{ "schema_version": "1.0", "generated_at": "2026-05-13T10:35:11.854Z", "site": "https://notdmca.org", "count": 12, "jurisdictions": [ { "country": "France (avoid for free-speech sensitive workloads)", "slug": "france", "flag": "๐Ÿ‡ซ๐Ÿ‡ท", "summary": "France is a major European hosting hub (OVH, Scaleway) with excellent infrastructure and low prices, but among the most aggressive EU jurisdictions for content takedowns including hate-speech / disinformation laws and HADOPI copyright enforcement. Listed as a counterpoint โ€” when to avoid French infrastructure.", "dmca_status": "France is an EU member with active copyright enforcement (HADOPI / ARCOM). The DSA + French national implementation creates strong notice-and-action obligations. Loi Avia and similar attempts at hate-speech regulation have created additional content-removal vectors.", "data_retention": "French telecommunications data retention is broad, has survived CJEU challenges with modifications, and includes IP-attribution requirements that make operator anonymity difficult.", "notable_for": [ "Major European hosting infrastructure (OVH, Scaleway, Online.net)", "Excellent transit / connectivity in continental Europe", "Aggressive enforcement of EU copyright directives", "HADOPI / ARCOM regulator active in copyright matters" ], "risks": [ "Aggressive content takedown regime compared to NL or RO", "Loi Avia and successor laws on hate-speech / online content", "Real-name signup standard", "ccTLD .fr requires verifiable EU residency" ], "sources": [ { "url": "https://www.legifrance.gouv.fr/codes/id/LEGITEXT000006069414/", "title": "Code de la propriรฉtรฉ intellectuelle (French Intellectual Property Code)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/France", "https://www.wikidata.org/wiki/Q142" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/france" }, { "country": "Germany (avoid for adult / streaming)", "slug": "germany", "flag": "๐Ÿ‡ฉ๐Ÿ‡ช", "summary": "Germany is a major European hosting hub with low prices and excellent infrastructure (Hetzner, netcup, etc.) โ€” but it is among the most aggressive EU jurisdictions for copyright enforcement and adult-content age-verification. Avoid for DMCA-sensitive or adult workloads; fine for general business hosting.", "dmca_status": "Germany is an EU member implementing EU copyright directives. The notice-and-action regime is enforced more aggressively than in NL or RO. German rights-holders' associations (GEMA, Verwertungsgesellschaften) actively pursue cross-border copyright complaints.", "data_retention": "German telecommunications data retention has been narrowed by Federal Constitutional Court rulings but remains in modified form. ISPs face significant law-enforcement compliance obligations.", "notable_for": [ "Major European hosting infrastructure (Hetzner, netcup, IONOS, Strato)", "Excellent connectivity to all of Europe", "Low prices for general business hosting", "Strong technical / engineering culture" ], "risks": [ "Aggressive copyright enforcement compared to other EU members", "Recent age-verification requirements for adult content (and DSA enforcement)", "GEMA and other rights-holder organizations actively pursue takedowns", "Real-name signup standard at all major German hosts" ], "sources": [ { "url": "https://www.gesetze-im-internet.de/urhg/", "title": "German Copyright Act (Urheberrechtsgesetz, official text)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Germany", "https://www.wikidata.org/wiki/Q183" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/germany" }, { "country": "Iceland", "slug": "iceland", "flag": "๐Ÿ‡ฎ๐Ÿ‡ธ", "summary": "Iceland is the most-cited DMCA-ignored hosting jurisdiction. It is not party to the US DMCA, has a strong constitutional speech tradition, and hosts a small cluster of long-running privacy-focused providers running on geothermal/hydro power.", "dmca_status": "Iceland is not party to the US DMCA. Notices have no statutory effect. Copyright disputes are evaluated under Icelandic law and through Icelandic courts. EU directives do not apply (Iceland is EFTA, not EU).", "data_retention": "Iceland does not currently