Inspired by my previous thread, I find myself pondering on the situation where a car is recorded entering a car park (with a 2-hour free stay).
But then (for whatever reason) is not recorded exiting the location.
A few weeks later a penalty letter is received. Presumably with a blank
where the exit time should be, and a calculation in the several hundreds
for hours overstay.
In such a case, if a driver were to ask for the company to demonstrate
that the records match the reality (i.e. the car is still there) and they can't (because it ain't), would it be enough to invalidate any claim the company might make ? After all their equipment clearly isn't up to the
job.
(A similar argument would apply where they have 2 entrance times, and no intervening exit time.)
JOOI how far does the evidence need to go in such cases ? Would a system
that doesn't capture photographs be valid ?
Inspired by my previous thread, I find myself pondering on the situation where a car is recorded entering a car park (with a 2-hour free stay).
But then (for whatever reason) is not recorded exiting the location.
A few weeks later a penalty letter is received. Presumably with a blank
where the exit time should be, and a calculation in the several hundreds
for hours overstay.
In such a case, if a driver were to ask for the company to demonstrate
that the records match the reality (i.e. the car is still there) and they can't (because it ain't), would it be enough to invalidate any claim the company might make ? After all their equipment clearly isn't up to the
job.
(A similar argument would apply where they have 2 entrance times, and no intervening exit time.)
JOOI how far does the evidence need to go in such cases ? Would a system
that doesn't capture photographs be valid ?
From another place; plus a local forum a while back
Inspired by my previous thread, I find myself pondering on the situation where a car is recorded entering a car park (with a 2-hour free stay).
But then (for whatever reason) is not recorded exiting the location.
A few weeks later a penalty letter is received. Presumably with a blank
where the exit time should be, and a calculation in the several hundreds
for hours overstay.
JOOI how far does the evidence need to go in such cases ? Would a system
that doesn't capture photographs be valid ?
It can be successfully appealed, but your initial appeal will require evidence
On Fri, 15 Dec 2023 12:38:37 +0000, billy bookcase wrote:
It can be successfully appealed, but your initial appeal will require >>evidence
The "evidence" being the total and utter lack of that car in the car park.
On Fri, 15 Dec 2023 12:38:37 +0000, billy bookcase wrote:
It can be successfully appealed, but your initial appeal will require
evidence
The "evidence" being the total and utter lack of that car in the car park.
"Jethro_uk" <jethro_uk@hotmailbin.com> wrote in message >news:ulh9i3$1s1is$44@dont-email.me...
Inspired by my previous thread, I find myself pondering on the situation
where a car is recorded entering a car park (with a 2-hour free stay).
But then (for whatever reason) is not recorded exiting the location.
A few weeks later a penalty letter is received. Presumably with a blank
where the exit time should be, and a calculation in the several hundreds
for hours overstay.
In such a case, if a driver were to ask for the company to demonstrate
that the records match the reality (i.e. the car is still there) and they
can't (because it ain't), would it be enough to invalidate any claim the
company might make ? After all their equipment clearly isn't up to the
job.
(A similar argument would apply where they have 2 entrance times, and no
intervening exit time.)
JOOI how far does the evidence need to go in such cases ? Would a system
that doesn't capture photographs be valid ?
From another place; plus a local forum a while back
quote:
Private companies will only invoice you when they have 2 images to create
a timeframe of your visit. You can get caught out if it missed you leaving
on day 1 but captures you on day 2.
It can be successfully appealed, but your initial appeal will require evidence >and will be to the company that invoiced you and they can be difficult to deal >with. Once that appeal is over, you can appeal to POPLA.
unquote:
On 15/12/2023 10:25, Jethro_uk wrote:
Inspired by my previous thread, I find myself pondering on the situation
where a car is recorded entering a car park (with a 2-hour free stay).
But then (for whatever reason) is not recorded exiting the location.
A few weeks later a penalty letter is received. Presumably with a blank
where the exit time should be, and a calculation in the several hundreds
for hours overstay.
I think they only ever bother to send out a fine letter when they have a
pair of images with date and timestamps of the vehicle. They are aware
of missing entry and exits due to cars tailgating high vehicles and >pedestrians or solar glare obscuring numberplates at some times of day.
JOOI how far does the evidence need to go in such cases ? Would a system
that doesn't capture photographs be valid ?
The only one that causes trouble is if you revisit and were missed
leaving the first time and missed entering the second time. Then you do
have a problem and need to prove your vehicle was elsewhere for some of
the interim period.
