background preloader

IP Address / Privacy

Facebook Twitter

IP Dd insufficient to identify pirates.

ECJ Confirms That IP Addresses Are Personal Data - Intellectual Property - European Union. Check to state you have read and agree to our Terms and Conditions Terms & Conditions and Privacy Statement (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use.

ECJ Confirms That IP Addresses Are Personal Data - Intellectual Property - European Union

Are IP addresses personal data? Privacy This Week. The Court of Justice of the European Union (CJEU) clarified that IP addresses are 'protected personal data', on 24 November 2011, in Scarlet v SABAM (Case C-70/10), while ruling that internet service providers (ISPs) cannot be legally compelled to monitor the online activities of their customers.

Privacy This Week

The case was referred to the CJEU after an injunction granted by the Brussels Court of First Instance ordered internet service provider Scarlet to use web filtering to prevent customers from sending or receiving copyrighted files by means of peer-to-peer software. The files were songs and videos owned by SABAM members, a consortium of artists, authors, composers, and publishers. In 2004, SABAM filed the original complaint against Scarlet. 'Those addresses are protected personal data because they allow those users to be precisely identified', read the CJEU judgment.

. © 2014 Cecile Park Publishing Ltd. Hawktalk. An analysis of Section 28 Certificates issued by the previous Labour Government shows that the exemptions for the national security function are excessive.


The recent publication of a “memorandum of understanding” and analysis of the TfL Certificate (last week’s blog) shows that the current Government has continued this policy. It is my view, that if the national security agencies were required to apply the data protection principles, subject to appropriate exemptions and an effective system of regulation (not necessarily by the Information Commissioner), then the extensive, mass surveillance undertaken by these agencies would have been considered (and regulated) in the context of necessity, relevance and retention.

Such obligations could have avoided the current controversies. “We have no information as to whether or not the Secretary of State has issued relevant section 28 notices. This blog confirms that assumption.

IP address is not a person

Are IP addresses personal data? Court rules Internet IP addresses are not people. "I am not an IP number, I am a free man!

Court rules Internet IP addresses are not people

" OK, so that's not exactly what actor Patrick McGoohan said in the classic TV show, The Prisoner, but Number 6 would have agreed that people aren't numbers, and they certainly aren't their Internet Protocol (IP) addresses. And, now a U.S. Turning numbers into names: how IP address lookups are done. We wouldn't have file-sharing lawsuits at all without the ability to convert a computer's IP address into an Internet subscriber's real name.

Turning numbers into names: how IP address lookups are done

But how do Internet providers actually perform those lookups? The process begins when a copyright holder files suit and supplies the court with a list of IP addresses that were allegedly seen sharing files online. The court then allows the rightsholder to send a subpoena to the Internet service provider (ISPs) responsible for each address, where it goes to a special compliance unit. These units are not large. Time Warner Cable told a DC federal court last year that its own subpoena compliance unit had only four full-time employees (but it had been forced to add a temp worker due to the growing number of requests). Most of these lookups are done for law enforcement, and many of them are emergency requests.

According to Time Warner, the burden is almost unmanageable. "Multiple people in multiple locations" Such lookups are therefore expensive to do. IP addresses and user identification in the WikiLeaks case. Amid the news that the U.S. government has subpoenaed from Twitter data about WikiLeaks founder Julian Assange and others thought to be tied to the group is the issue of IP addresses.

IP addresses and user identification in the WikiLeaks case

An Internet Protocol address is a unique 32-bit numeric address that can identify a specific computer on a network. IP addresses, generally assigned by an Internet Service Provider (ISP), can be temporary (called dynamic IP addresses) or permanently (called static IP addresses). Reuters reports: “The information sought by the government includes all connection records and session times, IP addresses used to access Twitter, e-mail and residential addresses plus billing records and details of bank accounts and credit cards.”

There has been substantial debate over whether IP addresses are personally identifiable data. I believe they are, as they can easily link specific computers to individuals. Jurisprudence actualité Droit Internet. Lundi 1er février 2010 Cour d’appel de Paris 12ème chambre, pôle 5 Arrêt du 1er février 2010 Cyrille S. / Sacem, Sdrm.

Jurisprudence actualité Droit Internet

IP address in anti-piracy probe was not personal data, says French court. The question of whether and when IP addresses, which are assigned to devices when they connect to the internet, are personal data is a controversial one because European data protection laws control what can and cannot be done with personal data.

IP address in anti-piracy probe was not personal data, says French court

The Paris court has said that the IP address on its own could not identify an individual, and therefore that finding and using an internet user's IP address cannot breach data protection controls on the processing of personal data. The Society of Composers, Authors and Music Publishers (SACEM), an agency that collects revenues on behalf of artists, conducted some anti-piracy investigations and located an internet user who was sharing music without permission on a peer to peer (P2P) network. The SACEM agent was investigating P2P networks and tracked down some users of file-sharing network Limewire who were sharing music by Eminem.

Irish Court: IP addresses not personal data. In an April 16, 2010 judgment, the High Court of Ireland decided that a settlement agreement entered into between Ireland’s largest ISP Eircom and EMI, Sony Music, Universal Music, and Warner Music did not violate Ireland’s data protection law.

Irish Court: IP addresses not personal data

The settlement agreement was signed after the record labels sued Eircom in connection with Eircom’s failure to take action to discourage peer-to-peer copyright infringements on its network. In the settlement, Eircom agreed to implement a graduated response mechanism with its customers, pursuant to which Eircom would send warnings to customers who had been detected as participating in unauthorized file sharing.

If the customers ignored Eircom’s warnings, Eircom would cut off the subscriber’s Internet access. This sanction would be applied on a purely contractual basis, based on the subscriber’s violation of Eircom’s terms of use. IP addresses in server logs not personal data: Ruling. High performance access to file storage.

IP addresses in server logs not personal data: Ruling

IP addresses and the Data Protection Act. An IP address in isolation is not personal data under the Data Protection Act, according to the Information Commissioner. But an IP address can become personal data when combined with other information or when used to build a profile of an individual, even if that individual's name is unknown. IP Addresses Are Personal Data, E.U. Regulator Says -

BRUSSELS -- IP addresses, strings of numbers that identify computers on the Internet, should generally be regarded as personal information, the head of the European Union's group of data privacy regulators said Monday. Germany's data-protection commissioner, Peter Scharr, leads the E.U. group, which is preparing a report on how well the privacy policies of Internet search engines operated by Google, Yahoo, Microsoft and others comply with E.U. privacy law. Scharr told a European Parliament hearing on online data protection that when someone is identified by an IP, or Internet protocol, address, "then it has to be regarded as personal data.

" Swiss Supreme Court: data protection prevails over enforcement of IP rights. In a decision of 8 September 2010 (full grounds not yet published, press release here), the Swiss Supreme Court ruled that Logistep AG may not search peer-to-peer networks for copyright infringing files, register the IP [internet protocol] addresses of the uploaders and forward them to the copyright owners, which then, based on the data, file criminal complaints against unknown (the prosecution, unlike private parties, can force the ISPs to hand over name and address of the person/entity behind the IP address).

Logistep, acting for copyright holders (not the International Federation Of Producers Of Phonograms And Videograms, IFPI, though, says IFPI) searches peer-to-peer networks for copyright infringing files, then registers the IP addresses of the uploaders (pure downloading is legal under Swiss law) and forwards these to the copyright owners.