Objection: RE: [admin] Re: EU Official: IP Is Personal
> Folks, we'd like to ask that this thread die a quick and > painful death. It's gone off topic and it seems to have run > whatever short course that it tried. I agree. > While what Europe does > is interesting to us as network operators, this is European > policy and off topic for NANOG. Whoa there! You need to re-read the first line of the NANOG mission statement The purpose of NANOG is to provide forums in the North American region for education and the sharing of knowledge for the Internet operations community. In other words, the NA part of NANOG refers to the location of the forums, *NOT* the scope of the discussions. The Internet operations community is global in scope and it is natural for our discussions to also be global in scope. Since many North American network operators have infrastructure in Europe (PoPs, colocated servers) they have to be aware of uniquely European Internet issues. And when it comes to solving a domestic problem, nothing puts things in perspective more than comparing how others approach the problem. --Michael Dillon
Is 7bits enough? (was: Re: [admin] Re: EU Official: IP Is Personal)
My note of yesterday didn't make it to the list, which happens from time to time, but as I'm not asking about automobile licenses or number portability, this might make it past the rather broad kill-this-thread administrative dicta. Hi, We (the P3P Spec WG circa pre-9/11) didn't specify what would reasonably render a v6 addr non-PII, and we didn't provide guidance on v4 addrs, other than the 7bit mask. Since I'm the only former contributor to that activity who gets NANOG mail, if any of you who have ideas on either of those two forms of endpoint identifiers and PII, if you send them to me, I'll summarize for the purpose of offering a specific update to our final work product, P3P 1.1 [1]. I'll extract the MAC-to-v4 comments for PII in a LAN environment, which we ignored in the P3P Spec WG. Eric [1] http://www.w3.org/TR/P3P11/
[admin] Re: EU Official: IP Is Personal
Folks, we'd like to ask that this thread die a quick and painful death. It's gone off topic and it seems to have run whatever short course that it tried. While what Europe does is interesting to us as network operators, this is European policy and off topic for NANOG. Best Regards, Martin Hannigan NANOG Mailing List Comittee On Jan 25, 2008 3:22 PM, Joseph S D Yao <[EMAIL PROTECTED]> wrote: > > On Fri, Jan 25, 2008 at 10:49:48AM +0200, Hank Nussbacher wrote: > ... > > I wouldn't be suprised if in a few years some EU/US law mandates IP number > > portability, just like people have with their cellphones. Imagine what > > that will do to the routing tables. How many /32s can we get into the > > RIBs these days? :-) > > > And yet that is said to be one of the advantages of IPv6. > > > > -- > Joe Yao > Qinetiq NA / Analex Contractor >
Re: EU Official: IP Is Personal
On Fri, Jan 25, 2008 at 10:49:48AM +0200, Hank Nussbacher wrote: ... > I wouldn't be suprised if in a few years some EU/US law mandates IP number > portability, just like people have with their cellphones. Imagine what > that will do to the routing tables. How many /32s can we get into the > RIBs these days? :-) And yet that is said to be one of the advantages of IPv6. -- Joe Yao Qinetiq NA / Analex Contractor
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Stephane Bortzmeyer <[EMAIL PROTECTED]> writes in the UK it [phone number portability] 's done with something similar to DNS. The telephone system looks up the first N digits of the number to determine the operator it was first issued to. And places a query to them. That either causes the call to be accepted and routed, or they get an answer back saying "sorry, that number has been ported to operator FOO-TEL, go ask them instead". What happens when a phone number is ported twice, from BAR-TEL to FOO-TEL and then to WAZ-TEL? Does the call follows the list? What if there is a loop? In the UK, for landlines there are generally only two operators available: BT and Virgin (the now sole brand for cable phones). So WAZ doesn't exist, all you can do is go back to BAR. For mobiles, I've never heard of a restriction so it's probably the case that the donor network stays the same, but the recipient records are updated to point to WAZ instead of FOO. The solution you describe does not look like the DNS to me. A solution more DNS-like would be to have a root (which is not an operator) somewhere and every call triggers a call to the root which then replies, "send to WAS-TEL". That's the scheme which was proposed in 2002, and which I'm a bit surprised isn't yet deployed (watch the space called ukporting.com [1], apparently). However, the current mobile scheme isn't very far off that. [1] Why not ukporting.org.uk ?? -- Roland Perry
Re: EU Official: IP Is Personal
I don't know about your IP addresses, but, people can use my IP addresses from a number of locations which are nowhere near the jurisdiction in which my network operates, so, I don't really see the correlation here with license plates or phone numbers. I'm not clear if you mean legitimately here, or not. If you've authorised people to relay traffic through you in some way, you'd be the right first contact. If you're talking about unauthorised spoofing, it's a lot like the first two cases (I'd say a fair bit easier / cheaper than the second, not substantially more so than the first). In my case, yes, 100% legitimately. I can be contacted, but, the reality is that I don't track it. I am no longer in direct contact with a number of people who have legitimate use of my IP addresses. If I find them doing something I consider abuse, then, I'll turn off the access. However, I don't maintain contact information or the ability to personally identify the correlation between the person and the access. So far, abuse has been rare enough that this has not been an issue. I've had to turn off two services I used to provide as a result of abuse in approximately 20 years of operating a network here. Owen
Re: EU Official: IP Is Personal
On Jan 25, 2008, at 6:05 AM, Stephane Bortzmeyer wrote: On Fri, Jan 25, 2008 at 10:42:44AM +, Roland Perry <[EMAIL PROTECTED]> wrote a message of 15 lines which said: in the UK it [phone number portability] 's done with something similar to DNS. The telephone system looks up the first N digits of the number to determine the operator it was first issued to. And places a query to them. That either causes the call to be accepted and routed, or they get an answer back saying "sorry, that number has been ported to operator FOO-TEL, go ask them instead". What happens when a phone number is ported twice, from BAR-TEL to FOO-TEL and then to WAZ-TEL? Does the call follows the list? What if there is a loop? The solution you describe does not look like the DNS to me. A solution more DNS-like would be to have a root (which is not an operator) somewhere and every call triggers a call to the root which then replies, "send to WAS-TEL". There is a shared root in the US SS7 system. The security of said root follows a rather interesting model. At least until fairly recently, any "trusted" carrier (LEC, ILEC, RBOC, or IEC) could put pretty much whatever they wanted into the database. Of course, the consequence of getting caught with your hand in the cookie jar there was sufficient that it tended to prevent invalid entries other than by accident, but, still, it was a remarkable trust model for such an industry. Owen
Re: EU Official: IP Is Personal
On Fri, Jan 25, 2008 at 10:42:44AM +, Roland Perry <[EMAIL PROTECTED]> wrote a message of 15 lines which said: > in the UK it [phone number portability] 's done with something > similar to DNS. The telephone system looks up the first N digits of > the number to determine the operator it was first issued to. And > places a query to them. That either causes the call to be accepted > and routed, or they get an answer back saying "sorry, that number > has been ported to operator FOO-TEL, go ask them instead". What happens when a phone number is ported twice, from BAR-TEL to FOO-TEL and then to WAZ-TEL? Does the call follows the list? What if there is a loop? The solution you describe does not look like the DNS to me. A solution more DNS-like would be to have a root (which is not an operator) somewhere and every call triggers a call to the root which then replies, "send to WAS-TEL".
