Swedish ISPs To Thwart EU Data Retention Law

aaardwark writes "After a leaked document from the department of justice showed police will be able to demand extensive private information for minor offenses, some Swedish ISPs have decided to fight back (translated article). By routing all traffic through VPN, they plan to make the gathered data pointless. ISP Bahnhof says they will give you the option to opt out of VPN, but giving up your privacy will cost extra."

Re:

[intellitech]

Attached to source submission (google translate'd): http://translate.google.com/translate?js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&sl=sv&tl=en&u=http://sverigesradio.se/sida/artikel.aspx%3Fprogramid%3D1646%26artikel%3D4311500&act=url [google.com]

Umm

[CSFFlame]

, wouldn't this royally screw up incoming connections unless they used some kind of rapid renewing PAT?

Wrong motive

[MrQuacker]

It would be nice if their motive really was righteous. They seem to be doing it just because it would cost them a lot to comply with every request the police made.

Re:Wrong motive

[guruevi]

Either way it's good for the customers. Google likewise decides to be notsoevil because otherwise it would cost them too much. Data retention is the wet dream of every mainstream politician these days, it allows for unlimited powers of coercion. The fact that storage is expensive and our governments are too broke to pay for it themselves is a blessing albeit a temporary one.

Re:Wrong motive

[dcollins]

"Google likewise decides to be notsoevil because otherwise it would cost them too much."

I'm pretty convinced that Brin & Page have some specific political-philosophical motivations for what they do (partly based on Brin's upbringing in the Soviet Union), and not exclusively a profit motive.

Re:Wrong motive

[horza]

Google is not a good example, as they have more cash in the bank than they know what to do with. I don't want to take anything away from Brin and Page, they have done a sterling job so far, but a small ISP in a competitive market with razor thin margins trying to take a stand is more impressive.

Phillip.

Re:

[AmiMoJo]

Can someone in Sweden comment on how mainstream this stuff is over there? People in the UK know hardly anything about online tracking, data retention, net neutrality and so on. Are the ISPs in Sweden taking a stand on principal alone or do these issues actually matter to their customers?

Re:Wrong motive

[smallfries]

As a Brit living in Sweden I can answer some of your question. People over here do care a lot more about internet access than in the UK - they want it to be fast, reliable and work as transparently as possible. You could say that internet access has become much more of a basic commodity over here. It is also used a lot more heavily. Unlike the UK market an unlimited connection means unlimited. There are huge untapped amounts of bandwidth in the backbone because the provisioning model used for building networks over here is very different. They assume that people will use bandwidth that is available to them and don't over-provision to the same level.

Privacy is a slightly different issue and it is much harder to see where the Swedish stand on it. On the one hand everyone over here is in many public government databases and nobody cares about it. There is even a website devoted to looking up peoples addresses and birthdays (and of course being Swedish it gets used to send flowers). On the other hand when people decide that they have a right to privacy on anything it is considered to be absolute. If the media over here is told not to publish a name to avoid compromising someone's privacy then it stays private.

There was a huge backlash over the IPred laws over the same issues (retention of IP traffic and linking it to real world identities). Many Swedish ISPs have already announced similar plans with respect to that law - ways of avoiding compliance to protect people's privacy. This new law is in effect the next salvo in the ongoing fight against the IPred laws and as such there is widespread support for avoiding compliance as much as possible.

Re:Wrong motive

[AmiMoJo]

I was one of the people who complained to the Advertising Standards Authority that "unlimited" in adverts actually means "limited" when you read the small print. Their response was that limits were a normal part of traffic management for ISPs so they are basically allowed to lie with impunity. No word on what constitutes a "normal" amount, e.g. T-Mobile used to advertise their mobile BB as unlimited when in fact there was a pathetic 3GB/month limit.

The attitude to provisioning sounds similar to Japan. If you build it, they will come. If your network is awesome you can offer lots of new services like reasonable quality video on demand and eat into other markets. If you network is shit you have to block BBC iPlayer in the evenings or only allow people to watch a postage stamp resolutions (e.g. BT, Virgin Media). Rather than seeing bandwidth as an opportunity they see it as a problem.

The privacy aspect is interesting. On the one hand we are the most watched country in the world, and on the other our internet access if fully recorded and available to the police. So we are pretty much screwed at this stage, and the much touted repealing of overreaching laws has yet to actually happen.

