Surfshark has become the second major Virtual Private Network (VPN) provider to remove its servers from India, after the government introduced new rules that force VPN providers, crypto exchanges, and cloud service providers, to maintain user logs for five years.
ExpressVPN was the first to go.
"Surfshark proudly operates under a strict 'no logs' policy, so such new requirements go against the core ethos of the company," the company wrote in a blog post on 7 June.
The rules, issued by the Indian Computer Emergency Response Team (CERT-In), also require the companies to share user logs if directed to, and report data breaches within six hours of noticing them.
What Changes for Users?
Users in India who don't use Indian servers, will not notice any differences and will still be able to connect to servers abroad, Surfshark said.
For those who want an Indian IP address, there will be virtual servers.
"After the new regulations come into effect, we’ll introduce our virtual Indian servers – which will be physically located in Singapore and London. Users will be able to find them in our regular list of servers," Surfshark said.
"Virtual servers are functionally identical to physical ones – the main difference is that they’re not located in the stated country. They still provide the same functionality – in this case, getting an Indian IP."Surfshark VPN
The company said it will closely monitor the government’s attempts to limit internet freedom and "encourage discussions intended to persuade the government to hear the arguments of the tech industry."
It added that VPN suppliers leaving India will damage India's IT sector and impact the privacy of millions of people since "18 out of 100 Indians had their personal contact details breached" since 2014.
The new VPN rules, which won't apply to corporate and enterprise VPNs, are slated to kick in from late June – exactly 60 days from the date of issuance, which was 28 April.
Find a detailed breakdown of the rules here.