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Andy Davidson <[EMAIL PROTECTED]> writes Tunnels all over the place seems like the only way it'd even be halfway practical. It's more-or-less how phone number portability works anyway, from what (little) I know. I don't know about the USA, but in the UK it's done with something similar to DNS. The telephone system looks up the first N digits of the number to determine the operator it was first issued to. And places a query to them. That either causes the call to be accepted and routed, or they get an answer back saying "sorry, that number has been ported to operator FOO-TEL, go ask them instead". Not quite, the simplistic overview is that operators have an obligation to offer porting wherever practical, so operate ports on a accept-then-forward principal. If I port my number from CarrierA to CarrierB, then my calls still pass through A's switch, who transits the call to B without charging the end user. For the benefit of completeness, the regulator has mandated that this situation must change, as CarrierB's inward-port customers are not protected from the technical or commercial failure of CarrierA. The industry [www.ukporting.com] has responded and is building a framework to support all-call-query style lookups to handle number ports. Apologies, I should have made it clear that I was following up the remark about cellphone number portability. Described in 2002 (at the beginning of the discussion about migrating to the new system that's currently still being built): "To deliver a call a routing enquiry is made to a Home Location Register (HLR) to determine where the subscriber is located and to obtain a routing number. The solution for mobile number portability, known as the Signalling Relay Function (SRF), is that the donor network sends the routing enquiry signal addressed to a ported number to the appropriate recipient network for treatment. In this way the recipient network can provide the routing number to complete the call." Although that is also apparently known as "onward routing", even though the subsequent call traffic isn't routed onwards. -- Roland Perry
Re: EU Official: IP Is Personal
On 25 Jan 2008, at 10:42, Roland Perry wrote: In article <[EMAIL PROTECTED]>, Matt Palmer <[EMAIL PROTECTED] > writes Tunnels all over the place seems like the only way it'd even be halfway practical. It's more-or-less how phone number portability works anyway, from what (little) I know. I don't know about the USA, but in the UK it's done with something similar to DNS. The telephone system looks up the first N digits of the number to determine the operator it was first issued to. And places a query to them. That either causes the call to be accepted and routed, or they get an answer back saying "sorry, that number has been ported to operator FOO-TEL, go ask them instead". Not quite, the simplistic overview is that operators have an obligation to offer porting wherever practical, so operate ports on a accept-then-forward principal. If I port my number from CarrierA to CarrierB, then my calls still pass through A's switch, who transits the call to B without charging the end user. For the benefit of completeness, the regulator has mandated that this situation must change, as CarrierB's inward-port customers are not protected from the technical or commercial failure of CarrierA. The industry [www.ukporting.com] has responded and is building a framework to support all-call-query style lookups to handle number ports. Best wishes, Andy
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Matt Palmer <[EMAIL PROTECTED]> writes Tunnels all over the place seems like the only way it'd even be halfway practical. It's more-or-less how phone number portability works anyway, from what (little) I know. I don't know about the USA, but in the UK it's done with something similar to DNS. The telephone system looks up the first N digits of the number to determine the operator it was first issued to. And places a query to them. That either causes the call to be accepted and routed, or they get an answer back saying "sorry, that number has been ported to operator FOO-TEL, go ask them instead". -- Roland Perry
Re: EU Official: IP Is Personal
On Fri, January 25, 2008 6:33 am, Owen DeLong wrote: > In order to be using the license plate, you had to be physically present > in the car. Or in any car displaying the same identifier. > In order to be on the telephone number, you (almost always) need to be > present at the site where that phone number is terminated. Or calling from any line that presents the same identifier. It's generally true that if you're calling from a POTS line (or BRI, for the most part), you'll either present correct CLI, or some flavour of 'unavailable' or 'witheld'. Start buying PRI service, however, and there's not a shortage of telcos where you can inject whatever CLI you like. BCP38 is no more universal in the phone network than it is in the IP one. > I don't know about your IP addresses, but, people can use my IP addresses > from a number of locations which are nowhere near the jurisdiction in > which my network operates, so, I don't really see the correlation here > with license plates or phone numbers. I'm not clear if you mean legitimately here, or not. If you've authorised people to relay traffic through you in some way, you'd be the right first contact. If you're talking about unauthorised spoofing, it's a lot like the first two cases (I'd say a fair bit easier / cheaper than the second, not substantially more so than the first). Those looking to reach a person should be aware of the possibility that any of these presented identifiers could be forged. That doesn't mean that the owner of the identifier isn't a useful person to talk to in the first instance - and hence they all, to a first approximation, function as personal identifiers. Regards, Tim.
