Abstract
Providers of commercial Virtual Private Network services are expected to protect the privacy of their customers, but also to co-operate with law enforcement in legitimate criminal investigations in accordance with the law. In a case concerning a commercial VPN service, the seizure of VPN user logs was challenged in court by the service provider, a Finnish cybersecurity company. Drawing on this case and the reasoning adopted by the national courts, this paper explores the dual role of VPN service providers and the fine line between subscriber data and traffic data in Finnish law and on the European level. Ultimately, it is argued that uncontrolled and unlimited law enforcement access to VPN user logs would jeopardize privacy rights and the business interests of legitimate VPN providers, and that it might additionally lead to undesirable consequences for law enforcement interests.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
