Data held by ISPs
zenadsl6186 at zen.co.uk
Tue Dec 23 11:47:16 GMT 2014
On 23/12/14 09:19, David Pick wrote:
> On 22/12/14 22:45, Mark Harrison wrote:
>> IP addresses (of the subscriber) are personal data.
>> Although it's taken a long time for this to be nailed into law (rather
>> than denied by the MRD brigade).
>> I'm surprised. IP addresses from ISP's are shared. They are rarely given
>> to end devices but rather routers that are also shared. How could they
>> be classed as identifiable? To whom under the law?
> To my mind it's not the IP address in isolation that's "Personal Data",
> it's the relationship between the IP address and a person. It is *very*
> important that it is acknowledged that this relationship exists because
> if the relationship is not acknowledged the possibilities for miscreants
> to identify people without the possibility of legal redress is enhanced.
> There are many forms the relationship can take ranging from registration
> in an Internet Registry database or the DNS through to logs from the
> CGNAT service used by an ISP. For each of these to be handled with the
> appropriate level of care the nature of the relationship to identifiable
> people must be recognised.
Yep - it's not necessary for data to be linked with a person in
isolation; if it can be linked with a person in combination with some
other data which might be obtained - eg ISP IP assignments - then it is
Or, the IP a personal email is sent from is personal data at that time.
PS I have a fixed IPv.4 IP address (actually 8 of them), packets
addressed to which will come to my personal computer (or computers I
run). It isn't that uncommon, most ISPs offer the choice of a fixed
IPv.4 address even now, though they may charge extra.
When IPv.6 really gets going I suspect that most IPs will be fixed.
-- Peter Fairbrother
More information about the ukcrypto