I think that even without the difference in language (ie even under the DPA), IP addresses will often be personal data in the eyes of regulators (including our own). The argument doesn’t depend on identification being acquainted with actually finding a real live person upon whose door you can knock and say hello. All that is needed is that you treat the person in a particular way because of the IP address or number (or facial characteristic).

So, if I serve an advert up to a browser based on the IP address (say, for a data protection course from Amerhawk), then I have “singled that person out” in a way which triggers DP law. (I leave aside for this purpose the argument that an IP address only identifies a computer which could be used by many people, since that would arise under the directive definition also, and also because it doesn’t always hold true.)

Likewise if Mr Rynes had been in the UK (with our narrower definition) and included in his CCTV technology some facial recognition technology to sound an alarm or throw snowballs (or whatever) whenever a particular person came by, then he is processing the personal data even if he doesn’t know the identity (in the sense of name and address) of the vandal.

Can’t wait for the ECJ ruling in the German case.

Renzo Marchini

Special Counsel
Dechert LLP
+44 20 7184 7563 Direct

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Chris Pounder
Sent: 30 January 2015 10:01
To: [log in to unmask]
Subject: [data-protection] FW: Hawktalk: ECJ Ryneš ruling implies IP addresses are personal data in themselves

ECJ Ryneš ruling implies IP addresses are personal data in themselves

Just published on Hawktalk: http://amberhawk.typepad.com/amberhawk/

My thoughts on IP addresses were triggered by the Ryneš ECJ case (domestic purposes exemption does not apply to surveillance of public places from a domestically installed CCTV). I think the Ryneš case strengthens the argument that an IP address is personal data in many instances.

If I am correct, the UK’s Data Protection Act definition of "personal data" is definitely a deficient implementation of the personal data definition in Directive 95/46/EC and the right to object to marketing to search engines (and perhaps apps on smartphones follow).

Dr. C. N. M. Pounder

Director: Amberhawk Training Limited and Amberhawk Associates

Phone: 0845 680 2623 or Mob: 07735 365 585

Website: Amberhawk - www.amberhawk.com

Blog: Hawktalk - http://amberhawk.typepad.com

Twitter:@hawktalk_blog

cid:image001.jpg@01D03BEB.57CA1840

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

Leaving this list: send leave data-protection to [log in to unmask]
Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]
To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]
To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)

This e-mail is from Dechert LLP, a law firm, and may contain information that is confidential or privileged. If you are not the intended recipient, please delete the e-mail and any attachments, and notify the sender. Dechert LLP is a limited liability partnership registered in England & Wales (Registered No. OC306029) and is authorised and regulated by the Solicitors Regulation Authority. A list of names of the members of Dechert LLP (who are solicitors or registered foreign lawyers) is available for inspection at its registered office, 160 Queen Victoria Street, London EC4V 4QQ.

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

Leaving this list: send leave data-protection to [log in to unmask]
Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]
To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]
To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)