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Hank Nussbacher <[EMAIL PROTECTED]> writes I wouldn't be suprised if in a few years some EU/US law mandates IP number portability, just like people have with their cellphones. I doubt it. The portability of Internet Addressing arises from the use of DNS. You wouldn't expect anyone to mandate that IMEI, rather than cellphone number, was made portable between handsets, would you? Making analogies between phone numbers and IP addresses has its limits. -- Roland Perry
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes So - if you can work backwards from license plate info, telephone numbers, and IP addresses, and get a good idea of who the person is, and there's general agreement that the first two are "personal information" that allows (at least speculative) identification of the person, why are people having trouble with the concept that the third is personally identifying information as well? Because they are IP engineers and they have lots of anecdotes about how an IP Address *might* be misleading when identifying an individual. If they worked in a car maintenance shop, they'd be able to tell you how licence plates *might* be misleading when identifying an individual. But in both cases they are missing the point: which is that EU Data Protection law looks at things from the opposite point of view. ie If an IP address might *sometimes* reliably identify an individual, then everyone has to err on the side of caution and treat *all* IP addresses as personal data. -- Roland Perry
Re: EU Official: IP Is Personal
Hank Nussbacher <[EMAIL PROTECTED]> wrote: > I wouldn't be suprised if in a few years some EU/US law mandates IP number > portability, just like people have with their cellphones. Imagine what > that will do to the routing tables. How many /32s can we get into the > RIBs these days? :-) The next obvious step would be complete street address portability, for all kinds of usage, like telling the cab driver where to go to get you home. Once you have lived on 1234 Main Street, it should be yours! > -Hank --Johnny
Re: EU Official: IP Is Personal
On Fri, Jan 25, 2008 at 10:49:48AM +0200, Hank Nussbacher wrote: > On Fri, 25 Jan 2008, [EMAIL PROTECTED] wrote: > >On Thu, 24 Jan 2008 22:33:20 PST, Owen DeLong said: > >>>And oddly enough, license plates on cars act *exactly the same way* - but > >>>nobody seems at all surprised when police can work backwards from a plate > >>>and come up with a suspect (who, admittedly, may not have been > >>>involved if > >>>the car was borrowed/stolen/etc). > >>> > >>In order to be using the license plate, you had to be physically > >>present in the car. > > > >"It wasn't me at the hit-and-run, my car was stolen last night" > > > >"It wasn't me, my PC got zombied" > > > >Like I said, they work *exactly the same way*. > > > >But I'm giving up. We've got people here who work for companies that have > >business models that boil down to "given an IP address, figure out who to > >bill" - but although it identifies a person well enough to send them an > >invoice, they think it isn't enough to identify them. > > I wouldn't be suprised if in a few years some EU/US law mandates IP number > portability, just like people have with their cellphones. Imagine what > that will do to the routing tables. How many /32s can we get into the > RIBs these days? :-) That'd be a fun law to try and enforce, especially against the people who refuse to accept such long routes (which is, after all, the only thing that's stopping such long announcements from appearing already). Tunnels all over the place seems like the only way it'd even be halfway practical. It's more-or-less how phone number portability works anyway, from what (little) I know. - Matt
Re: EU Official: IP Is Personal
On Fri, 25 Jan 2008, [EMAIL PROTECTED] wrote: On Thu, 24 Jan 2008 22:33:20 PST, Owen DeLong said: And oddly enough, license plates on cars act *exactly the same way* - but nobody seems at all surprised when police can work backwards from a plate and come up with a suspect (who, admittedly, may not have been involved if the car was borrowed/stolen/etc). In order to be using the license plate, you had to be physically present in the car. "It wasn't me at the hit-and-run, my car was stolen last night" "It wasn't me, my PC got zombied" Like I said, they work *exactly the same way*. But I'm giving up. We've got people here who work for companies that have business models that boil down to "given an IP address, figure out who to bill" - but although it identifies a person well enough to send them an invoice, they think it isn't enough to identify them. I wouldn't be suprised if in a few years some EU/US law mandates IP number portability, just like people have with their cellphones. Imagine what that will do to the routing tables. How many /32s can we get into the RIBs these days? :-) -Hank
Re: EU Official: IP Is Personal
On Thu, Jan 24, 2008 at 10:33:20PM -0800, Owen DeLong wrote: > On Jan 24, 2008, at 8:55 PM, [EMAIL PROTECTED] wrote: > >On Thu, 24 Jan 2008 20:39:53 PST, [EMAIL PROTECTED] said: > >>What we can do with IP addresses is conclude that the user of the > >>machine with an address is likely to be one of its usual users. We > >>can't say that with 100% certainty, because there are any number of > >>ways people can get "unusual" access. But even so, if one can show a > >>pattern of usage, the usual suspects can probably figure out which of > >>them, or what other "unusual" user, might have done this or that. > > > >And oddly enough, license plates on cars act *exactly the same way* > >- but > >nobody seems at all surprised when police can work backwards from a > >plate > >and come up with a suspect (who, admittedly, may not have been > >involved if > >the car was borrowed/stolen/etc). > > In order to be using the license plate, you had to be physically > present in the car. > > >You can work backwards from a phone number to a person, without a > >*guarantee* > >that you have the right person - but I don't see anybody claiming that > >phone numbers don't qualify as "personal information" under the EU > >definition. > > In order to be on the telephone number, you (almost always) need to be > present > at the site where that phone number is terminated. > > I don't know about your IP addresses, but, people can use my IP > addresses > from a number of locations which are nowhere near the jurisdiction in > which > my network operates, so, I don't really see the correlation here with > license > plates or phone numbers. In order to be using the IP address, your packets (almost always) have to pass through the device allocated that address. - Matt
Re: EU Official: IP Is Personal
On Thu, 24 Jan 2008 22:33:20 PST, Owen DeLong said: > > And oddly enough, license plates on cars act *exactly the same way* - but > > nobody seems at all surprised when police can work backwards from a plate > > and come up with a suspect (who, admittedly, may not have been > > involved if > > the car was borrowed/stolen/etc). > > > In order to be using the license plate, you had to be physically > present in the car. "It wasn't me at the hit-and-run, my car was stolen last night" "It wasn't me, my PC got zombied" Like I said, they work *exactly the same way*. But I'm giving up. We've got people here who work for companies that have business models that boil down to "given an IP address, figure out who to bill" - but although it identifies a person well enough to send them an invoice, they think it isn't enough to identify them. pgpvks6ragu5h.pgp Description: PGP signature
Re: EU Official: IP Is Personal
On Jan 24, 2008, at 8:55 PM, [EMAIL PROTECTED] wrote: On Thu, 24 Jan 2008 20:39:53 PST, [EMAIL PROTECTED] said: What we can do with IP addresses is conclude that the user of the machine with an address is likely to be one of its usual users. We can't say that with 100% certainty, because there are any number of ways people can get "unusual" access. But even so, if one can show a pattern of usage, the usual suspects can probably figure out which of them, or what other "unusual" user, might have done this or that. And oddly enough, license plates on cars act *exactly the same way* - but nobody seems at all surprised when police can work backwards from a plate and come up with a suspect (who, admittedly, may not have been involved if the car was borrowed/stolen/etc). In order to be using the license plate, you had to be physically present in the car. You can work backwards from a phone number to a person, without a *guarantee* that you have the right person - but I don't see anybody claiming that phone numbers don't qualify as "personal information" under the EU definition. In order to be on the telephone number, you (almost always) need to be present at the site where that phone number is terminated. I don't know about your IP addresses, but, people can use my IP addresses from a number of locations which are nowhere near the jurisdiction in which my network operates, so, I don't really see the correlation here with license plates or phone numbers. Owen
Re: EU Official: IP Is Personal
On Thu, 24 Jan 2008 20:39:53 PST, [EMAIL PROTECTED] said: > What we can do with IP addresses is conclude that the user of the > machine with an address is likely to be one of its usual users. We > can't say that with 100% certainty, because there are any number of > ways people can get "unusual" access. But even so, if one can show a > pattern of usage, the usual suspects can probably figure out which of > them, or what other "unusual" user, might have done this or that. And oddly enough, license plates on cars act *exactly the same way* - but nobody seems at all surprised when police can work backwards from a plate and come up with a suspect (who, admittedly, may not have been involved if the car was borrowed/stolen/etc). You can work backwards from a phone number to a person, without a *guarantee* that you have the right person - but I don't see anybody claiming that phone numbers don't qualify as "personal information" under the EU definition. So - if you can work backwards from license plate info, telephone numbers, and IP addresses, and get a good idea of who the person is, and there's general agreement that the first two are "personal information" that allows (at least speculative) identification of the person, why are people having trouble with the concept that the third is personally identifying information as well? pgpvnIiK2fiyy.pgp Description: PGP signature
Re: EU Official: IP Is Personal
>I dunno. I think I have a pretty good guess of who 192.159.10.227 is, or >at least who it was as of 14:35 -0800 today. Well, let me ask you you think 171.70.120.60 is. I'll give you a hint; at this instant, there are 72 of us. Here's another question. Whom would you suspect 171.71.241.89 is? At this point in time, I am in Barcelona; if I were home, that would be my address as you would see it, but my address as I would see it would be in 10.32.244.216/29. There might be several hundred people you would see using 171.71.241.89; One of the big issues with the Tsinghua SAVA proposal in the IETF is specifically the confusion of the application layer with the IP layer. They propose to embed personal identity into the IP address, and in that there are a number of issues. Internet Address != application layer identification. What we can do with IP addresses is conclude that the user of the machine with an address is likely to be one of its usual users. We can't say that with 100% certainty, because there are any number of ways people can get "unusual" access. But even so, if one can show a pattern of usage, the usual suspects can probably figure out which of them, or what other "unusual" user, might have done this or that. That is the model forensic analysts follow. And the address is personal information to the extent that it limits the set of usual suspects to a set that includes you or I.
