amuck-landowner

Best EDIS location for privacy laws?

MannDude

Just a dude
vpsBoard Founder
Moderator
Looking at EDIS KVM line, so many locations to choose from! I'm looking at setting up a non-US mailserver for personal use, to replace my reliance on Gmail in a country that is known for being good for these things.

Any recommendations?

Generally speaking emails just consist of invoice notices, notifications someone responded on a forum, masonic secrets, and stupid Amazon spam. I don't really 'need' it outside the USA, but this is my limited ability to say, 'Fuck you Google and NSA' and all that jazz.
 

Mun

Never Forget
None of this does you any good, unless you encrypt all data coming out of the server and all emails are sent/received over SSL. The largest portion of how they data mine is at large data points. The reason being is the second  you view your email or have a friend send you an email from X mail provider in the US, it is already caught.

Mun
 

XLvps

New Member
Server location: Douglas, Isle of Man

This is one of their listed KVM locations.   That's a new one for me.
 

Ruchirablog

New Member
If you dont receive anything much important why would you waste time setting up mail servers and things? just think about spam filtering of both. Gmail is just reliable and works out of the box so if I were you I will be sticking with Gmail for these stuff
 

raindog308

vpsBoard Premium Member
Moderator
why would you waste time setting up mail servers and things? 
Dude...this is vpsboard.

To to OP, Germany is subject to the EU data retention law (while ironically there is no retention law in the US).  I'm not sure about Iceland but they probably are as well.
 

rds100

New Member
Verified Provider
I think Germany refused to implement this law, while all other (or most other) EU countries implement it. And Iceland is not in EU so it is not bound by stupid EU regulations.
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
Some points:

1. Determine country of ownership.   Officials there can/will use long arm to get at remote data.

2. Determine country for hosting and what is protected and who.  Are foreign nationals included?

3. All international traffic is NSA mass dumped/port mirrored.  So it is 24/7 heavy crypto or wasting your time.
 

ttt

New Member
I think Germany refused to implement this law, while all other (or most other) EU countries implement it. And Iceland is not in EU so it is not bound by stupid EU regulations.
That is correct. Germany does not have that data retention, even though it is EU law, because the German Federal Constitutional Court has ruled that this EU-directive is against the German constitution. After that, the European Commission issued an ultimatum to Germany to enact a data retention law until March 2012. The German government, however, did not enact anything. So the European Commission has initiated a court proceeding at the ECJ. However, nothing has been decided yet.

All other EU member states - except the Czech Republic and Romania - have enacted those EU-directive to my knowledge. The Constitutional Court in the Czech Republic and the Romanian Constitutional Court had a similar ruling as the German Constitutional Court. Even Austria has followed suit in enacting the EU-directive after they retained from doing so for about a few years. Besides that, also Switzerland (as being a member to the European Free Trade Association) has enacted a data retention law.
 
Last edited by a moderator:

MannDude

Just a dude
vpsBoard Founder
Moderator
That is correct. Germany does not have that data retention, even though it is EU law, because the German Federal Constitutional Court has ruled that this EU-directive is against the German constitution. After that, the European Commission issued an ultimatum to Germany to enact a data retention law until March 2012. The German government, however, did not enact anything. So the European Commission has initiated a court proceeding at the ECJ. However, nothing has been decided yet. .

All other EU member states - except the Czech Republic and Romania - have enacted those EU-directive to my knowledge. The Constitutional Court in the Czech Republic had a similar ruling as the German Constitutional Court. The Romanian Constitutional Court had a similar ruling. Even Austria has followed suit in enacting the EU-directive after they retained from doing so for about a few years. Besides that, also Switzerland (as being a member to the European Economic Area) has enacted a data retention law.
Welcome to vpsBoard, and nice first (and informative) post!
 

vanarp

Active Member
I agree with @Mun and @buffalooed that there is no way your mails are 100% private.

I have a feeling that the more anyone tries to over smart NSA will only attract them better.
 

drmike

100% Tier-1 Gogent
The nature of email is just plain problematic --- all the plaintext sending of messages.

I've hoped for years that we'd do away with email unless entirely encrypted.

Better yet, email over something like XMPP.  Unsure why development processes keep getting wasted on another email client, web mail, server, etc. when the underlying technology is severely in decline.

Don't let me discourage you though.  Everyone ought to be thinking like this.   I lock my door for a reason, to keep the casual criminal outside   This is one of those similar responses to the day and time we live in.
 
Last edited by a moderator:

MannDude

Just a dude
vpsBoard Founder
Moderator
I mean, what if you had a email server in Germany and a remote desktop in Hong Kong? I don't need that level of security, but instead of accessing the emails locally you could just view them on your remote desktop?
 

Mun

Never Forget
I mean, what if you had a email server in Germany and a remote desktop in Hong Kong? I don't need that level of security, but instead of accessing the emails locally you could just view them on your remote desktop?

Where did the email come from is a better question. If the email came from a person sitting in San Francisco, CA and goes through any email provider based in the US, even with a HTTPS session would still be caught and archived by the NSA. On the other hand you would be per say more secure for sending emails as they would hop to the nearest server if that server was out of the reach of the NSA.

Now all that being said most of the EU/US countries co-exist and will share data so pretty much if your data leaves Germany you are screwed.

It would be better to change how you use email instead, and move to something else. 

I am personally going to change all my websites to https, due to what has happened. Theoretically as long as your server isn't compromised all PMs on my forums would be secure. So it might be advantageous for you to move vpsboard or another site to https and send your content via those methods.

Mun
 

maounique

Active Member
For this to work you need end2end encryption. No matter the country, the server can be seized. In germany, for example, US can say you operate a child porn ring and they need the data for evidence. If it is not encrypted it is useless.

So, you need a system with public/secret keys. Even so, NSA can compromise one end or even social engineer you/trojan/break into your computer for the key(s). Security can work if you do not make any mistake and there is end2end ancryption, only then you can be sure (except your other end being actually compromised).
 
Last edited by a moderator:

RusFoster

New Member
If you are transmitting information / data that is that important the NSA wants to look at it, they will find a way. Generally you should assume that anything sent in email is around the same level of privacy as a text message. 
 

Mun

Never Forget
If you are transmitting information / data that is that important the NSA wants to look at it, they will find a way. Generally you should assume that anything sent in email is around the same level of privacy as a text message. 

Actually that is the real question, what data is the NSA actually grabbing, and whom is it being directed at?

Mun
 
Top
amuck-landowner