[governance] IP Addresses Are Personal Data, E.U. Regulator Says
Meryem Marzouki
marzouki at ras.eu.org
Mon Jan 28 13:42:38 EST 2008
Hi Andrea and all,
Le 24 janv. 08 à 09:36, Andrea Glorioso a écrit :
> Second, the fact that the WP29 considered an IP address to be
> "personal
> data" in the sense of the relevant European data protection Directives
> has been known since some time - the WP29 has already issued some
> opinions on this particular point (I can provide the references if
> somebody is interested).
True it's not new, but reaffirming this is really important, as this
commonly admitted (at least in Europe) status of the IP address as a
personal data (more exactly, an "indirectly nominative data") is
being questioned, most notably by IPR holders willing to take actions
against P2P sharing activities. This has been the case in France,
with courts backing this position from IPR holders, see: http://
www.edri.org/edrigram/number5.17/ip-personal-data-fr
> Again, these are *opinions*, not binding
> laws,
Unfortunately..
[...]
> Incidentally, once might also argue that deep-packet inspection
> ("network neutrality" anyone?) breaches data protection laws across
> Europe, unless there is a clear consent from the end-user. Care to
> guess how many ISPs in the EU actually do request that "clear
> consent"?
All of them.. by contract (you know, these "general conditions" that
no one reads, especially when one needs to subscribe to an ISP
anyway)! Actually, you cannot use the breaching of data protection
law argument in this case - as long the data remains managed by the
ISP and not disclosed to anyone else - since ISPs obviously need to
process you data, starting from your IP address, to deliver the service.
So, the answer to Karl's question ("whether an ISP or core provider's
use of a person's IP address to generate a TCP Reset packet (for the
purpose of, for example, "slowing" bittorrent traffic) is a
usurpation of that personally identifiable information") is no. This
is indeed a network neutrality issue, but not a data protection issue.
Meryem____________________________________________________________
You received this message as a subscriber on the list:
governance at lists.cpsr.org
To be removed from the list, send any message to:
governance-unsubscribe at lists.cpsr.org
For all list information and functions, see:
http://lists.cpsr.org/lists/info/governance
More information about the Governance
mailing list