Re: EU Official: IP Is Personal
On Jan 24, 2008 6:10 AM, Scott McGrath <[EMAIL PROTECTED]> wrote: > > We have a similar system based around Cisco's CNR which is a popular > DHCP/DNS system used by large ISP's and other large organization and it > is the IP+Timestamp coupled with the owner to MAC relationship which > allows unique identification of a user [snip] Let's not confuse identifying a person with identifying a particular network interface. The disparity between the two may vary widely with NAT, wifi, shared machines, etc. -- [EMAIL PROTECTED],darkuncle.net} || 0x5537F527 http://darkuncle.net/pubkey.asc for public key
Re: EU Official: IP Is Personal
On Thu, 24 Jan 2008 14:35:41 PST, Owen DeLong said: > I'm sorry, but, I have a great deal of difficulty seeing how an IP can > be considered personally identifying. I dunno. I think I have a pretty good guess of who 192.159.10.227 is, or at least who it was as of 14:35 -0800 today. pgpjmGn60dMUV.pgp Description: PGP signature
Re: EU Official: IP Is Personal
Owen DeLong wrote: > > I'm sorry, but, I have a great deal of difficulty seeing how an IP can > be considered > personally identifying. In the case the german regulator is dealing with the ip address is not be considered exclusive of the rest of a data set. The question is given a commercially valuable dataset which contains ip addresses what is sufficient to anonymize the users while maintaining the value of the data. The regulator has one view, which is probably wrong and search engine company (google is the one that is quoted) has another which is also probably wrong. Can someone able to mine search engine log data pick out individual users? Yes it's been demonstrated several times. Can you pick individuals out of "anonymized" datasets? Yes to that too. Can an IP address in exclusion to anything else be used to pick out an individual? possibly under some circumstances, but definitely not with a high degree of certainty. > For example, in my home, I have static addresses. However, the number of > different people using those addresses would, to me, imply that you cannot > personally identify anyone based solely on the IP address they are using > within my network. Certainly, you cannot say that I initiated all of > the packets > which came from my addresses. > > Another example would be a retail store that I work with as a SCUBA > Instructor. > They also have static IP addresses, but, I would not say that any of the > traffic > coming from the store is necessarily personally identifiable. Our entire > staff (half a dozen instructors, a dozen or so divemasters and AIs, the > owner, and at least one other retail assistant) source traffic from within > that network. > > The larger the business, the less identifiable the addresses become, > generally. > However, even in these ultra-small examples, I don't feel that the > addresses > are, in themselves, personally identifying. > > Owen >
Re: EU Official: IP Is Personal
I'm sorry, but, I have a great deal of difficulty seeing how an IP can be considered personally identifying. For example, in my home, I have static addresses. However, the number of different people using those addresses would, to me, imply that you cannot personally identify anyone based solely on the IP address they are using within my network. Certainly, you cannot say that I initiated all of the packets which came from my addresses. Another example would be a retail store that I work with as a SCUBA Instructor. They also have static IP addresses, but, I would not say that any of the traffic coming from the store is necessarily personally identifiable. Our entire staff (half a dozen instructors, a dozen or so divemasters and AIs, the owner, and at least one other retail assistant) source traffic from within that network. The larger the business, the less identifiable the addresses become, generally. However, even in these ultra-small examples, I don't feel that the addresses are, in themselves, personally identifying. Owen
Re: EU Official: IP Is Personal
Robin Stevens wrote: Can IP addresses always identify a unique individual? Definitely not, not even to those of us with access to the logs. NAT, MAC-spoofing, shared/multi-user systems and so forth still get in the way from time to time. Newer technologies such as 802.11x will stop some means of evasion in the future, and also make it easier for us to track directly by username rather than network interface. Robin Framing Private Ryan (a look at the dangers behind technology) http://www.infiltrated.net/?p=77 -- J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E smime.p7s Description: S/MIME Cryptographic Signature
Re: EU Official: IP Is Personal
On Wed, Jan 23, 2008 at 04:44:55PM -0800, Lou Katz wrote: > On Wed, Jan 23, 2008 at 05:52:41PM -0500, Sean Donelan wrote: > > In the US, folks are fighting the RIAA claiming that an IP address isn't > > enough to identify a person. > > > > In Europe, folks are fighting the Google claiming that an IP address is > > enough to identify a person. > > > > I guess it depends on which side of the pond you are on. > > They are both right. If you have a dynamic IP such as most college > students have, it is here-today-gone-tomorrow. In our environment it's common for the same system to retain the same dynamic address for months or even years. Our DHCP servers will try to assign the same address to the same client for as long as possible. For data protection purposes, we've long considered IP addresses to be personal information. They're often sufficient to track the same user, and not infrequently identify a particular user without the need for information other than a DNS lookup (people still seem fond of unimaginative hostnames like fred-pc.dept.ox.ac.uk). Can IP addresses always identify a unique individual? Definitely not, not even to those of us with access to the logs. NAT, MAC-spoofing, shared/multi-user systems and so forth still get in the way from time to time. Newer technologies such as 802.11x will stop some means of evasion in the future, and also make it easier for us to track directly by username rather than network interface. Robin -- Robin Stevens <[EMAIL PROTECTED]>Work (+44)(0)1865 273212 Networks & Telecommunications Group Fax (+44)(0)1865 273275 Oxford University Computing Services http://www.cynic.org.uk/
RE: EU Official: IP Is Personal
Hi Jeff, I agree. But gives a lot more information that most people will be comfortable disclosing. It may not guarantee identity, but it can help narrow it down to a household or billing account. I think it is time that privacy trump business interests. Roderick S. Beck Director of European Sales Hibernia Atlantic 1, Passage du Chantier, 75012 Paris http://www.hiberniaatlantic.com Wireless: 1-212-444-8829. Landline: 33-1-4346-3209. French Wireless: 33-6-14-33-48-97. AOL Messenger: GlobalBandwidth [EMAIL PROTECTED] [EMAIL PROTECTED] ``Unthinking respect for authority is the greatest enemy of truth.'' Albert Einstein.
