Whilst there have been plenty of views re: the status of IP addresses, particularly from the Art. 29 Working Party and the Data Protection Authorities, in an unusual case from the District Court of Munich (file no. 133 C 5677/08; September 30, 2008), the court held that IP addresses (contrary to other German courts), of a user of a website was not personal data, because the user concerned could only be identified if the user's access provider (illegally) identified the user and (illegally) forwarded the name of the user to the operator of the website. Therefore, the storage of the IP address of a user by a website operator in a server logfiles was permitted. Whilst this decision is unlikely to have any effect upon recent opinions made by the Art. 29 Working Party, one is not convinced that IP addresses are not personal data as evidenced by recent incidents exemplified here , here and here. However, if the recent press report is to be believed, then according to one view, "Businesses have a responsibility to protect sensitive data. The public should not expect the government to protect them." Update: Decision is available in German and can be accessed here and here.
Posts
No comments:
Post a Comment