Swedish ISP Bahnhof plans to anonymize customer traffic to protect them for legislation requiring fixed and mobile telephone companies and ISPs to retain user traffic and location data for a period of six months to comply with the European Union’s Data Retention Directive.
Swedish ISP Bahnhof says it will soon route all customer traffic through a VPN service in order to circumvent legislation intended to implement the European Union’s Data Retention Directive.
The Directive requires fixed and mobile telephone companies and ISPs to retain user traffic and location data for a period of six to twenty-four months in order to facilitate “the investigation, detection and prosecution of serious crime.” Sweden plans to impose the minimum data retention requirement of 6 months.
‘In our case, we plan to let our traffic go through a VPN service,” says Jon Karlung, president of Bahnhof.
He says the ISP plans to make the law as “toothless” as possible. Anonymizing user traffic will mean very little data, if any at all, will be useful to law enforcement investigations.
“Technically, this is a stealth section, we will store all data up to this point of invisibility,” he added. ” What happens after that is not our responsibility and is outside the Bahnhof. So the only thing we are going to store is very little information in practice will be irrelevant.”
Karlung says he’s all for investigating and prosecuting criminals like pedophiles and murders, but that it shouldn’t be done by collecting and storing data from everyone in the process.
It must be based on “individual cases” where there is reason for suspicion.
Customers can opt out of the free VPN service and get their data stored for 50 SEK ($7.3 USD) p/mo if they want, but I can’t imagine too many takers on the offer.