North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: EU Official: IP Is Personal
In article <Pine.GSO.4.64.0801231750350.24354@xxxxxxxxxxxxxxxxxxx>, Sean Donelan <sean@xxxxxxxxxxx> writes
In the US, folks are fighting the RIAA claiming that an IP address isn't
Many IP addresses *are* enough to identify a person.
Although sometimes you need additional information.
The law talks about "identifying directly or indirectly", the latter as a result of having some *other* information available. It's not a case of getting a hit based on IP address alone (which in any event needs at least a registry lookup to turn into a person's name).
And therefore because *some* IP addresses indisputably identify people, you must put in place precautions to handle *all* such information appropriately (IP addresses don't come with a bit set to say "I'm an identifiable user" or "I'm not").
That's just the way European Law works.
The American perspective might be (and I'm guessing here) that if only *some* IP addresses identify people, you should assume that *all* IP addresses are unreliable identifiers. [Many of the comments in this thread express somewhat of that view].
That might even be a good idea in a shoot-first ask-questions-later environment. My advice would be to try *not* to deploy such an environment :)
 In the case of being a dial-up ISP, the RADIUS logs; others have mentioned the association between commercial wifi connections and their (roaming) subscribers. -- Roland Perry