[Humorist2290]

Sure, but the way this was written it also includes everything from Gmail to root access servers hosted by Hetzner. Gmail has been doing this for years, but (I assume) not Hetzner. If even hosting providers are dragged into this the scale grows dramatically. Can Hetzner really not even be bothered about having to comply with such ridiculous requirements?

To give a simple example: imagine a script that constantly dumps /dev/urandom into JPG-like files nonstop onto a 16 TB disk, then repeats. I've seen enterprise systems that aren't so dissimilar. If indeed the EU commission wants all files scanned, then will Hetzner need to spy on all of their machines at least enough to check for compliance? I'm guessing their board members think it can't possibly be so dumb, or stand to gain handsomely and privately.