impose blanket telecommunications data retention. The IMMI (Icelandic Modern Media Initiative) parliamentary resolution of 2010 set out an agenda to make Iceland a haven for press freedom; many of its components have been implemented.", "notable_for": [ "No DMCA equivalence", "Constitutional speech tradition", "EFTA, not EU โ€” fewer harmonization pressures than NL or DE", "Renewable-energy datacenters", "Cluster of veteran privacy-focused providers" ], "risks": [ "Limited datacenter capacity vs Western Europe", "Higher pricing โ€” small market, expensive to operate", "Some ccTLDs (.is) require local ID and cannot be registered anonymously" ], "sources": [ { "url": "https://en.wikipedia.org/wiki/Icelandic_Modern_Media_Initiative", "title": "Wikipedia โ€” Icelandic Modern Media Initiative", "accessed": "2026-05-12" }, { "url": "https://www.isnic.is/en/", "title": "ISNIC โ€” .is registry policies", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Iceland", "https://www.wikidata.org/wiki/Q189" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/iceland" }, { "country": "Malaysia", "slug": "malaysia", "flag": "๐Ÿ‡ฒ๐Ÿ‡พ", "summary": "Non-Western offshore hosting jurisdiction with copyright law structurally different from US/EU regimes. Hosts a small cluster of long-running offshore-marketed providers (notably Shinjiru). Useful for jurisdictional diversification when Iceland/Sweden are not enough distance.", "dmca_status": "Malaysia is not party to the US DMCA. Copyright is governed by the Malaysian Copyright Act 1987 (and amendments), which has its own takedown procedures. US notices have no statutory effect; complaints are evaluated under Malaysian law.", "data_retention": "Malaysia has its own telecommunications and data retention rules under the Communications and Multimedia Act 1998. The legal regime is materially different from EU GDPR; do not assume Western data-protection norms apply.", "notable_for": [ "Non-Western offshore option for jurisdictional diversification", "Long-running offshore-marketed providers", "APAC connectivity for SE Asian audiences" ], "risks": [ "Different legal regime โ€” Western privacy expectations do not directly translate", "Higher RTT to Western audiences", "Less internationally visible legal track record than European offshore options" ], "sources": [ { "url": "https://www.wipo.int/wipolex/en/legislation/details/14947", "title": "WIPO Lex โ€” Malaysian Copyright Act 1987", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Malaysia", "https://www.wikidata.org/wiki/Q833" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/malaysia" }, { "country": "Moldova", "slug": "moldova", "flag": "๐Ÿ‡ฒ๐Ÿ‡ฉ", "summary": "Non-EU European jurisdiction with the most aggressive value-pricing for offshore-marketed hosting. Moldovan copyright law applies; US DMCA has no statutory effect; EU DSA does not bind Moldova-only providers. Geopolitical proximity to active conflict zones is a real-world risk.", "dmca_status": "Moldova is not in the EU and not party to the US DMCA. Moldovan copyright law (Civil Code provisions and the Law on Copyright and Related Rights) applies. US DMCA notices have no statutory effect on Moldovan providers.", "data_retention": "Moldova has its own telecommunications regulations. The country has been progressively aligning some legislation with EU norms in the context of EU-accession negotiations (formally a candidate country since 2022) but is not yet bound by EU directives.", "notable_for": [ "Non-EU, non-DMCA jurisdiction", "Aggressive pricing โ€” among the cheapest offshore options in Europe", "European-region latency for EU audiences", "Useful diversification from the Iceland/Sweden/NL cluster" ], "risks": [ "Geopolitical proximity to active conflict zones (Ukraine, Transnistria)", "Smaller infrastructure base than Western EU", "Less internationally-visible legal track record", "EU candidate status โ€” long-term regulatory direction may converge with EU law" ], "sources": [ { "url": "https://www.legis.md/cautare/getResults?doc_id=125260&lang=ro", "title": "Legis.md โ€” Moldovan Law on Copyright and Related Rights (Romanian