set of ‘controversial rules’ due to come into force later this month will create an “environment of fear rather than trust,” the body said.

According to the Internet and Mobile Association of (IAMAI), which represents firms including Facebook, Google, and Reliance, wrote this week to India’s IT ministry criticising a directive on cybersecurity set out in April.

Among other changes, the directive from the Indian Computer Emergency Response Team (CERT) requires tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.

In the letter IAMAI proposed to extend the six-hour window, noting the global standard for reporting -security incidents is generally 72 hours. CERT, which comes under the IT ministry, has also asked cloud service providers such as and virtual private network (VPN) companies to retain the names of their customers and IP addresses for at least five years, even after they stop using the company’s services.

The cost of complying with such directives could be ‘massive’, and proposed penalties for violation including prison would lead to “entities ceasing operations in India for fear of running afoul,” the IAMAI letter said.

On Thursday, VPN service provider Express VPN removed its servers from India, saying it “refuses to participate in the Indian government’s attempts to limit internet freedom.” IAMAI’s letter follows one from 11 significant tech-aligned industry associations earlier this week, which said the new requirements made it difficult to do business in India.

India has tightened regulation of big tech firms in recent years, prompting pushback from the industry and in some cases even straining trade ties between New Delhi and Washington.

New Delhi has said the new rules were needed as cybersecurity incidents were reported regularly but the requisite information needed to investigate them was not always readily available from service providers.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

- Advertisement -

Your Comment on this Story

Comments

Share on activity feed

Powered by WP LinkPress

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our Newsletter

83000+ Industry Leaders read it everyday

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -ESDS SAP HANA Community Cloud
- Advertisement -Digital Senate 2022

RELATED ARTICLES

- Advertisement -