this post was submitted on 24 Mar 2025
44 points (92.3% liked)
Technology
68567 readers
3980 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I think you're putting the cart before the horse. I'm not suggesting they destroy information after a court order.
They do have to comply with various laws, but they are not required to store user information at times when there's not pending legal filings, and they are not required to store that information for every single user even if there were filings. Courts have to make very concise requests for information. They can't just say, "Give me your entire database," unless there was a prescient reason why the entire database was required to make the case (and a judge would have to weigh whether collecting the information of unrelated parties was too invasive).
Yes, but they do not have to. They do, in order to service their instances, but unless there is a law that compels storing identifying information, they do not have to do it.
If identifying-information-storage was so vital, logless VPNs wouldn't exist.
Anyway, all of that is beside the point. No business will break the law for you. They're "refusing" to comply, because they don't have to (jurisdiction), they have had a torrent of bad press lately, and they're trying to put on an air of being user-centric to entice people to stay.
I see no technical reason why a VPN would need to store outgoing connections. I would be surprised if they didn't store incoming connections, but I don't actually know.
Anyway, just don't make stuff up. You're not making the world a better place. You ever heard of these Qanon guys? They made up a lot of shit and they didn't make the world a better place.
I do. Which is why I used that example. If you want to get really technical, they do store that information, but only for a very short time and only in RAM. That means that when the server power cycles or the system does garbage collection, those temporary logs are gone. Your personal incredulity or ignorance is not my problem.
How dare you accuse me of being of the same caliber as Qanon. You don't know me. Fuck off with your Reddit apologetics.
Arrogance aside, there are also technical reasons to persist connection data longer than would make sense in RAM. Supporting after-the-fact problem investigation is one big one. If your incident-reponse SLA is one working day, you need to keep the data at least that long.
Yes, but that's not the only reason. It's also done to track users; specifically to detect ban evasion and such things. Detecting DDoS attacks or scrapers might also be a purpose. Your instance only gives the first as a purpose, though. EU sites are legally required, per GDPR, to disclose such things.
I don't know how I should reply to this level of aggressive ignorance and willful disinformation in a way that does not appear arrogant.
I know that you recklessly spread disinformation and react to proposed facts with hostility rather than curiosity. I don't know more about the qanon people either.
Prove it.