Although it gives your IP some semblance of legitimacy, having a fixed endpoint after Tor (as would be the case with a VPN through tor) is a bad idea in practice - though obviously the measure of bad depends on what your exact threat model is.

Except the study was on hidden services, not through traffic. The study was somewhat flawed (not that I'm claiming I could have done any better) in that lookups do not necessarily mean genuine traffic. A lot of the lookups may also have been LEA monitoring known scumpots. They also only checked whether services were legit at the end of the study, so any non-scummy sites that dissappeared in the meantime weren't counted.

You, sir, are an idiot. The types setting the IEDs are the types who fight for Islam. There could be reasons why the Muslim community doesn't turn in the nutjobs. One is fear of those same nutjobs, but there are plenty of other reasons - including the assumption that idiots like yourself make that all Muslims share those beliefs. The IRA were Christians, and there was plenty of Religious fuelled murder in Belfast (not Catholic? Sucks to be you). Given that Christianity espouses spreading the belief, should we assume then that all Christians support killing those with different beliefs. What I'm trying to say is you need to pull your head out of your arse and realise that judging a large group by the actions of a relative few is nuts

So, at least on occassion, turn away trade. How is that an improvement on the current system. Also, how do you (as a consumer) feel about the fact that small businesses will be storing your details (presumably insecurely) for 7 years? Not to mention that as there is an additional administrative burden, that cost will pass to the consumer, meaning higher prices for us all. I get what they were trying to do, but its an ill thought out mess - not least because it seems a lot of businesses found out a week before (HMRC's 'proactive' communication was to send a notice to all VAT registered businesses - except those who needed to do the most prep weren't VAT registered in the first place)

No idea whether Switzerland is part of it - though they were listed on some guides to the different rates, so they may be

Ok so thats your first bit of evidence. Where's your second? The law requires two bits of non-contradictory bits of evidence to be retained. Billing address in Spain but IP seems to be in Germany? You need to go find a third bit of evidence to support one or the other. In terms of ensuring you are always in compliance, its actually a lot more complicated/involved than you seem to think.

It seems like it'd attract less attention to only avoid some of the VAT rate - so PO box and VPN in Switzerland (8% VAT) could still attract a decent saving. Personally, I stopped offering digital downloads - the costs (and more to the point, risk) of compliance simply weren't cost effective given the time could be better spent charging an hourly rate. I've a strong suspicion that the additional revenue won't be nearly as much as predicted, most of which will likely be wasted in ill-fated attempts to force non-EU providers into compliance

Actually part of the requirement is that you _do_ have to check where the customer is - and retain 2 pieces of corroborative evidence. If one disagrees with the other you have to find a third. Late with your return? You're now individually liable for fines in more than 20 member states.

Clearly the joke went right over someones head. . .