Re:

[narooze]

Also worth noting, the first case resulting from the IPRED law is, to my knowledge (I'm a Swede and all), still going. The ISP that the copyright holders have demanded personal information from is fighting it as hard as they can.

Even though there might be monetary incentives to the ISPs actions, that doesn't seem to be all of it. ISPs here really do seem to care about these things.

Re:

[migla]

I'm pretty convinced that Brin & Page have some specific political-philosophical motivations for what they do (partly based on Brin's upbringing in the Soviet Union), and not exclusively a profit motive.

Likewise, I'm sure the dude that started Bahnhof, the ISP of choice of the informed geek in Sweden, along with their current decision-makers, personally like integrity and whatever else "good" services they provide.

They are, however, a publicly traded company, which means that they must believe that bein

Re:

[tomhudson]

If the market would "feel" that lower quality service, fucking over their customers and selling them out to the man is better for the bottom line of Bahnhof or Google or any other publicly traded company, then players in the market would probably make that happen, sooner or later, whatever delusions of goodness the current leadership may have.

*cough* Facebook, Microsoft, SCO *cough*

Re:

[Seumas]

This wouldn't fly in America, where using encryption is in and of itself often considered "probable cause". The attitude is typically that if you are encrypting something (or care about your privacy), then you must be hiding something.

Re:Wrong motive

[Sique]

But if it's your ISP who does the hiding routinely and you have to pay extra to get clear text, which in turn means that everyone is doing it, what probable cause is it then?

Re:

[Aeternitas827]

It would really depend on the ISP. If it's a fairly small one who touts this as a selling point, and some of the major players (Comcast, MediaCom, AT&T, and so on) are available options, then it becomes a little murky; did so-and-so choose this ISP because they cover tracks by default, or was there some other motive? And given that the major ISPs are more easily able to offer at least competitive rates for service (at least in and around where I am), if not better rates, the field of possibilities nar

Re:

[Xtifr]

This wouldn't fly in America, where using encryption is in and of itself often considered "probable cause".

Citation needed. Pretty much every company I or any of my friends in the industry has worked for in the last decade has used encryption, and, in particular, VPN, which is the specific form of encryption being discussed here.

Even if I were to accept what you probably meant (that private individuals using personal encryption technologies like PGP may be subject to arbitrary arrest), which I don't, that still wouldn't affect the fact that we're discussing corporations here, not individuals, and corporations i

Re:

[MrL0G1C]

WTF? Did I just enter an alternative universe where google doesn't collect ridiculous amounts of information on everybody and have already given police forces bundles of information on people and only recently it was discovered hackers got in to their email system by using the back-door they put in. They've only just started too, see last link.

Sources: U.S. enables Chinese hacking of Google [cnn.com]

Google's private data grab means big legal trouble [reuters.com]

Schmidt offers Google's most chilling Big Brother scenario [computerworld.com]

Re:

[Anonymous Coward]

Why does the ISP have to engage in law enforcement at the ISP's expense? How about tax payers (who usually pay law enforcement costs) pay the ISP's costs to implement all the data capture and logging (and filtering).

Of course the ISP wants to reduce costs. They are not a charity. Would you work for free, assuming you had no other sources of income, no way to support yourself and/or family (housing/food/etc)? No? Gee, why expect someone else (i.e. an ISP) to work for free?

I know someone who works for an

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Wrong motive

[vegiVamp]

It's not nust about splitting log events. It's also about adding a lot more logging (you don't routinely log every connection from every customer, let alone the contents of them); but also the keeping of records for seven years. Given the amount of traffic ISPs push, that requires ungodly amounts of storage, which in turn requires ungodly amounts of power.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[vegiVamp]

I'm not the guy the AC knows, but...

> to trace and identify the source of a communication - Source IP address.
4 byte (for IPv4 - more for v6)
> to trace and identify the destination of a communication - Destination IP address
Another 4 byte
> to identify the date, time and duration of a communication - Time until TCP connection dies or UDP session ends
A date/time (4 bytes) plus another time - assume another 4 byte, to take it wide
> to identify the type of communication - being able to determine if

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[wvmarle]

They're a business, they're in the business to make money, and will find ways to make as much money they can. That's plain economics, every business tries to do so (and, one could argue, that includes non-profit organisations). Altruism doesn't make money directly - however it can give goodwill, promotion, whatever that in the long run increases the company's profits.

