- Cryptocurrency exchanges, VPN providers, and data centers must store user data for up to five years.
- The new regulations will go into effect on June 22.
- They are also required to report any cyber incident within six hours of its occurrence and provide the collected data to authorities upon request.
In a new directive, the Indian Computer Emergency Response Team (CERT-in), which falls under the Ministry of Electronics and Information Technology, said cryptocurrency exchanges, VPN providers, and data centers must store a variety of user data for up to five years.
According to recently announced guidelines, crypto exchanges operating in India must retain customers’ identities, ownership patterns, contact information, and other data.
“When required by order/direction of CERT-In, for the purposes of cyber incident response, protective and preventive actions related to cyber incidents, the service provider/intermediary/data center/body corporate is mandated to take action or provide information or any such assistance to CERT-In.”
Furthermore, cryptocurrency exchanges and VPN providers are also required to report any cyber incident within six hours of its occurrence and provide the collected data to authorities upon request.
The new regulations will go into effect on June 22. The new rules, according to CERT-in, are intended to assist them respond to cybercrime within six hours. The amount of data they are asking platforms to store and send over, on the other hand, has raised some issues.
However, the extent of data they are mandating platforms to preserve and pass over has raised eyebrows due to concerns over user privacy. According to CERT-in, the new restrictions are intended to help them respond to cybercrime within six hours. According to one user:
“Our government wants to monitor people’s private life, which our constitution prohibits, but to be honest, nobody cares about personal data in India.”
Some Crypto exchange owners, on the other hand, applauded the action, stating it will help with tax evasion prosecution. Unocoin CEO Sathvik Vishwanath told Cointelegraph:
A wonderful step that will enable crypto players to analyse the data they will hold.” The information will be useful in prosecuting tax evaders and other crypto-related crimes.”
To date, it is unclear whether the new legislation will apply only to crypto exchanges based in India, or to exchanges based in other countries that provide services to Indians. However, past crypto standards suggest that it may apply to all platforms.
Data collection obligations are increased at a time when the country’s discriminatory crypto tax policy has already contributed to a decline in the value of cryptocurrency.
New data on the trading volumes of Indian crypto exchanges indicate that Indian trading behavior declined within 10 days of the tax rule going into effect. A 30% crypto tax law went into effect in India on April 1, despite the warnings of numerous stakeholders and exchange operators.