[egorfine]

Germany, of course. Like my company needs government permission to store backups.

[leipert]

More like: your company (or government agency) is critical infrastructure or of a certain size, so there are obligations on how you maintain your records. It’s not like the US or other countries don’t have similar requirements.

[Skeime]

(Without knowing the precise nature of these laws) I would expect that they don't forbid you to store backups elsewhere. It's just that they mandate that certain types of data be backed up in sufficiently secure and independent locations. If you want to have an additional backup (or backups of data not covered by the law) in a more convenient location, you still can.

[egorfine]

> sufficiently secure and independent locations

This kind of provision requires enforcement and verification. Thus, a tech spec for the backup procedure. Knowing Germany good enough, I'd say that these tech spec would be detrimental for the actual safety of the backup.

[greybeard69]

wild speculation and conjecture

[f1shy]

Not wild.

When you live in Germany and are asked to send a FAX (and not a mail, please). Or a digital birth certificate is not accepted until you come with lawyers, or banks not willing to operate with Apple pay, just to name few..

Speculation, yes, but not at all wild

[__bjoernd]

I'm German and in my 45 years of being so have never been required to send a fax. Snail mail yes, but never a fax.

[egorfine]

Agree. It is based on my experience with German bureaucracy.

[Chris2048]

Certain data records need to be legally retained for certain amounts of time; Other sensitive data (e.g. PII) have security requirements.

Why wouldn't government mandate storage requirements given the above?

[hdgvhicv]

No it doesn’t. It does however need to follow the appropiate standards commensurate with your size and criticality. Feel free to exceed them.