Ok I know time is over, but it is better to do something still now than nothing.
GDPR asks to retain audit logs to explain breaches and exploit on the personal data. The penalties set for breaches of GDPR can be up to 4% of a company’s annual global turnover. When an exploit is found, you have to explain what data you lost and how.
This drives to a strong log retention but also your local state might ask a minimum time retention (In France we need to keep at least one year of email transaction).
However by essence the log retains a lot of personal data, probably hard to filter and hide…For example the IP address. These information must be kept on the server and be sure that nobody except your system administrators can read them.
There is a lot of rules you must comply when you are GDPR concerned, not sure it is really the NS goal, but we could bring some features. Some are already available like the log retention policy (template based, four weeks for the community OS, 52 for the enterprise) but we could add also the log encryption (PGP for example with the compression) to ensure that even if an exploit is made, logs are not readable … easily.
I believe it is an aspect that we do not talk much, maybe time to start a thread.
EDIT: With PGP only the public key is hold on the server and used to encrypt, the private key is not hosted and it is a necessary key to read the files