Are IP addresses, OpenID-URLs/XRIs PII?

January 23, 2008 at 11:08 pm 4 comments

There is an interesting debate emerging in the EU whether IP addresses should be treated as personally identifiable information (PII). A consequence, if this was to be the case, would be extending all the privacy and data protection requirements to IP addresses.

Extending this debate, should an OpenID identifier be treated as PII and protected similarly?

IP addresses are meant to be locators for devices on a network and often do not map to being a unique identifier (for example, where the IP address is dynamically assigned or NAT is being used for an external connection).

Yet, ISPs and online services routinely log IP addresses and use it for tracking users. Search engines use IP addresses to provide location-aware results, advertising, and detecting click fraud.

The answer is far from clear cut.

As a privacy counsel for Google told the EU meeting, “There is no black and white answer: sometimes an IP address can be considered as personal data and sometimes not, it depends on the context, and which personal information it reveals.”

On the other hand, Germany’s data protection commissioner believes that when someone is identified by an IP address “then it has to be regarded as personal data.”

This is going to be an interesting debate. To spice things up, lets thrown in things like persistent cookies and ISP/OP logs into the mix.

Entry filed under: network, OpenID, personal_info, privacy.

Sir Edmund Percival Hillary, 1919-2008 India: Re-learning privacy lessons

4 Comments Add your own

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter


%d bloggers like this: