VPN in India: Internet Shutdowns, Bans & WiFi Safety
India has the highest number of government-imposed internet shutdowns of any country in the world, with over 100 incidents annually across various states. Combined with sweeping app bans (300+ Chinese apps blocked since 2020) and the 2022 CERT-In directive requiring VPN providers to log user data, India's internet landscape is uniquely complex for travelers. Despite all this, day-to-day internet access works well in most of the country, and using a VPN is completely legal. We recommend installing one before your trip for both privacy on public WiFi and uninterrupted access during regional disruptions.
Last updated: March 3, 2026
India's Internet Landscape
India leads the world in internet shutdowns by a wide margin. In 2023 alone, the government ordered 116 shutdowns across various states, according to digital rights organization Access Now. The state of Jammu & Kashmir is the most affected region, experiencing multi-day or even multi-week blackouts during periods of political tension. Other states like Rajasthan, West Bengal, and Manipur have also seen shutdowns during protests, communal tensions, and even school exams to prevent cheating.
On the app front, India permanently banned TikTok, WeChat, and over 300 Chinese-origin apps in 2020 citing national security concerns. PUBG Mobile was also banned before returning under a different publisher. Major Western social media platforms like Instagram, YouTube, WhatsApp, and Facebook work without restrictions in most circumstances, though throttling has been reported during sensitive periods in certain regions.
The good news for travelers is that India has one of the world's most competitive mobile data markets. Reliance Jio revolutionized connectivity with ultra-cheap 4G/5G plans, and carriers like Airtel and Vi (Vodafone Idea) offer excellent coverage in urban and semi-urban areas. Speeds of 20-50 Mbps on 4G are common in major cities.
VPN Legality & the CERT-In Directive
In June 2022, India's Computer Emergency Response Team (CERT-In) issued a directive requiring all VPN providers operating servers in India to collect and store extensive user data for a minimum of five years. The mandated data includes real names, email addresses, IP addresses, usage patterns, and the purpose for using the VPN. This was a significant departure from the privacy-first approach most commercial VPN providers follow.
In response, NordVPN, ExpressVPN, Surfshark, and ProtonVPN all removed their physical servers from Indian soil rather than comply with the logging requirements. These providers now offer "virtual India" servers -- physical hardware located in Singapore, the UK, or the Netherlands that assigns users an Indian IP address. This means you can still access Indian content and services, but your data is governed by the privacy laws of the server's actual location.
Crucially, using a VPN as an individual in India remains completely legal. The CERT-In directive targets VPN companies, not consumers. No tourist or resident has been prosecuted for using a VPN. However, using a VPN to commit an activity that is otherwise illegal under the IT Act does not provide legal protection -- the VPN itself is just a tool, and the illegality lies in the underlying activity.
Public WiFi Security
India has one of the world's largest public WiFi networks. RailTel, a government telecom company, provides free WiFi at over 6,000 railway stations across the country. While this is enormously convenient for travelers navigating India's vast rail network, these connections are unencrypted and shared among thousands of daily users. Without a VPN, your browsing activity, login credentials, and personal data are exposed to anyone on the same network.
Airport WiFi is available at all major hubs including Delhi's Indira Gandhi International (IGI), Mumbai's Chhatrapati Shivaji Maharaj International (CSIA), and Bangalore's Kempegowda International (KIA). These networks typically require phone number verification, but the connections themselves offer no meaningful encryption.
In tourist-heavy areas like Goa, Kerala's backwaters, Rajasthan's heritage cities, and Himachal Pradesh's hill stations, cafes, restaurants, and co-working spaces routinely offer free WiFi. Hotel WiFi, especially at budget and mid-range properties, is often a single shared connection for all guests. In all these scenarios, a VPN creates an encrypted tunnel that shields your data from other users on the network, protects online banking sessions, and keeps your personal information private.
Practical Setup Tips
Install and configure your VPN before flying to India. While VPN provider websites are accessible from India, downloading apps and completing account setup is far simpler from your home network. Test the connection with a few different server locations to make sure everything works smoothly.
Since all major VPN providers have removed physical servers from India, you have two main options for server selection. Use a "virtual India" server (offered by NordVPN, ExpressVPN, Surfshark, and others) when you need an Indian IP address -- for example, to access Indian banking services or stream Indian content. For general browsing and the fastest speeds, connect to a Singapore server, which is the closest major hub to India's network infrastructure and typically provides the lowest latency.
For accessing streaming services and online banking from your home country, connect to a server in your home country. This lets you use Netflix, BBC iPlayer, or your bank's website as if you were back home.
One important limitation: during full internet shutdowns where the government orders ISPs to physically disconnect cellular towers and broadband infrastructure, a VPN cannot help. These shutdowns cut the connection at the infrastructure level, meaning no internet traffic flows at all. VPNs only help when specific services are blocked or throttled while the underlying connection remains active.
Practical Tips
- Install your VPN before arriving in India -- VPN provider websites are accessible but setup is easier from home
- Major VPN providers no longer have physical servers in India due to the CERT-In logging directive -- use their 'virtual India' servers instead
- During regional internet shutdowns (common in Kashmir, occasional elsewhere), even VPNs won't work if the cellular/broadband infrastructure is cut
- RailTel WiFi at Indian railway stations is free but completely unencrypted -- always use a VPN if you connect
- For the fastest speeds, connect to a Singapore VPN server (closest hub to India's network infrastructure)
- Jio and Airtel 4G/5G mobile data is carrier-encrypted and generally safe -- VPN is optional on mobile data unless you need geo-unblocking
Frequently Asked Questions
Is it legal to use a VPN in India?
Yes. VPN use is completely legal for individuals in India. The 2022 CERT-In directive requires VPN companies to log user data, but using a VPN as a consumer is not restricted or prosecuted.
Will my VPN work during an internet shutdown in India?
It depends on the type of shutdown. If the government orders ISPs to throttle specific services, a VPN can bypass this. But during full shutdowns (where cellular and broadband infrastructure is physically cut), nothing works -- including VPNs.
Why don't major VPNs have servers in India anymore?
In 2022, India's CERT-In directive required all VPN providers operating servers in India to store user logs for 5 years. NordVPN, ExpressVPN, Surfshark, and ProtonVPN all removed their physical Indian servers to protect user privacy. They now offer 'virtual India' servers located in Singapore or the UK that provide Indian IP addresses.