Re: EU Official: IP Is Personal
We have a similar system based around Cisco's CNR which is a popular DHCP/DNS system used by large ISP's and other large organization and it is the IP+Timestamp coupled with the owner to MAC relationship which allows unique identification of a user and we have strict data retention policies so that after the data has been maintained for the interval specified by the Provost it is permanently removed from the database. We treat IP/Mac information as personally identifiable information and as such limit access to this information to authorized users only. But there seems to be a misapprehension that a dynamically assigned address cannot be associated with a individual. Eric Gauthier wrote: Heya, In the US, folks are fighting the RIAA claiming that an IP address isn't enough to identify a person. In Europe, folks are fighting the Google claiming that an IP address is enough to identify a person. I guess it depends on which side of the pond you are on. They are both right. If you have a dynamic IP such as most college students have, it is here-today-gone-tomorrow. Our University uses dynamic addressing but we are able to identify likely users in response to the RIAA stuff. There is a hidden step in here, at least for our University, in the IP-to-Person mapping. Our network essentially tracks the IP-to-MAC relationship and the MAC-to-Owner relationship. For us, its not the IP that identifies a person, but the combination of IP plus Timestamp, which can be used to walk our database and produce a system owner. I'm guessing that Google et. al. have a similar multi-factor token set (IP, time, cookie, etc) which allows them to map back to a "person". Eric :)
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Fred Baker <[EMAIL PROTECTED]> writes no fundamental contradiction in the proposition that private sector information can be mandated to be kept for minimum periods, is confidential, but nevertheless can be acquired by lawful subpoena. they are if the records are kept for no private sector purpose, which is the case here. The corollary that is being built on is telco call detail records, which were once used in billing. But the ISPs have no use for the data and storing it costs power, cooling, disk-or-other- storage, and so on. Get an ISP or other data center to give you an idea how many megawatts they go through and what that costs... You make the assumption that the banks have some business purpose to keep data for more than 6 months? My online bank makes it hard for me to go back further than that, but I'm sure the regulator insists they do. Your other objections are just "whose dollars" issue (ignoring the public policy debate, but this is a technical list). -- Roland Perry
Re: EU Official: IP Is Personal
Rod Beck wrote: With all due respect, it is easy back into a person's identity or a household's identity using the IP address together with other information. It's done all the time by ISPs for law enforcement and it's fruitless for you to deny it. No one said it wasn't easy all I'm saying is it's not definitive. Look at the case of the RIAA. RIAA Sues the Dead February 4, 2005 Thomas Mennecke The RIAA's campaign against alleged music pirates has been well-criticized for being overly ruthless. In their plight to eradicate file-sharing, the RIAA has pursued children, grandmothers and the destitute. In a move that many consider to only add insult to injury, the RIAA has sued 83 year old Gertrude Walton. The only problem is, Gertrude has been dead since December of 2004. ... Not only has the RIAA's legal tactics been criticized for its ruthlessness, but also the obvious inaccuracies that inevitably surface. While sharing information over a P2P network, there is no direct way for the RIAA to obtain your personal information. Under the guidelines of a "John Doe" lawsuit, the RIAA sues your IP address. The RIAA then goes to your ISP and matches the IP address with the date and time in question. http://www.slyck.com/news.php?story=653 -- J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E smime.p7s Description: S/MIME Cryptographic Signature
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, J. Oquendo <[EMAIL PROTECTED]> writes Putting aside for a moment the issue of "whose dollars pay for it" there is no fundamental contradiction in the proposition that private sector information can be mandated to be kept for minimum periods, is confidential, but nevertheless can be acquired by lawful subpoena. Think about banking records, for example, which are confidential, routinely examined in criminal enquiries, and which have to be kept for various minimum periods by accountancy law. Operationally, the banks have had to invest in special departments to do just that, it's simply part of the cost of doing business. The difference with banking records and computer generated records is, you can literally track down whether by PIN on an ATM along with for the majority of times an image taken from a camera. Try doing this with IP generated information. While law enforcement subpoenas away information, there is no guarantee person X is definitively behind even a static IP address. Its hearsay no matter how you want to look at this. Outside of the fact that lawyers still up to this day and age can't seem to grasp an all-in-one argument to get IP address information thrown out, what's next? Perhaps law enforcement agencies forcing vendors to include enough memory on wireless devices to track who logged in on a hotspot? Everyone sees the need for all sorts of accounting on the networking side of things but how legitimate is the information when anyone can share MAC addresses, jump into hotspots anonymously, quickly break into wireless networks, venture into an Internet cafe paying cash, throw on a bootable (throwaway) distribution of BSD/Linux/Solaris, do some dirty deed and leave it up to someone else to take the blame. It's a bit like licence plates on a car. Seeing a bank robber jump into a car and then using the licence plate as a "best guess" where to find the perpetrator has a lot of reasons why it's not 100% accurate. Maybe the licence plate was entirely false, or perhaps cloned from another vehicle the model colour and age. But there are enough dumb crooks out there driving cars with real licence plates, that as a first approximation it's still worth insisting everyone *has* a licence plate, and some semblance of responsibility to keep real owner details on file. -- Roland Perry
Re: EU Official: IP Is Personal
Eric Gauthier wrote: > Heya, > >>> In the US, folks are fighting the RIAA claiming that an IP address isn't >>> enough to identify a person. >>> >>> In Europe, folks are fighting the Google claiming that an IP address is >>> enough to identify a person. >>> >>> I guess it depends on which side of the pond you are on. >>> >> They are both right. If you have a dynamic IP such as most college students >> have, it is here-today-gone-tomorrow. > Our University uses dynamic addressing but we are able to identify likely > users > in response to the RIAA stuff. There is a hidden step in here, at least for > our > University, in the IP-to-Person mapping. Our network essentially tracks the > IP-to-MAC relationship and the MAC-to-Owner relationship. For us, its not > the > IP that identifies a person, but the combination of IP plus Timestamp, which > can > be used to walk our database and produce a system owner. There are a couple of ways that can break down. "Hey, dude, lemme borrow your laptop for a minute." Or "ifconfig eth0 ether aa:bb:cc:dd:ee:ff" > I'm guessing that Google et. al. have a similar multi-factor token set (IP, > time, > cookie, etc) which allows them to map back to a "person". Which, for similar reasons, does not, in any absolutely reliable way, identify a *person* at the keyboard. -- Jeff McAdams "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin signature.asc Description: OpenPGP digital signature
Re: EU Official: IP Is Personal
Rod Beck wrote: I refer you to the following posting: It is easy to back into people's identity. So simple even a caveman can do it http://www.klcconsulting.net/smac/ -- J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E smime.p7s Description: S/MIME Cryptographic Signature
RE: EU Official: IP Is Personal
I refer you to the following posting: "Our University uses dynamic addressing but we are able to identify likely users in response to the RIAA stuff. There is a hidden step in here, at least for our University, in the IP-to-Person mapping. Our network essentially tracks the IP-to-MAC relationship and the MAC-to-Owner relationship. For us, its not the IP that identifies a person, but the combination of IP plus Timestamp, which can be used to walk our database and produce a system owner. I'm guessing that Google et. al. have a similar multi-factor token set (IP, time, cookie, etc) which allows them to map back to a "person"." It is easy to back into people's identity. Regards, Roderick S. Beck Director of European Sales Hibernia Atlantic 1, Passage du Chantier, 75012 Paris http://www.hiberniaatlantic.com Wireless: 1-212-444-8829. Landline: 33-1-4346-3209. French Wireless: 33-6-14-33-48-97. AOL Messenger: GlobalBandwidth [EMAIL PROTECTED] [EMAIL PROTECTED] ``Unthinking respect for authority is the greatest enemy of truth.'' Albert Einstein.