original)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Moldova", "https://www.wikidata.org/wiki/Q217" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/moldova" }, { "country": "Netherlands", "slug": "netherlands", "flag": "๐Ÿ‡ณ๐Ÿ‡ฑ", "summary": "Major European hosting hub with a permissive-but-EU-bound posture on copyright takedowns. Multiple offshore-marketed hosts operate from Dutch datacenters; AMS-IX provides the connectivity advantage. EU member, so subject to the Digital Services Act and InfoSoc directive.", "dmca_status": "EU member; the US DMCA has no statutory effect, but the EU notice-and-action regime under the DSA applies. Dutch courts have historically required formally complete complaints and have been slower to compel action than US safe-harbor providers.", "data_retention": "EU data retention rules apply in modified form post-Digital Rights Ireland. Practical retention varies by provider and product line.", "notable_for": [ "Massive datacenter density (AMS-IX is the world's largest by traffic)", "Excellent transatlantic and intra-EU connectivity", "Cluster of explicitly offshore-marketed hosts", "Cheaper than Iceland/Switzerland, faster than Romania" ], "risks": [ "EU member โ€” DSA notice-and-action regime applies", "Pressure on adult/streaming content has increased over the past decade" ], "sources": [ { "url": "https://www.ams-ix.net/ams", "title": "AMS-IX โ€” Amsterdam Internet Exchange", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Netherlands", "https://www.wikidata.org/wiki/Q55" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/netherlands" }, { "country": "Norway", "slug": "norway", "flag": "๐Ÿ‡ณ๐Ÿ‡ด", "summary": "Nordic non-EU jurisdiction with strong infrastructure, cheap renewable power, and Norwegian copyright law (ร…ndsverkloven) that does not implement the US DMCA. Less brand-visible than Iceland or Sweden but legally similar; lower-cost than Iceland.", "dmca_status": "Norway is not in the EU but is in the EEA. Norwegian copyright law (ร…ndsverkloven) applies. The US DMCA has no statutory effect. EU DSA does not directly bind Norway-only providers (EEA implementation lags EU-member timelines and the EFTA Court interprets EEA-relevant directives separately).", "data_retention": "Norway has its own telecommunications retention rules. Norwegian courts and parliament have responded to the CJEU's data-retention case law by narrowing the regime. Practical retention varies by ISP and product.", "notable_for": [ "Nordic non-EU jurisdiction", "Cheap renewable hydroelectric power", "Excellent submarine cable connectivity", "Less attention than Iceland or Sweden โ€” useful for low-profile infrastructure" ], "risks": [ "Less internationally-visible legal track record than Iceland/Sweden", "Smaller cluster of privacy-focused hosts" ], "sources": [ { "url": "https://lovdata.no/dokument/NLE/lov/2018-06-15-40", "title": "Lovdata โ€” ร…ndsverkloven (Norwegian Copyright Act)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Norway", "https://www.wikidata.org/wiki/Q20" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/norway" }, { "country": "Romania", "slug": "romania", "flag": "๐Ÿ‡ท๐Ÿ‡ด", "summary": "EU member with a notably slower copyright-enforcement track record than Western EU hosts. Combines EU connectivity and procedural law with offshore-style marketing-tolerance. Several DMCA-ignored hosts operate from Romanian datacenters.", "dmca_status": "EU member implementing EU copyright directives. US DMCA notices have no statutory effect. Romanian courts have historically been slower than German, French or Dutch courts to compel action on cross-border copyright complaints.", "data_retention": "Romanian Constitutional Court struck down the country's data retention law in 2014 in response to the CJEU Digital Rights Ireland judgment. Subsequent legislation has been narrower than the original.", "notable_for": [ "EU connectivity at lower cost than the Netherlands or Germany", "Slower copyright enforcement track record", "Constitutional Court that has invalidated overreaching surveillance law", "Several explicitly offshore-marketed