ISTR we had a concrete example of that here not too long ago.
Inspired by my previous thread, I find myself pondering on the situation >where a car is recorded entering a car park (with a 2-hour free stay).
But then (for whatever reason) is not recorded exiting the location.
A few weeks later a penalty letter is received. Presumably with a blank
where the exit time should be, and a calculation in the several hundreds
for hours overstay.
What's more of an issue is where there are two consecutive misreads, one
out and one in, in the course of a double visit. So instead of a
sequence of in-out-in-out the system merely has in-[long delay]-out,
which will, of course, generate a ticket. But that's usually reasonably
easy to contest, since the driver will almost always have evidence to demonstrate that the vehicle was elsewhere in the middle.
On Sat, 16 Dec 2023 21:40:09 +0000, Mark Goodge wrote:
What's more of an issue is where there are two consecutive misreads, one
out and one in, in the course of a double visit. So instead of a
sequence of in-out-in-out the system merely has in-[long delay]-out,
which will, of course, generate a ticket. But that's usually reasonably
easy to contest, since the driver will almost always have evidence to
demonstrate that the vehicle was elsewhere in the middle.
"almost always" ?
I have no evidence whatsoever (that couldn't be invented) that my car was >where it was on yesterdays journeys. I suspect most motorists would be
the same.
I probably drove past some ANPR speed cameras, and the supermarket
filling station I used probably had ANPR too. But since I don't speed and >paid for my fuel, they are moot.
My phone being used as my sat-nav. But that doesn't mean a hill of beans
as it's not demonstrably linked to the car. There are probably some sort
of logs in the car that could forensically show that phone was connected
at this time. But since I wouldn't be able to claim back the 000s it
would cost for such evidence, it too is moot.
On Sun, 17 Dec 2023 10:16:05 -0000 (UTC), Jethro_uk <jethro_uk@hotmailbin.com> wrote:
On Sat, 16 Dec 2023 21:40:09 +0000, Mark Goodge wrote:
What's more of an issue is where there are two consecutive misreads,
one out and one in, in the course of a double visit. So instead of a
sequence of in-out-in-out the system merely has in-[long delay]-out,
which will, of course, generate a ticket. But that's usually
reasonably easy to contest, since the driver will almost always have
evidence to demonstrate that the vehicle was elsewhere in the middle.
"almost always" ?
Your phone being demonstrably elsewhere would be enough. It's a civil
case, so if it went to court it would be decided on the balance of probabilities, and the probability that your car was still in the car
park while your phone was a considerable distance from it is well below
50%. But a receipt from another shop would also work, as would witness testimony from someone else who saw you elsewhere.
I have no evidence whatsoever (that couldn't be invented) that my car
was where it was on yesterdays journeys. I suspect most motorists would
be the same.
I probably drove past some ANPR speed cameras, and the supermarket
filling station I used probably had ANPR too. But since I don't speed
and paid for my fuel, they are moot.
My phone being used as my sat-nav. But that doesn't mean a hill of beans
as it's not demonstrably linked to the car. There are probably some sort
of logs in the car that could forensically show that phone was connected
at this time. But since I wouldn't be able to claim back the £000s it >>would cost for such evidence, it too is moot.
Most current models of most cars have accessible GPS logs. But, of
course, there are still a lot of people driving around in older cars. I
can check the GPS history of my car (2018 reg), but not my wife's
(2014). But both of us can check the GPS history on our phones.
Mark
On Sun, 17 Dec 2023 19:39:04 +0000, Mark Goodge wrote:
On Sun, 17 Dec 2023 10:16:05 -0000 (UTC), Jethro_uk
<jethro_uk@hotmailbin.com> wrote:
On Sat, 16 Dec 2023 21:40:09 +0000, Mark Goodge wrote:
What's more of an issue is where there are two consecutive misreads,
one out and one in, in the course of a double visit. So instead of a
sequence of in-out-in-out the system merely has in-[long delay]-out,
which will, of course, generate a ticket. But that's usually
reasonably easy to contest, since the driver will almost always have
evidence to demonstrate that the vehicle was elsewhere in the middle.
"almost always" ?
Your phone being demonstrably elsewhere would be enough. It's a civil
case, so if it went to court it would be decided on the balance of
probabilities, and the probability that your car was still in the car
park while your phone was a considerable distance from it is well below
50%. But a receipt from another shop would also work, as would witness
testimony from someone else who saw you elsewhere.