Now back to the altruism/principles part what this is about: like Google with their famous "do no evil" slogan, they want to be seen as carin

Re:

[Anonymous Coward]

They're a business, they're in the business to make money, and will find ways to make as much money they can. That's plain economics, every business tries to do so (and, one could argue, that includes non-profit organisations). Altruism doesn't make money directly - however it can give goodwill, promotion, whatever that in the long run increases the company's profits.

All true, except that we are talking about a Swedish ISP's not an American.
Bahnhof was started more for ideology than for profit. According to wikipedia [wikipedia.org] Bahnhof also hosted wikileaks.
They are also part of integrity.st [google.se], a collection of Swedish ISP's that have decided to abide by two nice rules.

"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence."

"Everyone has the right to freedom of opinion and expression. This right includes freedom to hold opinions without

Re:

[wvmarle]

Thanks, interesting. I don't know much about the background of random ISP's all over the world.

Nonetheless now he's set up that company to make a difference, the only way to keep doing what he's been doing is to turn a profit out of it. Maybe a lower profit than could be made with other business models - still he's got a business to run.

On a related note: in The Netherlands we have a chain called "wereldwinkel" - shops run mostly by volunteers selling fair trade stuff and handicrafts the organisation impo

Re:

[definate]

Thank you professor. I must have missed the part where "they're in it to make money", in economics we talk about value/utility as opposed to money. Else you'd hear about "Marginal Money" as opposed to "Marginal Utility".

People value things other than money, and to what extent varies with each person. The person who came up with these concepts envisaged an objective valuation which we would all use or move towards. Now a days, we know that's not quite true.

If this companies owner(s) are quite political, they

Re:

[definate]

WOW. If only I could have a cohesive thought.

That first line is fragemetned as!

Re:Wrong motive

[Kjella]

Bahnhof has fought for their customer at every step of the way, even when there's been no direct economic gain. They probably don't want to officially go out as some sort of "referee" saying who they think is right and who they think is wrong, but they've really done everything you could ask for. I don't know what it is you want, to announce themselves as the lawless ISP or the pirate ISP or anything like that would only be foolish in so many ways.

Re:

[jchillerup]

I don't know what it is you want, to announce themselves as the lawless ISP or the pirate ISP or anything like that would only be foolish in so many ways.

Why? For the record, the Swedish PirateISP [pirateisp.net] seems to do just fine. Granted, they only offer services to one city currently, but that city has one of the largest Swedish universities [www.lth.se], along with all of its student dorms. Honestly, I don't see why it'd be 'foolish' to have a pirate ISP, they are not responsible for their customers. If anything they're sure to get them, being the only company offering 1Gbps/1Gbps fiber connections to households (for $80/month).

Re:

[badkarmadayaccount]

I just got a boner.

Wrong, better motive

[SuperKendall]

It would be nice if their motive really was righteous. They seem to be doing it just because it would cost them a lot to comply with every request the police made.

No, because in the case of them being righteous it's all to easy to have your resolve worn away and eventually just start complying.

With a financial incentive to resist (and also I feel not a little of the righteous angle at work too), I can be sure they will struggle against this longer than they might have, since there's no way to measure levels

Re:

[catman]

Actually they do have to comply with the law and with requests from the police. It's just that with the VPN solutions the retained traffic data are meaningless. Better than wearing Anonymous masks wherever there's a surveillance camera.

Re:

[mcrbids]

It's important to accept the actions that people do that benefit you regardless of their motivations. Understanding their motivations is only useful in predicting future behavior, and perhaps to judge the veracity with which they pursue your common interest.

Never, ever decry an action that benefits you or a cause you believe in because the actor's motivations aren't the same as yours!

Re:

[Reality Master 301]

This is possibly the dumbest comment I've ever read on slashdot. Are you saying I should never ever say anything bad about something, if it slightly benefits me personally? For instance, if someone cut your head off and gave me a small part of the money in your wallet? Or if a popular politican was killed, because he/she didn't share my opinion on tax levels? Or if a mod decided to lock your account, because of your stupid ideas?

Re:

[bjoeg]

This law has been in effect in Denmark over several years now. And even when it is the law several ISPs does not log this information, simply because of the costs.

So maybe ISPs or justice department should put some more work into, what if an ISP does not comply with the law, what should then happen, a fine, cease and desist or.....?

