India's Ban On Telegram Leads to Rise In VPN Usage, But Is It Safe And Secure?

A sharp rise in downloads of virtual private networks (VPNs) was recorded after the Indian government banned Telegram ahead of the National Eligibility cum Entrance Test (NEET-UG) retest scheduled for Sunday. This has raised fresh questions around cybersecurity, privacy and digital governance.

Even though the government has banned the platform temporarily, it could still be used by using a simple VPN; Outlook Business verified this by using Telegram through this measure.

VPN downloads in India have also jumped significantly after the government's restrictions on Telegram. Daily downloads of major VPN applications rose from an average of 139,000 to 208,000, according to a report by TechCrunch, which cited the data from app intelligence firm Appfigures.

Services including Proton VPN, Turbo VPN, NordVPN and ExpressVPN also recorded substantial increases across Apple's App Store and Google Play. Rival alternative Signal also witnessed a sharp rise in downloads, as per the report.

Why Was Telegram Banned?

The restriction was imposed over concerns that fraudsters were using Telegram channels to circulate fake examination papers and target candidates ahead of the NEET retest.

Telegram challenged the order before the Delhi High Court, arguing that authorities need to act against specific content rather than block the entire platform.

However, the court upheld the temporary restriction, accepting the government's position that it was an emergency measure linked to a specific event.

Platform Bans Offer Only Temporary Relief

While the move may disrupt illegal activity in the short term, experts argue that it is unlikely to eliminate cybercrime altogether. These, however, lead to the users being susceptible to data theft and tracking.

"While emergency platform bans can disrupt illicit networks in the short term, they are ultimately a stopgap measure rather than a sustainable enforcement strategy," said Probir Roy Chowdhury, Partner at JSA Advocates & Solicitors.

He noted that cybercriminals often migrate quickly to alternative platforms, decentralised networks or the dark web. A more sustainable response, he suggested, would involve stronger collaboration between law enforcement agencies and technology companies through threat intelligence sharing, metadata analysis and targeted content removal.

A similar view was echoed by Kaushik Moitra, Partner at Bharucha & Partners, who pointed to how Russia's ban on Telegram became effectively nullified as the people started using it through VPNs. "Restrictions often push illicit activity elsewhere rather than eliminating it entirely," he said.

From a cybersecurity perspective, Tarun Wig, Co-founder and CEO of Innefu Labs, described the restriction as a useful "circuit breaker" given the scale of examination fraud concerns.

However, he cautioned that crime syndicates are likely to regroup elsewhere unless authorities use the opportunity to strengthen platform oversight and verification mechanisms.

VPN Usage Increases Risks

The surge in VPN adoption has also prompted concerns over user safety. People don't realise that a free VPN can be far riskier than whatever they're trying to avoid, Wig said, warning that many free services may log user activity, sell data or expose users to credential theft.

Users need to understand that a VPN does not automatically guarantee anonymity or security. Tarini Sai Padmanabhuni, Founder and CEO of DetectifAI, said, "If the provider itself lacks strong security practices, user data may still be vulnerable to misuse, interception, or unauthorised access."

Not only individual users are prone to the risks. Industrial environments face an additional layer of risk.

"Unverified VPNs could expose Industrial Internet of Things (IIoT) and connected machinery to external bad actors," Rajat Srivastava, Founder and CEO of Df-OS, said, adding that organisations can use integrated, hardware-agnostic platforms that offer secure remote monitoring natively to mitigate the issue.

Balancing Privacy, Security And Regulation

Experts maintain that secure communication tools such as encryption and VPNs remain essential for protecting personal privacy, financial transactions and corporate data.

However, the current regulatory approach often leans heavily toward reactive compliance mandates, such as blanket traceability requirements and platform-wide blocks under the IT Act.

Chowdhury argued that a balanced approach must be adopted that's rooted in the constitutional principle of proportionality. "Mandating structural backdoors or traceability fundamentally weakens the security architecture for everyone, creating vulnerabilities that malicious actors will inevitably exploit," he said.

Instead of compromising the technology itself, governments could focus on targeted, judicially overseen investigations - leveraging metadata, financial tracing, and endpoint security, to track criminals without breaking the digital locks that keep the wider economy safe, he reasoned.

India already possesses significant regulatory powers under the Information Technology Act, Intermediary Guidelines and CERT-In directives. Rather than introducing broader restrictions, experts call for strengthening international cooperation, digital forensic capabilities, and platform accountability and cooperation.

What's Next?

Even though the ban on Telegram is expected to lift by Monday, users have started to increasingly migrate towards VPNs and alternative messaging services.

The debate is now shifting from access alone to a broader question of how can the government tackle cybercrime without compromising digital security and access for millions of legitimate users.

The tussles between the regulatory bodies and corporations over compliance are not new. However, "digital security and user access do not need to be viewed as competing priorities," Padmanabhuni remarked.

Hence, finding new alternatives to mitigate these concerns while also staying ahead of the malicious actors is the need of the hour, the experts said. This could be achieved when the state and firms come together to provide citizens with free and secure access to platforms without compromising their safety.