New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Anyone here ordered from HETZNER, got rejected, and suggested to try another company?
This discussion has been closed.
Comments
Telling you that they will only provide a service if you provide them a copy of the ID is a demand, not a request.
The basis for the law, is that companies do not need to have a copy of your ID to verify your identity, there are other ways to do it, so companies can't justify it that way. That's the government answer to this common argument.
I do think that you are right about being a national law, but I'm not sure how much of it, if anything, is based on EU laws.
No one ever argued against that.
Doesn't make sense to me. Companies may refuse business with people not providing a method to identify themselves, especially in the IT segment, when the identity is relevant for the execution of the contract and to assess responsibilities. Companies cannot "demand" as in "force", they're not the police. No surprises here.
Not in mine dimension. Refusing business with someone if they don't grant access to unnecessary personal, sensitive data (and under the GDPR this definition has been ostensibly extended in some EU States) is something discriminatory or otherwise illegal; asking to identify someone you can't check vis-a-vis with a method good enough for the scope yet bad enough so that it can't be used to fake IDs is fine given the context. If they asked HDR HQ color scans of a passport and if a simple b&w scan with photo and other irrelevant portions for the scope of identifying the subject hidden wasn't enough, then they'd ask for something you could complain about.
GDPR btw operates at a different level, the data you've given to the the provider (and that has been proven faithful) is restricted as per how is accessed and used by the company and you shall have given consent to its process. Without consent to process your data (the same data that appears on your ID) necessary for the service you're buying, any business can refuse to deal with you.
The fact that here we have to remark that a German business, making business in Germany, executing the contract in Germany (or in Europe in general) has to follow German and European law and not the law of same unnamed third party country claiming jurisdiction in Germany; and the fact that here we have to remark that a company as big as Hetzner probably isn't engaged in a pattern of abusive data scraping... is something that perplexes me, a lot. Feeling rejected is a hell of a issue for someone
EDIT
Absolutely legal if that data is necessary for the execution of the contract or to provide a service
I guess we will disagree on that, like I said in a previous comment, nobody is entitled to service from any hosting provider and you do not 'need' or are 'dependant' on it in a way you are being forced to provide ID.
It's their choice to have you as a client or not. If they require you to jump through an additional hoop of providing ID then it becomes you choice as to whether you comply.
Individual countries may have rules specific to what businesses may ask their own citizens for, but there is definitely nothing that says a service provider in one country cannot ask for identification of a person in another country.
Going back to the example of opening a bank account, if in your country a bank would not ask for identification from me a person in the UK to get an account open with them then I need to know which country you are in. I have a number of accounts I would like to open in various names for umm reasons....
But then I know that it not true if you are in the EU, all banks in countries within the EU have the same rules around KYC (Know Your Customer), and all must request ID even for their own citizens (that are not current clients). That is part of EU regulation, note regulation, not law.
Anyway, it's an interesting topic but the bottom line is nothing is going to change the main issue, and that is, you want service? You may need to provide ID or find another provider!
There are two more options: go complaining about it (as legitimate as free speech goes, but won't change a thing), and go calling the police
3rd Option: Legal action, cause loosing thousands every day I am being refused a server.
after this looooong discussion, where is @asep_dadang ?
move on
AM I BEING DETAINED??
I feel you dude. I had this girl back in high school, her name was Hetzner. I had a big crush on her. So one day, I got the courage to walk up to her, asking her to a dance. She took a look at me, and just laughed and said no. She said I should go find someone else for company.
I still have not gotten over that. Rejection is a hard to get over.
you missed to tell the part where she asked you first to bring her flowers and then rejected them and you anyway ;-)
You missed the part where the government believes companies can achieve that goal without requesting a copy of the ID.
When a company refuses to provide service on that ground, then it becames a demand, which is illegal.
It's not my opinion, its how the goverment justified the law, because as you might guess there were plently of large companies complaining.
I can decide to consent to a lot of stuff, like being part of a crime, doesn't make it legal.
You're arguing against a law, not me.
Not really. Businesses can't just deny service because they feel like it, that's a common misconception.
There's plenty of big businesses that act unlawfully (I'm not accusing hetzner of being one).
Simply not true. No company can decide that an illegal process is necessary thus acceptable in their case.
I even posted the government answer to this specific argument. I haven't yet given my opinion on the matter. Keep that in mind.
Can you provide a link to the government site with the info. Genuinely interested in this.
LET readers, thank you to those of you who have tried to clarify information in this thread. Should anyone have any other serious questions about our data protection policies and how they apply to our account authentication process, or about how we adhere to the EU's GDPR or Germany's "BDGS-New" regulations, please write to our data protection officer at [email protected]. --Katie, Marketing
Businesses can't just deny service, that's simply not legal in many countries. Businesses need to have a valid reason to deny service.
They cannot ask you to do something that is illegal or against your rights. I don't think its different anywhere else in the world.
Businesses are not an godlike entity that can do whatever they want.
I think my post was pretty clear. Even with the previous law, companies could ask to see the ID, what they couldn't do is to ask for a copy which is the only way you can email your ID (for instance).
And again, they can see the ID, they just can't get a copy of the ID.
Read above.
As a sidenote. Banks are one type of entity that is complaining about the law.
Maybe in case of hetzner. If it was here I could just file a complaint, they would be fined and forced to give me service.
To be honest, I probably wouldn't do it as I don't really care. I'm more of a get along with person and if I don't like some company procedure I just don't do business with that company. But yeah, Its an interesting topic.
