SoylentNews

takyon [soylentnews.org] writes:

+security

A virtual private network (VPN) provider has exited Russia following the seizure of some servers [torrentfreak.com]. The seizure comes months ahead of a deadline to comply with a new data retention law:

Private Internet Access is informing users that some of its servers in Russia may have been seized by the authorities. The company believes that it may have been targeted due to its strict no-logging policy, something which puts it at odds with Russian data-retention rules.

[...] In an email sent out to its users, PIA explains that due to the passing of a new law last year which requires Internet providers to hold logs of Internet traffic for up to a year, it has become a target for Russian authorities. "We believe that due to the enforcement regime surrounding this new law, some of our Russian Servers (RU) were recently seized by Russian Authorities, without notice or any type of due process. We think it's because we are the most outspoken and only verified no-log VPN provider," PIA announced.

The law to which PIA refers was passed by Russia's State Duma in July 2014 and enacted September 2015. It requires [theguardian.com] that all web services store the user data of Russians within the country. This means that international companies could be forced to have a physical local presence, to which Russian authorities potentially have access. While the deadline for compliance is technically September 2016, Private Internet Access says that given the server seizure and future privacy implications, it will no longer be doing business in the region.

"Upon learning of the [seizures], we immediately discontinued our Russian gateways and will no longer be doing business in the region," the company says. "Luckily, since we do not log any traffic or session data, period, no data has been compromised. Our users are, and will always be, private and secure."

Original Submission