Worldwide Data Retention Laws – Breakdown By Country

Data retention is a big thing when it comes to VPN's. Knowing which country your service provider is governed by is crucial in understanding which law's they must follow. This not only impacts their regulatory requirements but also YOU and YOUR DATA.

We must not confuse data retention laws with the Data Protection Act (which is a whole different subject). Data Retention is what some countries must comply with depending on the ruling government of their country. It relates to the storing, encryption, file types and the length of time a business must keep data on its customers.

As you can imagine, we use VPN's for privacy and to protect ourselves online, so knowing that by making a simple request for information, your VPN Provider may have to have over everything it has on you is concerning, to say the least.

The table below outlines the data retention laws of each county (The Americas, The EU, and Worldwide).

CountryData Retention?Retention PeriodAuthorisation Required To Access Data
AustraliaYES2-YearsAccessible without a warrant.
Czech RepublicNORuled unconstitutional and found it to be infringing on the peoples right to privacy.
DenmarkYESEU data retention directive implemented
GermanyNOIntroduction of data retention, pending final decision.
ItalyYES2 Years - Telephony Data
1 Year - ISP Data
NorwayYESEU data retention directive implemented
RomaniaNODeclared Unconstitutional
RussiaYES6-Months
SerbiaYES12-Months
SlovakiaYES6-Months
SwedenEU data retention directive implemented
SwitzerlandYES6-Months
United KingdomYES1-Year
United StatesYES2-Years