We are aware of this and are already working to oppose the proposal so it does not pass in the EU. We will not do this alone and will cooperate with other VPN providers to push back together.
Switzerland is in the same boat. The Swiss government is actively pushing changes to its surveillance framework (VÜPF/OSCPT) that would expand data-retention and identification requirements to VPNs, messengers, and cloud services.
Offshore locations like Panama are not picked, because of "privacy laws", but simply because the company wants to avoid paying the taxes. They also still have companies in EU to process and accept payments from customers, because majority of payment processors do not accept offshore businesses/banks.
If this law passes and VPN will be included this would leave us no option, but to relocate the company outside of EU. This could also result in a mass exodus of VPN servers from the EU entirely, as they would remain subject to EU law. Changing jurisdiction alone would not be enough.
Finally perfect timings for me to post this meme.
I wish you good luck. But frankly, I don't believe in a positive outcome. Similar bans are becoming more and more common in literally every country in the world. And while these countries may seem to be in conflict or completely unrelated, that doesn't stop them from moving in the same direction and issuing identical laws with different titles ("very unexpected").
Are you considering physical security methods or just legal ones? Automatic deletion of all logs, RAM-only servers, data wipes when connecting "incorrectly" directly to a server rack inside the hosting provider's building, etc.?
Is it possible to make all user logs look the same? Of course, you won't be doing this yourself, so as not to break the law. "Someone else" will simply create a third-party service/instructions/client, etc. And this tool, by a lucky chance, will work perfectly with your service.