EU Official: IP Is Personal

Fred Baker fred at cisco.com
Thu Jan 24 04:02:41 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jan 24, 2008, at 2:09 AM, Mikael Abrahamsson wrote:

> The local antipiracy organization in Sweden needed a permit to  
> collect/handle IP+timestamp and save it in their database, as this  
> information was regarded as personal information. Since ISPs  
> regularily save who has an IP at what time, IP+timestamp can be  
> used to discern at least what access port a certain IP was at, or  
> in case of PPPoE etc, what account was used to obtain the IP that  
> that time.
>
> I still think IP+timestamp doesn't imply what person did something

it doesn't, no any more than the association of your cell phone with  
a cell tower conclusively implies that the owner of a telephone used  
it to do something in particular. However, in forensic data retention  
and wiretap procedures, the assumption is made that the user of a  
telephone or a computer is *probably* a person who normally has  
access to it.

In the EU Data Retention model, I will argue that the only thing that  
makes sense to use as a "Session Detail Record" is an IPFIX/Netflow  
record correlated with with any knowledge the ISP might have of the  
person using the source and/or destination IP address at the time.  
When the address is temporarily or "permanently" assigned to a  
subscriber, such as a wireless address in a T-Mobile Hotspot (which  
one has to identify one's account when logging into, which  
presumptively identifies the subscriber) or the address assigned to a  
Cable Modem subscriber (home/SOHO), this tends to have a high degree  
of utility.

In the wiretap model, one similarly selects the traffic one  
intercepts on the presumption that a surveillance subject is probably  
the person using the computer.

For them, it's all about probability. It doesn't have to be "one" if  
it is reasonable to presume that it is in the neighborhood.

What I find interesting here is the Jekyll/Hyde nature of it.  
European ISPs are required to keep expensive logs of the behavior of  
subscribers for forensic data mining, accessible under subpoena, for  
extensive periods like 6-24 months (last I heard it was 7 years in  
Italy, but that may now be incorrect), but the information is deemed  
private and therefore inappropriate to keep under EU privacy rules.  
ISPs are required to keep inappropriate information at their own  
expense in case forensic authorities decide to pay an occasional  
pittance to access some small quantity of it.
-----BEGIN PGP SIGNATURE-----

iD8DBQFHmA3hbjEdbHIsm0MRAhsKAJ4+xXkJm/JM/lDL1YpufmUYZdhClACgrvxD
keX0Zsm+QtJG6RcCMrJcVqk=
=DpcR
-----END PGP SIGNATURE-----



More information about the NANOG mailing list