Re: EU Official: IP Is Personal
Rod Beck wrote: I am frankly shocked that some people claim that you cannot identify people by the IP address. There was a scandal in the States where a well known ISP released search records and the New York Times was able to identify individuals using the IP address together with the search records. And here is a shocker... Supposing I despised you enough to do something horrendous to your reputation. I despised you enough to perhaps surf around your neighborhood for an open wifi connection, if I connect to what I believe is yours even the better. Since I despise you so much, I begin say, spreading viruses, spreading malware, attempting to break into banks, maybe chatting with minors. Remember now, I am in close proximity to your home, who knows maybe I was lucky enough to stumble upon your wireless connection. Should I go on with this? I see no difference between a static IP address and a credit card number. Neither are the individual's property, but that doesn't mean there should not be legal or ethical obligations surrounding them. There is a humongous difference. There is nothing more then a broad assumption that you are the individual sitting behind your IP address. There can only be proof if its shown that it was impossible for someone to have connected via your home address. Wireless router throws everything out the door unless you're using WPA, WEP which even then there is the possibility of someone still breaking into your connection. RADIUS accounting for say PPP? Oh... You'd like to verify my identity via caller ID? Caller ID spoofing defeats this too. So what's next? I'll respond offline, lest I get flamed, banned, shown the AUP again and have my fingers hit with a ruler... (sorry Alex, Martin) -- J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E smime.p7s Description: S/MIME Cryptographic Signature
Re: EU Official: IP Is Personal
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jan 24, 2008, at 12:50 PM, Roland Perry wrote: no fundamental contradiction in the proposition that private sector information can be mandated to be kept for minimum periods, is confidential, but nevertheless can be acquired by lawful subpoena. they are if the records are kept for no private sector purpose, which is the case here. The corollary that is being built on is telco call detail records, which were once used in billing. But the ISPs have no use for the data and storing it costs power, cooling, disk-or-other- storage, and so on. Get an ISP or other data center to give you an idea how many megawatts they go through and what that costs... -BEGIN PGP SIGNATURE- iD8DBQFHmJTTbjEdbHIsm0MRAkawAKDnhoWSoMvmSkvYrGMKyjcOg479fACfY5IC XPNxwAA1fsU6j5Z/r5REBLw= =2fCn -END PGP SIGNATURE-
RE: EU Official: IP Is Personal
I am frankly shocked that some people claim that you cannot identify people by the IP address. There was a scandal in the States where a well known ISP released search records and the New York Times was able to identify individuals using the IP address together with the search records. If a daily newspaper can, I suspect just about any body can ... I see no difference between a static IP address and a credit card number. Neither are the individual's property, but that doesn't mean there should not be legal or ethical obligations surrounding them. As always my opinions are my opinions and not official corporate policy Roderick S. Beck Director of European Sales Hibernia Atlantic 1, Passage du Chantier, 75012 Paris http://www.hiberniaatlantic.com Wireless: 1-212-444-8829. Landline: 33-1-4346-3209. French Wireless: 33-6-14-33-48-97. AOL Messenger: GlobalBandwidth [EMAIL PROTECTED] [EMAIL PROTECTED] ``Unthinking respect for authority is the greatest enemy of truth.'' Albert Einstein. -Original Message- From: [EMAIL PROTECTED] on behalf of J. Oquendo Sent: Thu 1/24/2008 12:57 PM To: Roland Perry Cc: nanog@merit.edu Subject: Re: EU Official: IP Is Personal Roland Perry wrote: > Putting aside for a moment the issue of "whose dollars pay for it" there > is no fundamental contradiction in the proposition that private sector > information can be mandated to be kept for minimum periods, is > confidential, but nevertheless can be acquired by lawful subpoena. > > Think about banking records, for example, which are confidential, > routinely examined in criminal enquiries, and which have to be kept for > various minimum periods by accountancy law. Operationally, the banks > have had to invest in special departments to do just that, it's simply > part of the cost of doing business. The difference with banking records and computer generated records is, you can literally track down whether by PIN on an ATM along with for the majority of times an image taken from a camera. Try doing this with IP generated information. While law enforcement subpoenas away information, there is no guarantee person X is definitively behind even a static IP address. Its hearsay no matter how you want to look at this. Outside of the fact that lawyers still up to this day and age can't seem to grasp an all-in-one argument to get IP address information thrown out, what's next? Perhaps law enforcement agencies forcing vendors to include enough memory on wireless devices to track who logged in on a hotspot? Everyone sees the need for all sorts of accounting on the networking side of things but how legitimate is the information when anyone can share MAC addresses, jump into hotspots anonymously, quickly break into wireless networks, venture into an Internet cafe paying cash, throw on a bootable (throwaway) distribution of BSD/Linux/Solaris, do some dirty deed and leave it up to someone else to take the blame. -- J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
Re: EU Official: IP Is Personal
Heya, > > In the US, folks are fighting the RIAA claiming that an IP address isn't > > enough to identify a person. > > > > In Europe, folks are fighting the Google claiming that an IP address is > > enough to identify a person. > > > > I guess it depends on which side of the pond you are on. > > > > They are both right. If you have a dynamic IP such as most college students > have, it is here-today-gone-tomorrow. Our University uses dynamic addressing but we are able to identify likely users in response to the RIAA stuff. There is a hidden step in here, at least for our University, in the IP-to-Person mapping. Our network essentially tracks the IP-to-MAC relationship and the MAC-to-Owner relationship. For us, its not the IP that identifies a person, but the combination of IP plus Timestamp, which can be used to walk our database and produce a system owner. I'm guessing that Google et. al. have a similar multi-factor token set (IP, time, cookie, etc) which allows them to map back to a "person". Eric :)
Re: EU Official: IP Is Personal
Roland Perry wrote: Putting aside for a moment the issue of "whose dollars pay for it" there is no fundamental contradiction in the proposition that private sector information can be mandated to be kept for minimum periods, is confidential, but nevertheless can be acquired by lawful subpoena. Think about banking records, for example, which are confidential, routinely examined in criminal enquiries, and which have to be kept for various minimum periods by accountancy law. Operationally, the banks have had to invest in special departments to do just that, it's simply part of the cost of doing business. The difference with banking records and computer generated records is, you can literally track down whether by PIN on an ATM along with for the majority of times an image taken from a camera. Try doing this with IP generated information. While law enforcement subpoenas away information, there is no guarantee person X is definitively behind even a static IP address. Its hearsay no matter how you want to look at this. Outside of the fact that lawyers still up to this day and age can't seem to grasp an all-in-one argument to get IP address information thrown out, what's next? Perhaps law enforcement agencies forcing vendors to include enough memory on wireless devices to track who logged in on a hotspot? Everyone sees the need for all sorts of accounting on the networking side of things but how legitimate is the information when anyone can share MAC addresses, jump into hotspots anonymously, quickly break into wireless networks, venture into an Internet cafe paying cash, throw on a bootable (throwaway) distribution of BSD/Linux/Solaris, do some dirty deed and leave it up to someone else to take the blame. -- J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E smime.p7s Description: S/MIME Cryptographic Signature
