Germany: Data retention to be abolished

I totally support this. It still amazes me that companies still do not delete/anonymize user accounts after periods of inactivity. Everything that is linked to your email address should be purged after 3-12 months of inactivity, including ecommerce like Amazon, game platforms like Steam, cloud storages like Dropbox, or even Hackernews. Good luck trying to find old accounts that you have used years ago, what if they were breached and now they are used by people with bad intentions. In my country (Romania), even barber shops that store user accounts for longer periods than necessary are fined the shit out of them for not closing accounts due to inactivity. Some years ago, I woke up with an inactive G2A account telling me that I have to pay a fee for inactivity. NO! I don't have to pay anything, purge it!

Key seems to be &quot;<i>without any reason</i>&quot;.<p>An example: here in the UK the limit on taking legal action on most civil issues is 6 years. This means it is perfectly reasonable to have a 6 year retention policy and indeed that&#x27;s what most companies do.

I&#x27;m glad about this decision. Anyway removing all personal data from logging will be a huge project in large organizations. I&#x27;m thinking about IP addresses [1] which are often used to aggregate requests, debug, etc. Wireshark could become a hot tool to handle.<p>I didn&#x27;t spend much time to think about it so I might be totally wrong but anonymizing IP addresses is probably not easy unless we give up aggregation. I think that anything that uniquely maps IP addresses also becomes personal data, e.g. cookies.<p>[1] <a href="https:&#x2F;&#x2F;www.whitecase.com&#x2F;publications&#x2F;alert&#x2F;court-confirms-ip-addresses-are-personal-data-some-cases" rel="nofollow">https:&#x2F;&#x2F;www.whitecase.com&#x2F;publications&#x2F;alert&#x2F;court-confirms-...</a>

This is about ISPs (no one else) that currently have to store a lot of data way longer than necessary to serve the customer or for technical reasons, so that law enforcement can „travel back in time“ once they have a judicial order. It‘s like putting a GPS into anyones pocket so that the government can always trace your whereabouts. In the future, storing that data will already require a judge to be involved, preventing mass surveillance (or at least, makes it a little bit harder for everyday law enforcement to access the surveillance data).

Also, quite relevant for data processing and consent: German DSK issues cookie guidance with strict requirements for cookie banners, consent and using US-based providers, <a href="https:&#x2F;&#x2F;twitter.com&#x2F;OdiaKagan&#x2F;status&#x2F;1473725634102939650" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;OdiaKagan&#x2F;status&#x2F;1473725634102939650</a><p>Germans are quite pissed about their privacy, and for good reason. I also like that they are taking matters into their hands.

It is unclear to me if this means that ISPs cannot retain data, or a revocation of the law requiring ISPs to retain data.

except for tax reasons. then you have to keep track of every penny for a thousand years.

Are Messenger&#x2F;WhatsApp messages also telecommunications data?

The new center of the world

And what can we learn from this story?<p>Middle-Left coalitions are actually a pretty good idea.

Since June, the German government allows even police to secretly spy on Germans &quot;preventively&quot;, i. e. without suspicion or proof of crime or future crime and without decision by court of law, by installing trojans on their phones and PCs, i. e. through the app store. &quot;Your right to privacy is being respected in Germany!&quot; - This is not true.