Re:

[xenobyte]

It is very much about the principles. Consider the following scenarios:

A) The police suspects a specific person of a specific crime, goes to the courts and gets a warrant to intercept communication in order to gather evidence - and so on.

B) The police suspects someone may be committing a crime and request (no warrant needed) all logs in order to comb them for possible suspects and gather evidence against these suspects, if any.

No question that option B is the easiest for the police, but it is extremely inva

Re:

[undecim]

Who gives a damn? If it's good for the customers, it doesn't matter whether they were motivated by money, politics, ethics, aliens, or the FSM and his noodly appendage.

They've got their motives right

[aaardwark]

I think it's the right motive. They will still have to store the data, it will just be the same address everywhere. They were the first ones to drop documentation about their customers to avoid handing it out because of IPRED. In fact they started integrity classed ISPs [integrity.st] (in Swedish), when IPRED came. They've said they would gladly help investigations of serious crimes. What they don't want to do is mass surveillance against their own customers, and handing out that sensitive information for offences so min

Re:

[Per Wigren]

I truly think that you are wrong in this case. Bahnhof is different. It was started in 1994 by Oscar Swartz [wikipedia.org], a prominent liberal (not socialist) gay political activist and Pirate Party supporter. CEO Jon Karlung is also a liberal (who used to be editor-in-chief on Sweden's largest (?) porno magazine Aktuell Rapport in the 90s). Bahnhof is one of the few companies that is actually run by liberal ideologists and they are as interested in freedom (as in not giving more power to the government) as they are in r

Original Link

[intellitech]

If you can read it:

http://sverigesradio.se/sida/artikel.aspx?programid=1646&artikel=4311500 [sverigesradio.se]

Re:

[wvmarle]

Yes, and kudos to Google's machine translation. It was actually a pretty pleasant read, the sentences made as much sense as the average /. reply.

Re:

[intellitech]

Yeah, I was fairly surprised by Google Translate's skills, as well.

LE is not the real privacy enemy anymore

[Anonymous Coward]

The privacy violation and spying that Law Enforcement does is nothing compared to what google, facebook, twitter, linkedin, etc. are doing. I think the privacy advocates need to rethink who the real enemy is. With search, chat, mail, ads, analytics, like buttons, and other embedded icons/code spread throughout the web, these big web companies can gather more intelligence than anyone. LE has the goal of eliminating crime, big-web has the goal of raking in cash. Who is your real privacy enemy?

Re:LE is not the real privacy enemy anymore

[boarder8925]

Both are our "real privacy enem[ies]." Google et al make money off all the information they index and archive about us, and the law-enforcement agencies can turn around and demand that data to intimidate, harass, and persecute us. We're getting royally screwed no matter how you look at it, but at least Google can't send you to pound-you-in-the-ass prison, or beat the shit out of you on the way there.

Re:

[Ethanol-fueled]

the law-enforcement agencies can turn around and demand that data to intimidate, harass, and persecute us.

Oh yeah, well I like watching women suck horse cocks.

Do you hear me, NSA? Your perverted agents are jacking off to captures of my screen showing videos of women sucking horse cocks, aren't they? But they're allowed to watch it obsessively all day and go home and ejaculate to the thought of horse cocks while making love to their wives because they're not the ones who clicked those links, were they? You sick, sick fucks.

What you gonna do, tell my wife? She's a furry. What you gonna do, tell my boyfrie

Re:

[badkarmadayaccount]

I'm starting to like you.

Re:

[fnj]

Google making money off information they gather makes them my enemy how? The concept baffles me. OK, they know some guy's interests are airship design and history, politics, World War II history, various science and engineering topics, reading and commenting on slashdot, and collecting innovative LED flashlights. To the best of my knowledge they don't connect it to my personal identity (as if that would bother me). Somehow, that doesn't bother me.

Google et al make money off all the information they index and archive about us [makes them our enemy]

YES IT IS

[fnj]

Which one of the two is my real enemy? The evil son of a bitch who craves power, and when he gets it, turns it to spiteful and vindictive purpose, that's who. And that is most assuredly the government, not business (except when the two operate in collusion, which is becoming the fashion). Almost universally, law enforcement doesn't limit itself to eliminating crime. It cooperates with lawmakers to hungrily expand the definition of crime to include victimless "offenses," thought "offenses," and what it s

Re:

[GauteL]

The "evil son of a bitch who craves power, and when he gets it, turns it to spiteful and vindictive purpose" will seek out whatever route will take him/her into this position. Historically the government has been the easiest way of achieving this sort of power. As multi-national corporations continue to grow, this may well change.

