Fight surveillance law in Romania

FlokiNET Stands Strong Against Romania’s Surveillance Law

With growing surveillance laws, protecting data has become a challenge. Recently, Romania proposed a law that threatens online privacy by forcing hosting providers to intercept communications and share data with authorities. FlokiNET is committed to defending your privacy, and to fight surveillance law in Romania here’s how we’re standing up to this surveillance law.

What is the Romania Surveillance Law?

In February 2022, Romania introduced a law that could significantly impact online privacy. This law would require hosting providers to monitor, decrypt, and share user data with authorities. It mandates that providers intercept encrypted communications, such as SSL/TLS traffic, and turn over sensitive data, including browsing history and IP addresses.

This law could have serious consequences for privacy and data security. It would compel companies to hand over user information to the government, potentially violating constitutional rights.

How does it influence the hosting and cybersecurity industry in Romania?

The law will require:

• Hosting provider to intercept communications, provide customer data and decrypt data if necessary, also at their own expense.
• IP resource hosting providers and electronic communication providers “to grant, at the request of authorized bodies, under the conditions of this law, the decrypted content of communications transited in their networks”

How does this impact You?

The impact that this law has is:

• decrypt encrypted content. So for example SSL/TLS based data has to be decrypted on request. In case the provider has access towards your key (for shared and managed hosting this is always the case, the same for most DDOS filter)
• provide details about website visitor (IP log)

How will be FlokiNET affected?

The law does include also foreign provider operating IP / network in Romania. However we and our legal team does clearly sees the proposed law as illegal under Romanian constitution as well as under EU law. All passwords, decryption keys, SSL keys etc are managed by FlokiNET ehf Iceland and handing them over would violate Icelandic law. We are more then willing to discuss this in court and will not cooperate in any matter that would break Icelandic law.

As a FlokiNET customer, you don’t need to worry. We will continue to protect your data to the highest standards. Even if the law passes in Romania, our services will remain unaffected.

Customer data remains safe?

Yes, it does! All our server are encrypted, without the keys stored safely in iceland no data can be decrypted.

Should I move my hosting / server towards a different location?

There is no need for this, we will notify our customers if anything changes. Rest assured that we are always on top of any developments and will adjust our services accordingly to keep you secure.

What action will take FlokiNET to ensure customer data safety?

Since FlokiNET was founded in 2012 customer data protection is our DNA. FlokiNET is not just a hosting provider. We understand that your business depends on secure data, and we are here to protect it.

This includes the encryption of all data and several technical and legal measurements to make sure this data remains safe. However, if the law is enacted in Romania, we will immediately challenge it in court and are confident in our ability to successfully appeal the legislation. We will fight surveillance law in Romania in case it is enacted.

Conclusion for our customers:

No changes or worries required for now. In case the situation changes we will let you know.

What can you do?

In our previous blog post we mentioned that the Romanian Senate is due to vote on a piece of legislation that severely crippled the ability that hosting companies have to provide secure services to you, the customers. If you want to take a stand against this, we urge you to send a letter to the Commissions inside the Romania Senate, as well as the representatives of Romanian political parties.

You can use the letter below as a template, add your own position to it, and send it. We recommend you act sooner rather than later, since the vote on this piece of legislation is scheduled, most probably, for Monday, February 14th.

Think of it as sending a Valentine’s Day letter to a secure Internet. 😉

The blog entry with the background: