[102090] in North American Network Operators' Group
Re: EU Official: IP Is Personal
daemon@ATHENA.MIT.EDU (Roland Perry)
Fri Jan 25 05:55:58 2008
Date: Fri, 25 Jan 2008 10:37:15 +0000
To: nanog@merit.edu
From: Roland Perry <lists@internetpolicyagency.com>
In-Reply-To: <2132.1201236938@turing-police.cc.vt.edu>
Errors-To: owner-nanog@merit.edu
In article <2132.1201236938@turing-police.cc.vt.edu>,
Valdis.Kletnieks@vt.edu writes
>So - if you can work backwards from license plate info, telephone numbers,
>and IP addresses, and get a good idea of who the person is, and there's
>general agreement that the first two are "personal information" that allows
>(at least speculative) identification of the person, why are people having
>trouble with the concept that the third is personally identifying information
>as well?
Because they are IP engineers and they have lots of anecdotes about how
an IP Address *might* be misleading when identifying an individual.
If they worked in a car maintenance shop, they'd be able to tell you how
licence plates *might* be misleading when identifying an individual.
But in both cases they are missing the point: which is that EU Data
Protection law looks at things from the opposite point of view.
ie If an IP address might *sometimes* reliably identify an individual,
then everyone has to err on the side of caution and treat *all* IP
addresses as personal data.
--
Roland Perry