I for one have no issue with sending an heavily censored ID.
I'll PM you.
Google Translate will be your friend... (hope?)
That closer to truth. Only police can ask to see your passport ID card, but not take a copy. And if you take credit from bank, they can copy your passport ID, because they need to find you if person disappeared. If no credit provided, company not have a full rights to ask for it.
@404error
Your take on it is wildly incorrect. I deal with this stuff recurrently.
"The government" doesn't make the assumption that companies can identify users, companies don't have such a job to begin with. Private entities aren't the BPOL, companies cannot "demand" (or "order" as you suggested) to exhibit some documents.
Usually, and for most services, accurate identification of the users isn't relevant. Yet, some businesses are required to acquire some data about their customers, and they are bound by law to acquire such data, on top of it in some businesses it's impossible to have a vis-à-vis verification. Their duty is to make sure that they've tried to collect faithful data with the due diligence, civil and criminal consequences may arise otherwise in the worst case scenario. If they are in a position in which they can't asseverate the identity of the customer, they can turn him/her down if the accurate acquisition of that data is necessary.
I'm sure there are providers in this segment gleefully accepting orders from John Doe, resident in Evergreen Terrace, Springfield, and signing up with a Brazilian IP. This is not the case of Germany, nor France, nor Italy, and doing otherwise could actually mean the provider is violating the law.
Hopefully I've made myself clearer, allow me to gloss over all the other short-circuits in your reasoning (like: businesses may be criminal therefore hetzner could be criminal but you're not saying so, businesses can't turn you down if you don't give your necessary consent to process required data, businesses refusing to deal with you on this basis are making an illegal discrimination, even merely asking for a low-quality scan is forbidden by German law, companies couldn't nicely ask for a soon-to-be-destroyed low-quality scan with the previous law)
I won't proceed any further to underline passages and concepts you happily disjoin for the sake of arguing in circles, I sorely invite you to sue whoever you please.
Let me make this clear to you.
I referred to a law, it's not up to your or my interpretation. Its pretty clear.
.
Demanding an copy of the ID is illegal here, and not a justification to deny service. Period.
If you want to try some humility and like Lee ask to cite a source I will.
If you prefer the "I know it all attitude" , you can go all go and enjoy a nice and dandy day with your couch lawyering. Its not like it will make a difference to me .
Only loosely following the 'debate' here, I think this idea of 'demanding' is probably where you're confusing the interpretation.
No company is going to 'demand' ID. They can ask for it and if you refuse, they can refuse service. Common sense, innit.
Thats exactly when a request becomes a demand.
Company ask: client refuses and works with the company on an alternative solution = request.
Company asks: client refuses and the company on those grounds refuses service = demand.
This question was posed by the companies and the government answer is that there are valid alternatives to providing a copy of the id, so it's not a valid reason to deny service.
'request' is a better term to use. Hosting companies are obligated to follow laws just as any other company. If there were sanctions against North Korea, then the hosting company would be obligated to not do business with North Koreans. Someone ordering from a NK IP would perhaps be asked for ID.
The only parties able to 'demand' something from you are those who are employed by the state, if laws permit. Commercial companies aren't employed by the state. Commercial companies aren't 'demanding' anything.
Hetzner just want to confirm that the customer is who he/she claims to be, and the usual way of accomplishing this is to ask for the customer's ID. If the customer were physically present, it would be enough for the customer to show his/her ID, but since the customer is not physically present, an electronic copy of the ID needs to be sent (and is then deleted afterwards).
What would be a valid alternative to providing a copy of the ID if the goal is to confirm one's identity?
There’s so much misinformation from some here in this thread that i feel my eyes are going to fall out of the sockets. Seriousely. Get a grip and get real.
Hetzner is in right here. If you feel otherwise, provide proof.
If you don't want to deal with orders from specific country under political views, just remove that country from drop down list. That better solution.
Laws don't always make it easier for businesses to do their thing, and not being easy to coupe with doesn't mean a business can ignore it.
Here, companies can ask for other documents than the national ID, they can also resort to available platforms that help them identify the current/prospective client.
**Regardless this does seem to be a national law of no concern to Hetzner.
**
If Hetzner deny service, it's because the potential customer is judged to be of sufficiently high risk based on certain variables. It's not because the potential customer has refused to comply with a request. (There is no demand.) Hetzner's request to see one's ID is an opportunity offered to the potential customer to confirm their identity, which (if successful) may lead Hetzner to give service to the potential customer despite the estimated high risk factor. But a denial of service is because of the high risk factor, not because of a potential customer's refusal to comply with the request for a copy of the ID.
There's the eIDAS Regulation already applicable to all public digital providers starting from the next Saturday, granting an interoperable and convenient way to assess everyone else identity — at least, within the European market. As a matter of fact IPv6 is more likely to happen any sooner than B2C/B2B eID but hey let's see
I'm not sure that those here who are complaining about showing their ID would be happy to show other documents that identity them.
You mean "Log in with your Gmail (or Facebook) username and password"? Right, sounds brilliant ... NOT.
Okay, good, once implemented properly, this should work for EU residents. But for anyone outside of the EU, the question remains.
Seems to me that if Hetzner requests a copy of an ID and its not provided to them, they simply won't give service due to the ID not being provided.
Anyway, this is not a Hetzner issue, someone else clarified that its legal practice in
Germany.