Violation issue related to turnserver and webrtc

[Sprogrammer]

Related to European law "Article 16, 8 December 1992 privacy." 

I have been involved with some enterprises, most of them are horrible and nightmare paper works,

with all of them to introduce WebRTC way of work is like a big pain.

They ask me how do the video packets and audio packets reach from PC1 to PC2 when relay or turn server is used or there is firewall or there is security involved?

I told them its 3 way when firewall/nat fails, video/audio packet goes to turnserver and turnserver never keep the packets in server, but it sends it out instantly.

---

They said, packets are going to third party server (turnserver in Amazon or other hosted servers which is maintained by other third party admins)

which is a violation of privacy according to article 16 etc etc.

How do i solve this problem? that its not violating privacy act, its just moving the packets via the server to the end user.

How can i make prove and assure when a call is made PC1 to PC2 the data is not kept in anywhere? 

But just for processing it was using turnserver, webrtc signaling etc?

Is there any official statements or so to similar fact?

[Oleg Moskalenko]

I have no comments except that they are idiots or they are playing games with you. Between two PCs in the Internet there are many routers - those are all "third-party servers" - and any IP packet is going through several "third-party servers" anyway.

Sent from my iPhone

--
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc57...@googlegroups.com.
To post to this group, send email to turn-server-project...@googlegroups.com.
Visit this group at http://groups.google.com/group/turn-server-project-rfc5766-turn-server.
For more options, visit https://groups.google.com/d/optout.

[Philipp Hancke]

2015-03-31 8:06 GMT-07:00 Oleg Moskalenko <mom0...@gmail.com>:

I have no comments except that they are idiots or they are playing games with you. Between two PCs in the Internet there are many routers - those are all "third-party servers" - and any IP packet is going through several "third-party servers" anyway.

Like HIPAA compliance, it's just a game where you need to properly document what happens, what data is encrypted etc. Saying that the TURN server is run by a third party on amazon is going to raise a flag naturally.

[Oleg Moskalenko]

Yes, I suppose that's right.

[Sprogrammer]

Thank you for your input. I appreciate it.

FYI

- Amazon we do not use (not trusted by many enterprises so we stopped too)

- We use dedicated cloud servers (datacenter is not managed by us we rent dedicated servers)

- Now they want agreement with us related to privacy for Audio/Video/Data packets (which is no issue, its done successfully)

But main Problem is:

- PC1 to PC2 where is the audio/video/data going? TURN-SERVER and Signalling server in the cloud

Therefore, 

- They also want agreement with our Dedicated cloud server, service providers where TURNSERVER, Signaling server is running

(which is not our company, 

we are not boss or not managed by us, 

they have thousands of other customers, 

they wont depend on us at all). 

They want our dedicated server, service providers to sign agreement, saying that privacy is respected and no data were stolen/miss-used

--

I am not sure, i will have any solution about that, but in reality/practical its happening

[Philipp Hancke]

http://www.allthingsdistributed.com/2015/03/aws-and-eu-data-protection.html -- it seems amazon just got more acceptable in some cases.

I suppose if you do research (no, posting to this list does not qualify), you'll find out that you are not the first person ever to deal with compliance.

[Sprogrammer]

Well we can solve it having cloud servers as it is. 

Then i have to use IPSec tunnel in the cloud instances for TurnServer + WebRTC servers. 

I have not tested IPSec with TurnServer and WebRTC servers, i have no idea how it will behave regarding packets-size + delay + PublicIP and IPSec IP's 

(i have used IPSec tunneling for many enterprises to assure its Private and privacy respected (except the issue of datacenter admin access) )