On Sat, 21 Oct 2000, Ian Welton wrote:
> Treating IP addresses in the same way as telephone numbers does then seem to
> be a logical and reasonable way forward.
Probably good advice.
> However, there is massive misuse of telephone numbers where they are widely
> matched with other data and re-constituted as personal data which is then
> used for other purposes without the knowledge or permission of the data
> subject. A situation which seemed to be illustrated by the news item which
> started this thread.
Also fits the analogy in treatment well.
> Is there any method of determining how to effectively manage this before it
> becomes a major DP difficulty/problem?
One method is to allow the host to generate a "random" IP address every
time it reboots or resets its network device (or via some other cue).
The use of DHCP offers a method to do this, but network administrators
would be less happy using this method because it then becomes harder to
track faults, incidents, traffic flows, etc. The mapping to a person is
not so important, but knowing which machine is which with time is useful.
The use of NAT offers some level of anonymity outside the local network
(on the public side of the NAT translator), but NAT is seen as bad for a
number of reasons (effects on protocols, interaction with IPSec, etc).
NAT is rarely used in academia as IP space isn't at a premium. Many
companies use it because they have many more network-connected devices
than global IP addresses.
In a few years when the use of IPv6 is more commonplace (we currently use
IP version 4) there is an RFC that specifically addresses the IP address
privacy issue. Because IPv6 uses 128-bit addresses (not 32-bits) there
is scope to use randomly seeded 64-bit host parts within the address.
So there are recommendations you could make - the first two have some
bad side-effects, the third is a while off yet.
tim
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|