Anybody running pcap traces?

[Nick Hilliard]

On 01/06/2011 07:09, Brian E Carpenter wrote:
> That's why anonymised traces are common. However, the informed legal opinion
> may not apply to cases where IP addresses cannot be tied to individuals.

This isn't really relevant to ipv6, but...

It's a difficult area.  On the one hand, there is a EU working group 
opinion (I don't have the reference for this right now) to the effect that 
the combination of IP addresses and timestamps unquestionably constitutes 
personally identifiable information as defined in the data protection 
directives.  While this interpretation is not legally binding in any way, 
it's the sort of thing that would be given very serious consideration by a 
court of law.

On the other hand, there was an analysis of the situation in the High Court 
in Ireland in 2009 (as part of the well-known EMI & Others vs Eircom case), 
which for the purposes of that case concluded that IP addresses and 
timestamps of were certainly personally identifiable information when 
linked to a customer database, but perhaps not in other cases.  E.g. they 
would be personally identifiable information for an ISP, but so long as 
there was no feedback from the ISP about the user of the address at the 
time, not for a third party company which was in the business of collecting 
information about potential criminal copyright ingringement.  While this 
was unreported, the opinion was echoed in the EMI&Ors vs UPC case in 2010, 
where Justice Peter Charleton noted:

--
I find it impossible to recognise as a matter of constitutional law, that 
the protection of the entitlement to be left in the sphere of private 
communications could ever extend to conversations, emails, letters, 
phonecalls or any other communication designed to further a criminal 
enterprise. Criminals leave the private sphere when they infringe the 
rights of other, or conspire in that respect.
[...]
In the case of internet file sharing to infringe copyright, I am of the 
view that there are no privacy or data protection implications to detecting 
unauthorised downloads of copyright material using peer-to-peer technology.
--

So once you conspire to commit a crime, you leave behind some of your 
rights, including certain rights to data protection.

Outside this, while I'm not aware of any specific judgements which 
categorically declare IP addresses and timestamps to be personally 
identifiable information, my recollection of the 2009 hearing left me with 
the very strong impression that this was extremely delicate ground to tread 
on, and that legal judgement could easily go one way or the other in the 
general case.

ianal.

Nick