hosts" ], "risks": [ "EU member โ€” DSA notice-and-action regime applies", "Less internationally visible legal track record than Sweden or Iceland" ], "sources": [ { "url": "https://en.wikipedia.org/wiki/Telecommunications_data_retention#Romania", "title": "Wikipedia โ€” Romanian data retention case history", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Romania", "https://www.wikidata.org/wiki/Q218" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/romania" }, { "country": "Sweden", "slug": "sweden", "flag": "๐Ÿ‡ธ๐Ÿ‡ช", "summary": "Sweden hosts some of the longest-running free-speech and DMCA-resistant providers on earth, including PRQ (founded by Pirate Bay co-founders) and Bahnhof (the WikiLeaks host). Strong privacy tradition and a track record of legal pushback against EU data retention.", "dmca_status": "Sweden is an EU member and implements EU copyright directives. The US DMCA has no statutory effect, but the EU notice-and-action regime applies. Swedish providers have a track record of pushing back against extra-jurisdictional copyright complaints, and Swedish courts have been notably skeptical of bulk takedown requests.", "data_retention": "Bahnhof publicly refused to log under the EU Data Retention Directive; the CJEU later invalidated the directive (Digital Rights Ireland, 2014). Sweden's national data retention regime has been narrowed in response. Practical retention varies by ISP and product.", "notable_for": [ "Cradle of modern free-speech hosting (PRQ โ†’ Pirate Bay โ†’ WikiLeaks)", "Active legal pushback against surveillance", "Bahnhof's Pionen datacenter (former nuclear bunker)", "Strong submarine cable connectivity", "Establishment of Njalla (Sweden-operated, Nevis-incorporated)" ], "risks": [ "EU member โ€” subject to EU copyright directives", "Sustained pressure from US rightsholders historically (Pirate Bay raids)" ], "sources": [ { "url": "https://en.wikipedia.org/wiki/PRQ", "title": "Wikipedia โ€” PRQ", "accessed": "2026-05-12" }, { "url": "https://en.wikipedia.org/wiki/Bahnhof_(company)", "title": "Wikipedia โ€” Bahnhof", "accessed": "2026-05-12" }, { "url": "https://curia.europa.eu/juris/document/document.jsf?docid=150642", "title": "CJEU โ€” Digital Rights Ireland judgment (data retention)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Sweden", "https://www.wikidata.org/wiki/Q34" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/sweden" }, { "country": "Switzerland", "slug": "switzerland", "flag": "๐Ÿ‡จ๐Ÿ‡ญ", "summary": "Non-EU European jurisdiction with the strongest constitutional privacy framework in the region. Robust data-protection law (revFADP), judicial independence, no DMCA equivalence. Premium pricing and limited 'anonymous-signup' options, but unmatched legal due process.", "dmca_status": "Switzerland is not party to the US DMCA. Swiss copyright law (URG/LDA) was substantially amended in 2020 to add a notice-and-action regime, but it requires formally complete complaints, gives the user an opportunity to respond, and contested cases require court adjudication. Bulk automated takedowns face a higher bar than under US safe-harbor.", "data_retention": "Swiss telecommunications retention rules exist (BรœPF/LSCPT) but are narrower than EU-member-state regimes and Swiss courts have actively pushed back on overreach. Swiss data-protection law (revFADP, in force 2023) closely tracks EU GDPR but is enforced by the Swiss FDPIC.", "notable_for": [ "Non-EU, non-DMCA jurisdiction", "Strongest constitutional privacy framework in Europe", "Judicial independence and procedural rigor", "Bank-secrecy legal tradition transferred to data privacy", "Home of major privacy-tech companies (Proton, Threema, Mullvad-adjacent)" ], "risks": [ "Premium pricing โ€” Swiss cost base is high", "Limited 'anonymous-signup' options vs Iceland or Sweden", "Mutual legal assistance treaties with the US can be invoked for serious cases" ], "sources": [ { "url": "https://www.fedlex.admin.ch/eli/cc/1993/1798_1798_1798/en", "title": "Swiss Confederation โ€” Copyright Act (URG / LDA, English consolidated)", "accessed": "2026-05-12" }, { "url": "https://www.edoeb.admin.ch/edoeb/en/home.html", "title": "FDPIC