cross-posted from: https://lemmy.zip/post/55706105
The topic has been debated since April, when the EU Commission first unveiled “ProtectEU,” a strategy aiming to create a roadmap for “lawful and effective access to data for law enforcement.” The Commission then presented the Roadmap in June, which outlined an intent to decrypt citizens’ private data by 2030.
Most member states argue that simply knowing who owns an account isn’t enough. Instead, they want a new legal baseline where companies are forced to log exactly when and where a user was online, as well as the IP addresses they used to connect.
As AdGuard VPN’s Chief Product Officer, Denis Vyazovoy, told TechRadar back in April: “A legal framework that forces VPNs to retain user metadata – potentially for a prolonged period – could make such services untenable, leading to the withdrawal of VPN providers from the EU.”
How does this interact with gpdr? It seems at odds.
No it isn’t at all.
GDPR allows you to store data about people provided it’s necessary to provide the service or meet legal requirements.
GDPR prevents you from storing more data than it needed and from storing data longer than you need it.
GDPR requires you to inform users what data you are storing about them, when requested, and to delete any data you hold on users when requested.
Since this would be a legal requirement there would be zero conflict.
Oops, our logs and all redundant backups were mistakenly deleted and securely overwritten.
By whom? Ooops, our login database had mysteriously corrupted and wiped by our agentic AI.
Here’s 300PB of code and training data for the ai.
Hope that helps.
Now, can we have a little peek at your personal computing devices?