I have no evidence whatsoever (that couldn't be invented) that my car
was where it was on yesterdays journeys. I suspect most motorists would
be the same.
I probably drove past some ANPR speed cameras, and the supermarket
filling station I used probably had ANPR too. But since I don't speed
and paid for my fuel, they are moot.
My phone being used as my sat-nav. But that doesn't mean a hill of beans >>> as it's not demonstrably linked to the car. There are probably some sort >>> of logs in the car that could forensically show that phone was connected >>> at this time. But since I wouldn't be able to claim back the £000s it
would cost for such evidence, it too is moot.
Most current models of most cars have accessible GPS logs. But, of
course, there are still a lot of people driving around in older cars. I
can check the GPS history of my car (2018 reg), but not my wife's
(2014). But both of us can check the GPS history on our phones.
Mark
We still seem to be straying into the wrong side of people having to
prove their innocence at their own expense, rather than others having to prove the contrary at their expense.
We still seem to be straying into the wrong side of people having to
prove their innocence at their own expense, rather than others having to >prove the contrary at their expense.
On Sun, 17 Dec 2023 20:57:06 -0000 (UTC), Jethro_uk <jethro_uk@hotmailbin.com> wrote:
We still seem to be straying into the wrong side of people having to
prove their innocence at their own expense, rather than others having to
prove the contrary at their expense.
It's a civil case. The concept of guilt or innocence doesn't come into it. What you've got is two sides to a dispute, both of which will present their own evidence, and the judge will decide on the balance of probabilities.
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it. >> What you've got is two sides to a dispute, both of which will present their >> own evidence, and the judge will decide on the balance of probabilities.
The balance of what probability? How is it calculated.
On Mon, 18 Dec 2023 13:25:42 +0000, Pancho <Pancho.Jones@proton.me> wrote:
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it. >>> What you've got is two sides to a dispute, both of which will present their >>> own evidence, and the judge will decide on the balance of probabilities. >>>
The balance of what probability? How is it calculated.
There's a useful article on it here:
https://uk.practicallaw.thomsonreuters.com/2-500-6576?contextData=(sc.Default)&transitionType=Default&firstPage=true
or https://tinyurl.com/227yteck
"Mark Goodge" <usenet@listmail.good-stuff.co.uk> wrote in message news:u1m0oi1bu802bh969i2vdrsec2vllf79ub@4ax.com...
[quoted text muted]
quote:
To quote again from Lord Hoffman, this time in a judicial review case (Secretary of State for the Home Department v Rehman [2001] UKHL 47):
"It would need more cogent evidence to satisfy [a judge] that the
creature seen walking in Regent's Park was more likely than not to have
been a lioness than to be satisfied to the same standard of probability
that it was an Alsatian."
On Monday 18 December 2023 at 18:25:31 UTC, billy bookcase wrote:
"Mark Goodge" <use...@listmail.good-stuff.co.uk> wrote in message
news:u1m0oi1bu802bh969...@4ax.com...
On Mon, 18 Dec 2023 13:25:42 +0000, Pancho <Pancho...@proton.me> wrote:quote:
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it.
What you've got is two sides to a dispute, both of which will present their
own evidence, and the judge will decide on the balance of probabilities. >> >>>
The balance of what probability? How is it calculated.
To quote again from Lord Hoffman, this time in a judicial review case
(Secretary of State for the Home Department v Rehman [2001] UKHL 47):
"It would need more cogent evidence to satisfy [a judge] that the
creature seen walking in Regent's Park was more likely than not to
have been a lioness than to be satisfied to the same standard of
probability that it was an Alsatian."
unquote:
Indeed so
There's a useful article on it here:
https://uk.practicallaw.thomsonreuters.com/2-500-6576?contextData=(sc.Default)&transitionType=Default&firstPage=true
or https://tinyurl.com/227yteck
bb
I've seen a lion in Regent's Park!
quite a few other no native animals too - you see there is a zoo... https://cms.londonzoo.org/sites/default/files/styles/responsive/public/1280/755/1/2022-11/LZ%20Lions%20Pine%20Trees%20Nov%2019%202018-14.jpg
"notya...@gmail.com" <notyalckram@gmail.com> wrote in message news:0c32e184-261f-4394-a157-6c7a1e242faan@googlegroups.com...
On Monday 18 December 2023 at 18:25:31 UTC, billy bookcase wrote:
"Mark Goodge" <use...@listmail.good-stuff.co.uk> wrote in message
news:u1m0oi1bu802bh969...@4ax.com...
