I am frankly shocked that some people claim that you cannot identify people by the IP address. There was a scandal in the States where a well known ISP released search records and the New York Times was able to identify individuals using the IP address together with the search records. If a daily newspaper can, I suspect just about any body can ... I see no difference between a static IP address and a credit card number. Neither are the individual's property, but that doesn't mean there should not be legal or ethical obligations surrounding them. As always my opinions are my opinions and not official corporate policy Roderick S. Beck Director of European Sales Hibernia Atlantic 1, Passage du Chantier, 75012 Paris http://www.hiberniaatlantic.com Wireless: 1-212-444-8829. Landline: 33-1-4346-3209. French Wireless: 33-6-14-33-48-97. AOL Messenger: GlobalBandwidth rod.beck@hiberniaatlantic.com rodbeck@erols.com ``Unthinking respect for authority is the greatest enemy of truth.'' Albert Einstein. -----Original Message----- From: owner-nanog@merit.edu on behalf of J. Oquendo Sent: Thu 1/24/2008 12:57 PM To: Roland Perry Cc: nanog@merit.edu Subject: Re: EU Official: IP Is Personal Roland Perry wrote:
Putting aside for a moment the issue of "whose dollars pay for it" there is no fundamental contradiction in the proposition that private sector information can be mandated to be kept for minimum periods, is confidential, but nevertheless can be acquired by lawful subpoena.
Think about banking records, for example, which are confidential, routinely examined in criminal enquiries, and which have to be kept for various minimum periods by accountancy law. Operationally, the banks have had to invest in special departments to do just that, it's simply part of the cost of doing business.
The difference with banking records and computer generated records is, you can literally track down whether by PIN on an ATM along with for the majority of times an image taken from a camera. Try doing this with IP generated information. While law enforcement subpoenas away information, there is no guarantee person X is definitively behind even a static IP address. Its hearsay no matter how you want to look at this. Outside of the fact that lawyers still up to this day and age can't seem to grasp an all-in-one argument to get IP address information thrown out, what's next? Perhaps law enforcement agencies forcing vendors to include enough memory on wireless devices to track who logged in on a hotspot? Everyone sees the need for all sorts of accounting on the networking side of things but how legitimate is the information when anyone can share MAC addresses, jump into hotspots anonymously, quickly break into wireless networks, venture into an Internet cafe paying cash, throw on a bootable (throwaway) distribution of BSD/Linux/Solaris, do some dirty deed and leave it up to someone else to take the blame. -- ==================================================== J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E