Other VPN providers have indicated that they will oppose India's new legislation, which will oblige VPN providers to collect and hand over data on their customers.
NordVPN is considering removing its servers from India due to a new policy that requires VPN firms to collect and give over data on clients.
"We are committed to defending our users' privacy," NordVPN said. "As a result, if no other options remain, we may remove our servers from India."
India is putting in place a new policy to combat cybercrime. However, the data-collection requirement defeats the purpose of using a VPN, which is generally intended to safeguard a user's privacy.
VPN companies would be required to log data on which IP addresses their customers use and preserve it for at least five years under the new policy. As a result, if the data is ever turned over to Indian authorities, it might be used to map out consumers' web habits.
"Our team is now studying the new directive just passed by the Indian government and evaluating the best course of action," NordVPN added. We are currently working as usual because the law will not take effect for at least two months."
The bigger question is whether India will punish VPN providers who refuse to comply with the data-collection policy by blocking local access to those services.
No major VPN service appears to be planning to comply with the new laws, which take effect on June 27. ExpressVPN, ProtonVPN, PureVPN, and Surfshark are four other firms that have promised us they will prioritize their clients' privacy.
In a statement, PureVPN CEO Uzair Gadit stated, "We're quite startled by this policy move by the world's largest democracy, which is on the verge of becoming the world's largest police state."
India's regulation also requires large internet providers, such as ISPs and data centers, to keep records of all their systems for a period of 180 days. When it comes to user data, however, some VPN firms warned us that the data-collection mandate is fundamentally incompatible with their no-log policy.
"Surfshark has a rigorous no-logs policy," the VPN provider explained, "which means we don't collect or disclose our client browsing history or any useful information." "As a result, even theoretically, we would be unable to meet the logging criteria at this time."
"We are keeping a close eye on the situation as it evolves," ExpressVPN VP Harold Li said, "but want to be clear that ExpressVPN is fully committed to protecting our users' privacy, including by never logging user activity, and will adjust our operations and infrastructure to preserve this principle if and when necessary."