[zenhack]

(standard IANAL disclaimers)

1. yeah, probably.

2. There's a comment elsewhere in the thread to this effect, but short-term logging for the usual purposes of managing stability/security of a system almost certainly qualifies as legitimate interest. Don't keep the logs indefinitely, but I figure nginx's defaults with a week's retention period is quite reasonable.

The relevant authorities also have a track record of giving people warnings and time to fix things, so especially for something so trivial, I'd basically just make a good faith effort and not stress about it.