Impact of Mandatory Data Retention on VPN
VPN users are sensitive to data retention policies, this is because that the purpose for VPN users to use VPN services is to keep their privacy from being tracked by governments, hackers and third-party commercial companies. Therefore, whether there is a mandatory data retention policy has a great impact on the VPN providers. For example: why it is difficult for VPN providers to develop in China, this is because that the government keeps data forcibly, while VPN providers want the No Logs services, and then, such contradictions are destined that VPN service providers can only compromise. So if a VPN provider places a VPN server in China and you are using this VPN service, you should be careful not to easily connect to Chinese servers.
What is mandatory data retention?
The mandatory data retention policy is that in order to help protect national security and track criminals, the government requires ISP and other network service organizations to retain user data in the form of laws, including browsing records and user information. The storage time length of different types of information is different, meanwhile, the requirements of different countries on the data retention are also not the same. These policies expand the government’s ability to oversee citizens and ultimately undermine personal privacy, anonymity and freedom of expression. Although VPN service providers can make their own data retention policies, they must comply with certain data retention laws.
Data retention policies in various countries:
Some countries do not have very strict data retention requirements. If the VPN service provider’s data centers that you selected are located in these locations, then congratulations, your data is safe, because there’s no data for you. However, some countries do not have very friendly data retention policies, such as the United States, Australia, China and Russia, etc.
Australia: In 2015, the Australian Parliament passed the Amendment to “the Telecommunications (Interception and Access) Act 1979”, requiring telecommunications service providers to retain certain telecommunication metadata stipulated by laws for two years.
USA: Snowden has told you everything.
Romania: In 2009, the Romanian Constitutional Court rejected the ongoing large-scale traffic data retention plan. Cyberghost is based at Romania.
Russia: A new legislative amendment came into effect on September 1, 2015, requiring data administrators to collect personal data about Russian citizens, and the data was stored in a Russian database.
Britain: Britain has a long history in the field of clandestine surveillance.
British Virgin Islands: The British Virgin Islands in the Caribbean does not retain citizen data. Although these islands are considered British Overseas Territories, their inhabitants are not directly governed by European Union law. Currently, the large, reputable ExpressVPN operator is headquartered in the British Virgin Islands.
Hong Kong: Although Hong Kong is part of the Chinese territory, however, Hong Kong is generally considered to be a place with better online privacy protection right. The famous PureVPN($2.08/mon), BlackVPN and Le VPN are in Hong Kong.
From the table below, we can see which countries’ data retention policies are friendly to VPN services and which countries’ data retention policies are bad.
| Countries | Friendly to VPN | Unfriendly to VPN |
|---|---|---|
| Australia |  |
|
| China | |
|
| Finland | |
|
| France | |
|
| Germany | |
|
| Austria |  |
|
| Belgium | |
|
| British Virgin Islands | |
|
| Czech Republic | |
|
| Hong Kong | |
|
| Netherlands | |
|
| Romania | |
|
| Ireland | |
|
| Peru | |
|
| Russia | |
|
| UK | |
|
| America | |
|
| Norway | |
|
| Switzerland | |
|
| Sweden | |
|
| Slovenia | |
|
| Slovakia | |
|
| Portugal | |
|
| Poland | |
|
| Luxembourg | |
|
| Italy | |
|
| Hungary | |
|
| Greece | |
|
| Estonia | |
|
| EU | |
|
| Cyprus | |
|
| Bulgaria | |
|
| Brazil | |
|
| Argentina | |
