Indeed, that has come to my attention. And it presumably applies to VPN services. This is bad http://ec.europa.eu/taxation_custom...t_works/telecom/explanatory_notes_2015_en.pdf Why haven't we heard of this months ago?
Yes. This was published eight months ago Numerous EU-based VPN services will need to deal with this. And nary a peep, so far Edit: The data retention law was about censorship and law enforcement, and so attracted the attention of privacy advocates and activists. Perhaps these regulations have attracted so little attention because they're about tax accounting, which isn't such a hot-button issue in the EU.
What? VPNs fell into this category as well? Why were they immune to data retention law that affected ISPs back there?
That will complicate whole taxation process and also affect customers privacy. This new changes might be connected to legislation that will eliminate roaming fees for using mobiles in EU by 2016. So we will have to pay taxes in country where we get service. Because countries use different tax rates, prices for roaming will probably still be different in each country. I just hope that we won't get different price for each country.
It will also affect e-books and music downloads. This link gives examples of how things will be applied http://ec.europa.eu/taxation_customs/taxation/vat/how_vat_works/telecom/index_en.htm
I don't understand how VPNs weren't covered by the data retention law. Maybe it's just that the law's authors weren't focusing on VPNs.
Maybe. Have VPNs become renowned by the public so the authorities decided to start worrying about them? If yes, blame Snowden for that.
Logically, doesn't this just extend the identification from the ISP to the first hop VPN? Once you're beyond that, then situation as now?
Well, if your second, third or whatever VPN service is located in the EU, it must know where you are located. If your location is ambiguous, the VPN provider will need documents. This is very bad No VPN service doing business in the EU will be usable for anything beyond the first hop.
I just came across this: http://www.pwc.com/en_GX/gx/tax/indirect-taxes/assets/pwc-small-change-big-impact-eu-tax-regimes.pdf It's going to be a mess
VAT implies a payment and a payment almost always implies the use of a card or another payment instrument that usually gives away your location. So from this point of view, I'm not sure that something really changes.
Right. But many providers accept Bitcoins. Will address verification now be required? From what I've read, it's unclear. Given the risk of audit and penalties, providers may start requiring ID, or no longer accept Bitcoins. Time will tell, I suppose.
Seems to me, this problem can be split into two parts: a) the first hop, where you might have to provide your details and use credit card, but this is only extending what is already known from the last-mile ISP. What happens after that is not effectively under this legislation. b) while it is possible that the EU will demand the EU-based providers demand proof from their customers where they are based (ones who claim they are NOT EU based?), they can hardly do this for providers who are not based in the EU, and have no evidence that the customer is in the EU. Of course, this kind of legislation is a nonsense for VPNs, but that's nothing new for the EU.
Maybe it's not as bad as I thought http://blog.sellfy.com/new-eu-vat-rules/ Users connecting via VPN could just browse https://www.maxmind.com/en/locate_my_ip to get the country (#2) matching their IP address (#1) and then specify it during checkout. That provides "two non-contradictory identifiers". That would also be doable via Tor, as long as the two connections have the same exit IP address. Paying with Bitcoins, there is no #3, and so no contradiction is possible However, the "based on" bit could be taken to imply that #3 can't be null. That is, it might be necessary to assess "credit card (or Paypal) information" during checkout, even if it won't end up being stored. If that (rather paranoid) reading is correct, Bitcoin payments will essentially be unworkable, because there's no associated billing address. Let's hope that I'm wrong.