Swedish ISP to Route Traffic Through VPN to Fight Data Law

Written By Jared Moya

January 28, 2011 | 5 Comments

Swedish ISP Bahnhof plans to anonymize customer traffic to protect them for legislation requiring fixed and mobile telephone companies and ISPs to retain user traffic and location data for a period of six months to comply with the European Union’s Data Retention Directive.

Swedish ISP Bahnhof says it will soon route all customer traffic through a VPN service in order to circumvent legislation intended to implement the European Union’s Data Retention Directive.

The Directive requires fixed and mobile telephone companies and ISPs to retain user traffic and location data for a period of six to twenty-four months in order to facilitate “the investigation, detection and prosecution of serious crime.” Sweden plans to impose the minimum data retention requirement of 6 months.

‘In our case, we plan to let our traffic go through a VPN service,” says Jon Karlung, president of Bahnhof.

He says the ISP plans to make the law as “toothless” as possible. Anonymizing user traffic will mean very little data, if any at all, will be useful to law enforcement investigations.

“Technically, this is a stealth section, we will store all data up to this point of invisibility,” he added. ” What happens after that is not our responsibility and is outside the Bahnhof. So the only thing we are going to store is very little information in practice will be irrelevant.”

Karlung says he’s all for investigating and prosecuting criminals like pedophiles and murders, but that it shouldn’t be done by collecting and storing data from everyone in the process.

It must be based on “individual cases” where there is reason for suspicion.

Customers can opt out of the free VPN service and get their data stored for 50 SEK ($7.3 USD) p/mo if they want, but I can’t imagine too many takers on the offer.

Jared Moya
I've been interested in P2P since the early, high-flying days of Napster and KaZaA. I believe that analog copyright laws are ill-suited to the digital age, and that art and culture shouldn't be subject to the whims of international entertainment industry conglomerates. Twitter | Google Plus

This is a very good move on the part of the ISP. The best part is that it may save them money because their logs will just be the IP address of the VPN and a time stamp. No other information will be available. Because of this there will be less data to store, requiring less infrastructure and saving money. Wonder how long it will take for the country to make VPN service illegal.

Scary Devil Monastery

Making a VPN-service illegal? We can start off by determining that this would make every international company leave Sweden entirely as it will be impossible to do any business whatsoever in a place where you are forced to transmit your confidential information and business plans in clear text. If that happens, Sweden gets hit with a new recession. a well deserved one.

Chlly8

The USA may soon may be the first country to make VPN illegal. There are plans to introduce legislation, later this year, requiring a "backdoor" into all encrypted communications. That would make VPN illegal in the US, because such backdoors cannot be put into VPN communications.