โ€” Swiss Federal Data Protection and Information Commissioner", "accessed": "2026-05-12" }, { "url": "https://en.wikipedia.org/wiki/Federal_Act_on_Data_Protection_(Switzerland)", "title": "Wikipedia โ€” Swiss Federal Act on Data Protection (revFADP)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/Switzerland", "https://www.wikidata.org/wiki/Q39" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/switzerland" }, { "country": "United Kingdom (avoid for privacy-sensitive workloads)", "slug": "united-kingdom", "flag": "๐Ÿ‡ฌ๐Ÿ‡ง", "summary": "The United Kingdom has aggressive online-content regulation (Online Safety Act 2023), Investigatory Powers Act surveillance authority, and post-Brexit weakened privacy protections. Excellent technical infrastructure but among the worst Western jurisdictions for privacy-sensitive hosting. Listed as counterpoint.", "dmca_status": "Not party to the US DMCA but has its own Copyright, Designs and Patents Act with similar takedown procedures. The Online Safety Act 2023 adds extensive content-moderation obligations on hosts serving UK users.", "data_retention": "Investigatory Powers Act 2016 creates broad data-retention requirements for ISPs and bulk powers for surveillance agencies. Has survived European Court of Human Rights challenges in modified form.", "notable_for": [ "Excellent technical infrastructure (London is a major global hub)", "English-language operations (no language barrier)", "Stable rule-of-law environment", "Major financial / business services" ], "risks": [ "Online Safety Act 2023 โ€” extensive content-moderation obligations", "Investigatory Powers Act 2016 โ€” bulk surveillance powers", "Brexit removed some EU privacy protections (UK-GDPR is similar but UK-controlled)", "Active rights-holder enforcement (BPI / Ofcom)", "Online Safety Act creates broad encryption-undermining authority (in theory)", "Aggressive enforcement of online-content regulation post-2023" ], "sources": [ { "url": "https://www.legislation.gov.uk/ukpga/2023/50/contents", "title": "UK Online Safety Act 2023 (legislation.gov.uk)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/United_Kingdom", "https://www.wikidata.org/wiki/Q145" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/united-kingdom" }, { "country": "United States (avoid for DMCA-resistance)", "slug": "united-states", "flag": "๐Ÿ‡บ๐Ÿ‡ธ", "summary": "The United States is the original DMCA jurisdiction and the worst choice for DMCA-resistant hosting. US providers are bound by Section 512 safe harbor and act on infringement notices to preserve liability protection. Listed here as a counterpoint โ€” when to deliberately avoid US infrastructure.", "dmca_status": "United States is the home of the DMCA. Section 512 creates a notice-and-takedown safe harbor that all US-based service providers act on. There is no US-domiciled host that meaningfully ignores DMCA notices at scale.", "data_retention": "Varies by service type. ECPA (Electronic Communications Privacy Act) governs but has many exceptions and weaknesses. National Security Letters can compel data with non-disclosure orders. Subject to FISA Section 702 collection.", "notable_for": [ "Origin jurisdiction of the DMCA", "Strong copyright enforcement infrastructure (DMCA bots, MPAA / RIAA)", "FISA Section 702 surveillance jurisdiction", "Most major hyperscalers (AWS / GCP / Azure) headquartered here" ], "risks": [ "Full DMCA exposure โ€” bots send notices at industrial scale", "Subject to US legal process including civil discovery, subpoenas", "Mutual legal assistance treaties allow most foreign requests", "Payment-processor pressure (Visa / Mastercard tighten merchant categories)", "Account-level deplatforming risk" ], "sources": [ { "url": "https://www.copyright.gov/title17/92chap5.html#512", "title": "US Copyright Office โ€” Title 17 Chapter 5 Section 512 (DMCA safe harbor)", "accessed": "2026-05-12" } ], "same_as": [ "https://en.wikipedia.org/wiki/United_States", "https://www.wikidata.org/wiki/Q30" ], "last_updated": "2026-05-12", "url": "https://notdmca.org/jurisdictions/united-states" } ] }