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Sean Donelan <[EMAIL PROTECTED]> writes In the US, folks are fighting the RIAA claiming that an IP address isn't enough to identify a person. In Europe, folks are fighting the Google claiming that an IP address is enough to identify a person. I guess it depends on which side of the pond you are on. The European Data Protection perspective (which has been the same since 1999, and expressed quite robustly in 2000, no new ideas have suddenly appeared) is this: Many IP addresses *are* enough to identify a person. Although sometimes you need additional information. The law talks about "identifying directly or indirectly", the latter as a result of having some *other* information available[1]. It's not a case of getting a hit based on IP address alone (which in any event needs at least a registry lookup to turn into a person's name). And therefore because *some* IP addresses indisputably identify people, you must put in place precautions to handle *all* such information appropriately (IP addresses don't come with a bit set to say "I'm an identifiable user" or "I'm not"). That's just the way European Law works. The American perspective might be (and I'm guessing here) that if only *some* IP addresses identify people, you should assume that *all* IP addresses are unreliable identifiers. [Many of the comments in this thread express somewhat of that view]. That might even be a good idea in a shoot-first ask-questions-later environment. My advice would be to try *not* to deploy such an environment :) [1] In the case of being a dial-up ISP, the RADIUS logs; others have mentioned the association between commercial wifi connections and their (roaming) subscribers. -- Roland Perry
Re: EU Official: IP Is Personal
In article <[EMAIL PROTECTED]>, Fred Baker <[EMAIL PROTECTED]> writes What I find interesting here is the Jekyll/Hyde nature of it. European ISPs are required to keep expensive logs of the behavior of subscribers for forensic data mining, accessible under subpoena, for extensive periods like 6-24 months (last I heard it was 7 years in Italy, but that may now be incorrect), but the information is deemed private and therefore inappropriate to keep under EU privacy rules. ISPs are required to keep inappropriate information at their own expense in case forensic authorities decide to pay an occasional pittance to access some small quantity of it. Putting aside for a moment the issue of "whose dollars pay for it" there is no fundamental contradiction in the proposition that private sector information can be mandated to be kept for minimum periods, is confidential, but nevertheless can be acquired by lawful subpoena. Think about banking records, for example, which are confidential, routinely examined in criminal enquiries, and which have to be kept for various minimum periods by accountancy law. Operationally, the banks have had to invest in special departments to do just that, it's simply part of the cost of doing business. -- Roland Perry Internet Policy Agency
Re: EU Official: IP Is Personal
Lou Katz wrote: They are both right. If you have a dynamic IP such as most college students have, it is here-today-gone-tomorrow. If you have static IP (business, us slugs in the Swamp, etc) you are identifyable. Hi Lou, Long time. The thing is this isn't an atemporal question. The association of an address and any other information that tends to identify an individual (say my googling the complete works of the co-author of "Survey of Modern Algebra", along with Saunders MacLaine, in particular reference [1], the "original" treatise on shaped charges, and my groveling for clue in DNS ops, and my ...) tends to unique closure over finite time. So, for a single datagram sourced from a just-allocated at random DHCP pool, wicked hard to make PII. But for many hours or days of stream to a variety of data collectors, some of which share raw or correlated data, the problem is not insoluable. Eric [1] Garret Birkhoff, et al. "Explosives With Lined Cavities". Journal of Applied Physics. June 1948, p. 563-582.
Re: EU Official: IP Is Personal
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jan 24, 2008, at 2:09 AM, Mikael Abrahamsson wrote: The local antipiracy organization in Sweden needed a permit to collect/handle IP+timestamp and save it in their database, as this information was regarded as personal information. Since ISPs regularily save who has an IP at what time, IP+timestamp can be used to discern at least what access port a certain IP was at, or in case of PPPoE etc, what account was used to obtain the IP that that time. I still think IP+timestamp doesn't imply what person did something it doesn't, no any more than the association of your cell phone with a cell tower conclusively implies that the owner of a telephone used it to do something in particular. However, in forensic data retention and wiretap procedures, the assumption is made that the user of a telephone or a computer is *probably* a person who normally has access to it. In the EU Data Retention model, I will argue that the only thing that makes sense to use as a "Session Detail Record" is an IPFIX/Netflow record correlated with with any knowledge the ISP might have of the person using the source and/or destination IP address at the time. When the address is temporarily or "permanently" assigned to a subscriber, such as a wireless address in a T-Mobile Hotspot (which one has to identify one's account when logging into, which presumptively identifies the subscriber) or the address assigned to a Cable Modem subscriber (home/SOHO), this tends to have a high degree of utility. In the wiretap model, one similarly selects the traffic one intercepts on the presumption that a surveillance subject is probably the person using the computer. For them, it's all about probability. It doesn't have to be "one" if it is reasonable to presume that it is in the neighborhood. What I find interesting here is the Jekyll/Hyde nature of it. European ISPs are required to keep expensive logs of the behavior of subscribers for forensic data mining, accessible under subpoena, for extensive periods like 6-24 months (last I heard it was 7 years in Italy, but that may now be incorrect), but the information is deemed private and therefore inappropriate to keep under EU privacy rules. ISPs are required to keep inappropriate information at their own expense in case forensic authorities decide to pay an occasional pittance to access some small quantity of it. -BEGIN PGP SIGNATURE- iD8DBQFHmA3hbjEdbHIsm0MRAhsKAJ4+xXkJm/JM/lDL1YpufmUYZdhClACgrvxD keX0Zsm+QtJG6RcCMrJcVqk= =DpcR -END PGP SIGNATURE-
Re: EU Official: IP Is Personal
On Wed, 23 Jan 2008, Lou Katz wrote: They are both right. If you have a dynamic IP such as most college students have, it is here-today-gone-tomorrow. The local antipiracy organization in Sweden needed a permit to collect/handle IP+timestamp and save it in their database, as this information was regarded as personal information. Since ISPs regularily save who has an IP at what time, IP+timestamp can be used to discern at least what access port a certain IP was at, or in case of PPPoE etc, what account was used to obtain the IP that that time. I still think IP+timestamp doesn't imply what person did something, license plate information tracking is also considered personal information even though it says nothing about who drove the car at that time, and I think IP+timestamp is approximately on the same level as a car license plate when it comes to level of personal information. -- Mikael Abrahamssonemail: [EMAIL PROTECTED]
Re: EU Official: IP Is Personal
On Wed, Jan 23, 2008 at 05:52:41PM -0500, Sean Donelan wrote: > > On Wed, 23 Jan 2008, Florian Weimer wrote: > >If IP addresses don't identify anything, why do they collect and keep > >them? > > In the US, folks are fighting the RIAA claiming that an IP address isn't > enough to identify a person. > > In Europe, folks are fighting the Google claiming that an IP address is > enough to identify a person. > > I guess it depends on which side of the pond you are on. > They are both right. If you have a dynamic IP such as most college students have, it is here-today-gone-tomorrow. If you have static IP (business, us slugs in the Swamp, etc) you are identifyable. -- -=[L]=- I wouldn't take any advice, if I were you.