Also, the behaviour of corporative executives are much less scrutinised by the media than the behaviour of the government. If Google did things you disapprove of, it is quite possi

Re:

[fnj]

I think it is less that megacorporations are to some extent replacing the government as the enemy, than that it is becoming more and more difficult to find a line of distinction between the government and the megacorporations.

Re:

[luther349]

both are but lawmaker are the worse of the evil when it comes to this. google etc profit lawmaker will come bashing down your door for saying something abought oboma. the less control the gov has over the net the better. well relly the less controle they have over anything is better. look at heathcare ssi and so forth all runed by are gov.

Re:

[Burz]

In Corporatism the powers of law enforcement are merged with the interests of large corporations. They are now just two sides of the same pervasive-surveillance coin.

I knew it.

[santax]

All that fresh air and clean water (and as much as I hate it, anti-alcohol-policy) had to be good for something. Little did I knew it would be common sense that would benefit. I'm not from Sweden but as soon as I can afford to be an alcoholic there I will immigrate to it!

Re:

[badkarmadayaccount]

Do benzos - they're dirt cheap everywhere, and are more fun.

Re:

[Neil Boekend]

Please correct me if I am wrong. I am not a native English speaker and may have confused Dutch stuff with it.
Assuming he currently lives in the US he would be emigrating from the US and immigrating to Sweden. True?
Now he wants to live in Sweden, so his spelling and grammar were correct, true?

I think I love the Swedes

[kheldan]

Is it difficult to obtain citizenship there? I think I want to move.

Re:

[Carewolf]

Swedish residence is easy. It is one of the things that is really attractive about Sweden (and I say that as a Dane, we are usually forbidden by social taboo from saying anything nice about Sweden). Should be noted that Swedish ISPs with this move are apparently the most compliant in Europe, so anywhere in Europe would be attractive, but Sweden is the nicest to immigrants.

Re:

[metacell]

If you can get and keep a job in Sweden, it's very easy to obtain citizenship. I think you can get naturalised after having lived and worked here for around a decade.

There are a number of backsides to Sweden too, of course, like the crushing political correctness, and a less than encouraging attitude to people who try to take initiatives (like starting new businesses).

Re:

[I8TheWorm]

Once I read about the monopolized alcohol stores I was out.

Re:

[Anonymous Coward]

Is it difficult to obtain citizenship there? I think I want to move.

You can apply for citizenship online. [migrationsverket.se]

This rather funny crash course in Swedish [slayradio.org], concentrate on some of the more important aspects of the Swedish language that English speakers have hard to grok on their own (it only covers the rather simplistic (almost as simplistic as English) dialects around the Swedish capital). Most people that move to Sweden as adults never learn to speak good Swedish. It is especially hard for English speakers as they can cheat and get by using their native language, e.g. we had a wa

Viking Heritage

[andersh]

Well, English is a close cousin of all the Scandinavian languages, but more to the point Old Norse.

The original Old English language was influenced by two waves of invasion: the first by speakers of the Scandinavian branch of the Germanic language family, who conquered and colonized parts of Britain in the 8th and 9th centuries; the second by the Normans in the 11th century, who spoke Old Norman.

However it was the Danish and Norwegian Vikings that attacked and settled in Britain. Have you heard of the Danelaw [wikipedia.org]? So it would be more precise to say English has a closer relationship with Danish/Norwegian than Swedish.

In fact some dialects still exist in the northwest of England that sounds like modern Norwegian (BBC, 2008). Indeed, modern genetic sampling and research reveals a lot of Viking blood heritage [youtube.com] in England, Ireland and Scotland.

The influence of this period of Scandinavian settlement can still be seen, and is particularly evident in place-names: name endings such as -howe, -by ("village") or "thorp" ("hamlet").

Furthermore many British island groups, including the Isle of Man(n) and Shetland [bbc.co.uk], belonged to Norwegian Kings for hundreds of years. Indeed York [historyofyork.org.uk] was once known by its original name Jorvik. Dublin (Dubh Linn) [dublinks.com] and other Irish cities were Viking settlements.

