t byfield on Fri, 12 Feb 1999 22:42:46 +0100 (CET)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> EC may interpret IP numbers as 'personal data'

[this courtesy of NTKnow:

 _   _ _____ _  __ <*the* weekly high-tech sarcastic update for the uk>
| \ | |_   _| |/ / _ __   __1999-02-12_ o join! mail 'subscribe ntknow'
|  \| | | | | ' / | '_ \ / _ \ \ /\ / / o  to majordomo@lists.ntk.net
| |\  | | | | . \ | | | | (_) \ v  v /  o website (+ archive) lives at:
|_| \_| |_| |_|\_\|_| |_|\___/ \_/\_/   o     http://www.ntk.net/

...as they put it:

         Last month, during the ongoing privacy discussions between
         the US and Europe, officials representing the EC began
         suggesting that not only is caching illegal, but so is
         storing IP numbers. Because IP quads can refer to an
         "identifiable person" (well, no, they refer to identifiable
         machines, but do carry on), even those logs that your
         Webserver holds could be in breach of EC law. Thankfully,
         we're guessing that the British Data Protection People
         wouldn't be so insane as to implement this - but, it's still
         a sparkling demonstration of the clue-vacuum at the heart of
         government. On the other hand, this one's been fed to us
         third hand and via the US authorities but when the second
         hand was Vint Cerf, who exactly were they trying to fool?


- search for "privacy". ironic, since it's supposed to be a closed list

gets you the following URL:


cerf's conclusion is a bit mysterious, since it would affect a lot more
than "Internet business models." but i suppose that invoking 'business'
has become a strange sort of genuflection these days, lest we incur the
wrath of the Hidden Hand.--tb]

- - - 
Date:     Tue, 02 Feb 1999 19:42:43 -0500
Author:   "vinton g. cerf" <vcerf@MCI.NET>
Subject:  EC Directive on IP Addresses and Privacy
Body:     I thought this would interest you - these are NOT my words but
          the words of the source of the message to me:

"Yesterday, I learned from a very well-placed U.S. Government source that
European law enforcement officials have told their American counterparts
that they interpret the E.C. Data Protection Directive as prohibiting
Internet service providers from maintaining records of users' IP
addresses unless necessary for service or billing. This position indicates
that E.C. officials consider both dynamic and static IP addresses to be
subject to the Directive as "personal data'...relating to an...identifiable
natural person" under Article 2(a) of the Directive. Therefore, it is
being interpreted that the European Directive prohibits the retention of
dynamic IP addresses even by an ISP unless it is used for billing purposes
(which is rarely the case).

If shared by others in the E.C., the position could have significant
implications for Internet business models." 
#  distributed via nettime-l : no commercial use without permission
#  <nettime> is a closed moderated mailinglist for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@desk.nl and "info nettime-l" in the msg body
#  URL: http://www.desk.nl/~nettime/  contact: nettime-owner@desk.nl