The new directives for VPN service providers and crypto exchanges would require them to collect critical private information as well the ownership patterns of customers.
The Indian Computer Emergency Response Team (CERT-in) which falls under the Minister of Electronics and Information Technology, issued a new directive on Thursday, forcing crypto exchanges, virtual private network (VPN) providers, and data centers to store a wide range of user data for up to five years.
Under the newly issued directive, crypto exchanges operating in India will be required to store customers’ names, ownership patterns, contact information, and different other information.
Crypto exchanges and VPN services providers are also required to report any cyber incident within six hours of its occurrence and must hand over the collected data to the authorities upon order.
“When required by order/direction of CERT-In, for cyber incident response, protective and preventive actions related to cyber incidents, the service provider/intermediary/data center/body corporate is mandated to take action or provide information or any such assistance to CERT-In.”
Read full story at: https://cryptounity.news/indian-it-ministry-directs-crypto-exchanges-require-to-collect-user-private-information-for-5-years