Indian IT Ministry Directs Digital Asset Exchanges To Store Customer Data For Five Years

The Indian Computer Emergency Response Team, which falls under the Ministry of Electronics and Information Technology, recently issued a new directive, making it mandatory for digital asset exchanges, VPN providers and data centers to store a broad range of user data for up to 5 years.

Under the latest directive, virtual currency exchanges operating in India will be required to store users’ names, ownership patterns, contact information and several other data.

The official directive mentioned,

“When required by order/direction of CERT-In, for the purposes of cyber incident response, protective and preventive actions related to cyber incidents, the service provider/intermediary/data center/body corporate is mandated to take action or provide information or any such assistance to CERT-In.”

The Indian Computer Emergency Response Team claims the new directives are aimed at helping them take action against cyber crimes within 6 hours. Nevertheless, the range of data they are asking platforms to store and hand over has raised eyebrows owing to privacy apprehensiveness among users.

One user mentioned,

“Our government wants to control the private life of the people and our constitution does not allow this but to be honest, no one in India is much conscious about personal data.”

Nonetheless, a couple of digital asset exchange owners welcomed the step, mentioning it will assist prosecute tax evaders.

Notably, the new data collection directives come at a time when the regressive virtual asset tax policy in the nation has already led to a sharp decline in trading volume and user activity on Indian digital currency exchanges.