Then later the descendants of Norwegian/Danish settlers in Normandy, France, decided to invade and conquer England. Of course by that time William the Conqueror and his men spoke French. His father again was the well known [Norwegain/Danish] Rollo, or Hrólfr, who forced the French king to sign a treaty ceding part of the province to him, from which it took the name of Normandy [normandie-tourisme.fr], the country of the Northmen.

Ironically it was the attack of the invading Norwegian Viking army under King Harald Hardråda [wikipedia.org] and Tostig Godwinson, brother of the English King, that led to the fall of England to the Normans. King Harold [wikipedia.org] managed to beat the Norwegian invaders at the Battle of Stamford Bridge [battle-of-...066.org.uk], near York, but was not strong enough to withstand a second attack by the Norman army. In 1066 at the time of the Battle of Hastings [battle-of-...066.org.uk] the languages were mutually intelligible.

Swedish Vikings moved east and played a major role in the development of Russia [pbs.org]. These Vikings are know as the Rus and it is from this name that the name of Russia has been derived. Actually the Rus were Swedish Vikings meaning the northern Germanic tribes which setteled in Sweden. The Term Rus was not what they called themselves, but the name given them by the Finns. Today Sweden is Ruotsia in Finnish.

English, the three Scandinavian languages, Icelandic, Dutch and German all belong to the Germanic language family [wikipedia.org].

They'll just legislate to prevent ISPs doing this?

[wdef]

If they can. And how long will it be before routing traffic through Tor or any darknet becomes illegal?

Re:

[luther349]

being its imposable to track tor packets and the same for vpn such a law would be just as useless.

Re:

[wdef]

Don't they just have to outlaw any connection to a Tor node on the right port that looks like Tor traffic? I didn't say they needed to catch everybody - just catch enough. Set up a sting node and track IP addresses of those who connect. Busted. Or make it illegal to download or possess Tor or Freenet client software. Easily flouted but that's not the point.

Re:

[luther349]

tor and vpn traffic just comes up as useless data they cant even tell where it came from. just shows up as encrypted packets.

Re:

[wdef]

Banking transactions don't normally go via a known anonymizing darknet do they? And I didn't say they'd make SSL illegal which would be ridiculous. They don't need to enforce the law consistently especially in civil law countries (Europe) where case law does not have the weight it has in the US/UK. They can just enforce it upon whomsoever they feel like enforcing it on who happens to be running a Tor node for example. The list of tor nodes can't be hidden. Maybe they'd be in conflict with laws design

Why this convoluted solution?

[Carewolf]

Why don't they just ignore the law like danish ISPs, or mostly ignore it like most ISPs in Europe (noting that UDP is practically impossible to store "connection" information about)??

It seems the Swedish ISPs are way way behind in "rebelling".

Re:

[Tim C]

There's a difference between ignoring it and actively taking measures to thwart it; the latter sends a rather stronger signal.

Re:

[Carewolf]

It sends a stronger signal of taking the law serious. As long as nobody cares, it is not effectual law and can not be enforced, by circumventing it you are acknowledging the law and could be liable for trying to circumvent the law.

awsome for isp stupid for lawmaker

[luther349]

nice you guys get a fee vpn. the usa is trying for the same push even thow i dought it will get anywhere.even if it does what do they think the users will do. that right vpn everything. and probably most isps to. and no comcast doest count they will just raise your prices again and bend to anyones will.regardless of there motives and what lawmakers are trying to cheap skate out of its not the isp responsibly to track there users. lawmakers just wanna get around having to get a warrant for such actions to b

How does this thwart the law again?

[Vrtigo1]

I didn't read TFA, but if the ISP is providing the VPN service, then they must control the VPN endpoint where the traffic is decrypted when it leaves their network. If that's the case, then it seems to me that they would still be obligated to log all of the traffic at that point, thus negating the whole point of using VPN in the first place. Maybe they've partnered with a 3rd party to provide the VPN service to get around this?

Re:

[a_n_d_e_r_s]

No they are only forced to store certain type of information and by bundling the VPN with the internet access they can honestly say - when the police asks them who was using a specific IP-adress at a specific time - " We dont know".

Who was using the VPN service at a specific time is not something that they have to store.

Re:

[Vrtigo1]

Your comment didn't really address the issue I brought up. If they provide the VPN service, then they're still issuing subscribers IPs from their IP space.

The proper resonse

[Jawnn]

from the ISP's would be, "Piss off. You want logging, bring a warrant... and the equipment required to store it. I'll make the required configurations and provide the network connections for our standard fee."