Germany approves warrantless Data Retention
WSS
OG
Remember when you said I was autistic for moving my stuff off of NetCup a decade ago, @Falzo? You were right, but it wasn't for moving my stuff off of NetCup.
The German government is making a third attempt at implementing data retention. Internet access providers would be required to store the IP addresses of all users – indiscriminately and on a massive scale. Internet services such as email and messaging apps would also be obligated to store and disclose data upon request.
[...]
Originally, only law enforcement and police authorities were supposed to be able to access the stored data. Now, "other authorized bodies" are also permitted to use the data, including intelligence agencies such as the Federal Office for the Protection of the Constitution, tax authorities, and customs.
Authorities should no longer only be allowed to request traffic data if an investigation would be "hopeless by other means", but also if it would otherwise be "significantly more difficult".
The new draft clarifies that local Wi-Fi networks, including hotels and community Wi-Fi networks, are not subject to data retention requirements. Data should not be stored for longer than three months, even if an internet connection persists for longer. This was included in the initial draft .
Those bound by professional secrecy should not be protected; this was a demand made in vain by media associations, among others .
"It's a hard life- to be a stick insect." - Karl Pilkington
Comments
This is bad, wasn't proton moving some of their servers over to DE? And Tuta is there too. " Internet services such as email and messaging apps would also be obligated to store and disclose data upon request." How does that affect them would they have to leave the jurisdiction?
If I have a VPS hosting Matrix or XMPP in DE what does this mean for me?
Will it make access using .onion illegal?
Check our KVM VPS plans in 🇵🇱 Warsaw, Poland and 🇸🇪 Stockholm, Sweden
Depends. They did this in 2007, and in 2015, and they were struck down. This is the third time, however, who this data will be available to is a lot wider than the initial bills were.
Safest thing to do would be to move your data out of Germany. That's why I went entirely back to US based hosts.
To my knowledge, Tor has never been illegal in Germany. However, they'll probably have to record your contact or entry node address.
"It's a hard life- to be a stick insect." - Karl Pilkington
I mean, in rare cases service providers expose billing/control panel in .onion, which is a reliable way to opt-out of IP address logging as a customer/visitor. There is nothing meaningful to log by a web server - you can collect Circuit ID, but AFAIK it is not something visible in Netflow or even plaintext payload. Therefore I wonder if offering .onion would be seen as breach of data retention requirement.
Check our KVM VPS plans in 🇵🇱 Warsaw, Poland and 🇸🇪 Stockholm, Sweden
Chances are, if your billing panel is behind a .onion address, you're already being watched for some reason.
"It's a hard life- to be a stick insect." - Karl Pilkington
I don't, but sure sounds like me...
Will be interesting to see how far it goes this time. And I fully agree, it's all BS
However, I heavely doubt that especially the US is a better place. Weren't the 3-letter orgs invented there? ;-)
Yeah I am not sure about the US, what are the best EU privacy jurisdictions now that Germany is doing this?
Yeah, you can log the IP of customer connecting. In case of hidden service, it will be of Tor daemon accessing your panel - 127.0.0.1
onidel - 🇦🇺🇳🇱🇸🇬🇻🇳🇺🇸 - High Availability - Hourly Billing - API support - BGP/BYOIP - SEV-SNP
Oh ffs. Guess in which country my proxy is to get around another country's bullshit surveillance
Oh, I know! Uzbekistan!
In all honesty, going for a permanent VPN connection would solve most of these issues. If cant afford the VPN, just move to a third world country. They are usually way behind on such laws and due to their low income, are usually not a target by global authorities (unless it's a high profile hacking attempt).
Countless people were (are still) praising EU & Germany with GDPR as a holy grail...
🔧 BikeGremlin guides & resources
Well, it's not like most companies did not keep the IP record already. LES, as well as most other sites already keep records of the users IP when they make any posts....
oy vey, are those the famous EU "privacy" regulations? I sure hope so that won't be abused to persecute people with opinions different than the establishment (it will).
Do you read alternative media? Then you're an extremist. Once again, Germany is going for broke.
https://www.tichyseinblick.de/tichys-einblick/motra/
"It's a hard life- to be a stick insect." - Karl Pilkington
... lol
TierHive - Hourly VPS - NAT Native - /24 per customer - DE, UK, SG, CA, USA x3, FR, AU, PL, NL
FREE tokens on sign up, try before you buy. | Join us on Reddit
@havoc is not UK friendly
Haha yes exactly that! Changed the routing rather than habits
But infra is a crony business in those countries and that makes VPSes way more expensive.
We're the source, no cap. Address us: We/Our/Ours.
https://lowendspirit.com/discussion/comment/221016/#Comment_221016
Ten years ago they called it paranoia; in 2026, we call it basic operational security.
The move away from German/EU infrastructure is looking more like a necessity than a choice now. When 'tax authorities' and 'intelligence agencies' can bypass warrants just because an investigation is 'difficult', the very concept of data privacy is dead.
Glad I've already migrated my core stacks to regions that still respect the fourth amendment (or their local equivalent). Privacy is becoming a luxury feature.
Yes, that's the issue...
Does it apply to foreign servers of German companies?
All German ZAP-Hosting VPS become responsibility rather than convenience now...
Get some hosting at https://drserver.net .
yea UK blocks imgurl for whatever reason.
Free NAT KVM | Free NAT LXC
It's a regulation for internet access providers. Your usual server or hosting is no internet access point. Unless you are living here and using some landline, lte or specific hotspot this does not really apply.
Well, if you are on a VPN, your IP is likely static anyway, except maybe you switch around or use a shared one.
Free NAT KVM | Free NAT LXC
I don't know, if it would make a big difference from now and the future. Theoretically you get logged by internet provider, what might be allready happening. Second you vpn could be logged, whats halfway allready happening example geoblock.
In Theory the same but differently explained i would think. No illegal actions will harm in logs or actions by government/police.
All others avoiding this scenarios since ever.
Doesn't matter because that isn't "providing access". Those regulations apply to telekom, vodafone or mobile providers or even Freifunk. Wherever your actual entry point is. A VPN is just a tunnel through already established access and not such point.
While there is mentioning of possibly including specific service providers like for email and messengers (on demand), there is no mentioning of VPNs so far.
Netcup is no access provider, afaik they don't sell sim cards, dsl or cable.