Re: EU Official: IP Is Personal
On Wed, Jan 23, 2008 at 05:26:09PM +, Paul Vixie wrote: > > [EMAIL PROTECTED] (Hank Nussbacher) writes: > > > http://ap.google.com/article/ALeqM5g08qkYTaNhLlscXKMnS3V8dkc-WwD8UAGH900 > > they say it's personally identifiable information, not personal property. > EU's concern is the privacy implications of data that google and others > are saving, they are not making a statement related to address ownership. Perhaps not. But people will interpret it as they wish to. -- Joe Yao Qinetiq NA / Analex Contractor
Re: EU Official: IP Is Personal
On Wed, 23 Jan 2008, Florian Weimer wrote: If IP addresses don't identify anything, why do they collect and keep them? In the US, folks are fighting the RIAA claiming that an IP address isn't enough to identify a person. In Europe, folks are fighting the Google claiming that an IP address is enough to identify a person. I guess it depends on which side of the pond you are on.
Re: EU Official: IP Is Personal
> Paul Vixie wrote: > > [EMAIL PROTECTED] (Hank Nussbacher) writes: > >> http://ap.google.com/article/ALeqM5g08qkYTaNhLlscXKMnS3V8dkc-WwD8UAGH900 > > > > they say it's personally identifiable information, not personal property. > > EU's concern is the privacy implications of data that google and others > > are saving, they are not making a statement related to address ownership. > > Correct. In the EU DP framework (see: > [...] > P. S. How many bits in the mask are necessary to achieve the non-PII aim? So, this could be basically a matter of dredging up someone with a /25 allocated to them personally, in the EU service area. I think I know some people like that. I know for a fact that I know people with swamp C's here in the US. That would seem to set the bar higher than a mere 7 bits. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: EU Official: IP Is Personal
* Eric Brunner-Williams: > However, Google/DoubleClick claim they have the right to collect PII > data and disclose less than their complete data collection policy, and > in particular, claim that endpoint identifiers do not tend to identify > individuals. Further, they assert a property claim on such collected > data. If IP addresses don't identify anything, why do they collect and keep them? Anyway, mandatory data retention seems to change the consensus whose job it is to retain a certain level of perceived anonymity. Even if the retention policies do not actually change that much, it's usually assumed that the ISPs do no good job at protecting customer identity anymore. (You have to see this in a context where most of the consumer Internet connections change their assigned IP address at least once a day, which explains the old expectation to some degree.) Now that ISPs are out of the loop, the attention turns to folks at higher protocol levels. Some folks probably think that by complaining loadly enough, they might be hosting a Google Privacy Research Center soon, or something like that. *sigh*
Re: EU Official: IP Is Personal
Eric Brunner-Williams wrote: > Correct. In the EU DP framework (see: > http://ec.europa.eu/justice_home/fsj/privacy/), personal > privacy doesn't arise from private law (contract or property), but from > public law (the human rights > statements contained in the treaty under which the EU is formed). > > However, Google/DoubleClick claim they have the right to collect PII > data and disclose less than > their complete data collection policy, and in particular, claim that > endpoint identifiers do not tend > to identify individuals. Further, they assert a property claim on such > collected data. > > See the partialip definition in the W3C's P3P Spec for an attempt to > straddle the fence at offset 7: > > "a partialip element represents an IP version 4 address (only - not a > version 6 address) which has > had at least the last 7 bits of information removed" > > The theory for partialip was that a full address (v4 or v6) was PII, and > a partial (for v4 only, at 7bits) > was not PII. > > Eric > > P. S. How many bits in the mask are necessary to achieve the non-PII aim? One might observe that the ip address is not used in isolation. Some other metadata is being collected whether it's the product of a search query or a referrer url or whatever dataset contains the ips but that an ip address anonymized by dropping 8 bits from the mask in conjunction with the other information is probably more than enough to uniquely identify an individual in the sorts of data sets that are being discussed here. this rather timely article has some pointers on the subject. http://www.schneier.com/crypto-gram-0801.html#1
Re: EU Official: IP Is Personal
Paul Vixie wrote: [EMAIL PROTECTED] (Hank Nussbacher) writes: http://ap.google.com/article/ALeqM5g08qkYTaNhLlscXKMnS3V8dkc-WwD8UAGH900 they say it's personally identifiable information, not personal property. EU's concern is the privacy implications of data that google and others are saving, they are not making a statement related to address ownership. Correct. In the EU DP framework (see: http://ec.europa.eu/justice_home/fsj/privacy/), personal privacy doesn't arise from private law (contract or property), but from public law (the human rights statements contained in the treaty under which the EU is formed). However, Google/DoubleClick claim they have the right to collect PII data and disclose less than their complete data collection policy, and in particular, claim that endpoint identifiers do not tend to identify individuals. Further, they assert a property claim on such collected data. See the partialip definition in the W3C's P3P Spec for an attempt to straddle the fence at offset 7: "a partialip element represents an IP version 4 address (only - not a version 6 address) which has had at least the last 7 bits of information removed" The theory for partialip was that a full address (v4 or v6) was PII, and a partial (for v4 only, at 7bits) was not PII. Eric P. S. How many bits in the mask are necessary to achieve the non-PII aim?
Re: EU Official: IP Is Personal
[EMAIL PROTECTED] (Hank Nussbacher) writes: > http://ap.google.com/article/ALeqM5g08qkYTaNhLlscXKMnS3V8dkc-WwD8UAGH900 they say it's personally identifiable information, not personal property. EU's concern is the privacy implications of data that google and others are saving, they are not making a statement related to address ownership. -- Paul Vixie