In a major move to protect citizens’ digital privacy, the Indian government has ordered VPN providers, internet platforms, and digital intermediaries to immediately block websites that are leaking or selling personal data of Indian users.
This comes after reports showed sensitive information—like phone numbers, Aadhaar details, and addresses—being openly traded on the dark web and public forums.
Rising Threats Prompt Government Action
Over the past year, India has seen multiple large-scale data leaks involving telecom users, students, government beneficiaries, and insurance customers.
Cybercriminals are using these datasets for scams, phishing attacks, and identity theft.
The Ministry of Electronics and IT called these leaks a “serious threat to national security and public safety” and stepped in to prevent further misuse.
Platforms and VPNs Must Comply
The government has directed VPN services, ISPs, social media platforms, app stores, and digital intermediaries to:
Block websites and URLs leaking personal data
Remove access to platforms selling stolen information
Strengthen monitoring of suspicious activity
Cooperate with ongoing cyber investigations
Non-compliance could result in penalties under India’s IT Rules and the Digital Personal Data Protection (DPDP) Act.
The move specifically targets cybercriminals who use VPNs to hide their identities while hosting or accessing illegal websites.
By involving VPN services, the government aims to close key technical loopholes.
DPDP Act Strengthens Enforcement
The newly implemented DPDP Act gives authorities the power to penalize entities that fail to protect user information.
This crackdown is among the first major enforcement actions under the law, emphasizing accountability, secure data processing, and prevention of misuse.
Officials said that protecting citizens’ data is now a national priority.
Users Must Stay Vigilant
While platforms increase security, citizens are advised to:
Avoid sharing personal information unnecessarily
Enable two-factor authentication
Be alert to suspicious calls or messages referencing leaked data
A Step Toward Safer Online India
This directive is part of India’s effort to strengthen its cybersecurity framework.
By targeting websites selling stolen data and the networks that support them, the government hopes to reduce digital vulnerabilities and create a safer online environment for millions of users.