On Mon, 18 Dec 2023 13:25:42 +0000, Pancho <Pancho...@proton.me> wrote: >>>>quote:
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it.
What you've got is two sides to a dispute, both of which will present their
own evidence, and the judge will decide on the balance of probabilities. >>>>>>
The balance of what probability? How is it calculated.
To quote again from Lord Hoffman, this time in a judicial review case
(Secretary of State for the Home Department v Rehman [2001] UKHL 47):
"It would need more cogent evidence to satisfy [a judge] that the
creature seen walking in Regent's Park was more likely than not to
have been a lioness than to be satisfied to the same standard of
probability that it was an Alsatian."
unquote:
Indeed so
There's a useful article on it here:
https://uk.practicallaw.thomsonreuters.com/2-500-6576?contextData=(sc.Default)&transitionType=Default&firstPage=true
or https://tinyurl.com/227yteck
bb
I've seen a lion in Regent's Park!
But from this side of the bars, presumably.
On 19/12/2023 14:00, billy bookcase wrote:
"notya...@gmail.com" <notyalckram@gmail.com> wrote in message
news:0c32e184-261f-4394-a157-6c7a1e242faan@googlegroups.com...
On Monday 18 December 2023 at 18:25:31 UTC, billy bookcase wrote:
"Mark Goodge" <use...@listmail.good-stuff.co.uk> wrote in message
news:u1m0oi1bu802bh969...@4ax.com...
On Mon, 18 Dec 2023 13:25:42 +0000, Pancho <Pancho...@proton.me> wrote: >>>>>quote:
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it.
What you've got is two sides to a dispute, both of which will present their
own evidence, and the judge will decide on the balance of probabilities.
The balance of what probability? How is it calculated.
To quote again from Lord Hoffman, this time in a judicial review case
(Secretary of State for the Home Department v Rehman [2001] UKHL 47):
"It would need more cogent evidence to satisfy [a judge] that the
creature seen walking in Regent's Park was more likely than not to
have been a lioness than to be satisfied to the same standard of
probability that it was an Alsatian."
unquote:
Indeed so
There's a useful article on it here:
https://uk.practicallaw.thomsonreuters.com/2-500-6576?contextData=(sc.Default)&transitionType=Default&firstPage=true
or https://tinyurl.com/227yteck
bb
I've seen a lion in Regent's Park!
But from this side of the bars, presumably.
I have ridden an elephant in Regent's Park.
"Colin Bignell" <cpb@bignellREMOVETHIS.me.uk> wrote in message news:h8-dnTtvo8u9dxz4nZ2dnZeNn_WdnZ2d@giganews.com...
On 19/12/2023 14:00, billy bookcase wrote:
"notya...@gmail.com" <notyalckram@gmail.com> wrote in message
news:0c32e184-261f-4394-a157-6c7a1e242faan@googlegroups.com...
On Monday 18 December 2023 at 18:25:31 UTC, billy bookcase wrote:
"Mark Goodge" <use...@listmail.good-stuff.co.uk> wrote in message
news:u1m0oi1bu802bh969...@4ax.com...
On Mon, 18 Dec 2023 13:25:42 +0000, Pancho <Pancho...@proton.me> wrote: >>>>>>quote:
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it.
What you've got is two sides to a dispute, both of which will present their
own evidence, and the judge will decide on the balance of probabilities.
The balance of what probability? How is it calculated.
To quote again from Lord Hoffman, this time in a judicial review case >>>>> (Secretary of State for the Home Department v Rehman [2001] UKHL 47): >>>>>
"It would need more cogent evidence to satisfy [a judge] that the
creature seen walking in Regent's Park was more likely than not to
have been a lioness than to be satisfied to the same standard of
probability that it was an Alsatian."
unquote:
Indeed so
There's a useful article on it here:
https://uk.practicallaw.thomsonreuters.com/2-500-6576?contextData=(sc.Default)&transitionType=Default&firstPage=true
or https://tinyurl.com/227yteck
bb
I've seen a lion in Regent's Park!
But from this side of the bars, presumably.
I have ridden an elephant in Regent's Park.
But if you said that to anyone, they would immediately know what
you meant.
That you or your parents had paid your admission to
Regents Park Zoo, and paid a further amount for you to ride on
an Elephant.
Whereas if somebody said they'd seen a lioness walking in Regents
Park, they would need to produce cogent evidence, unlike in the
case of alsations, that that is indeed, what they had seen. And not simply,which much more probable, purchased a ticket to the zoo
visited the lion enclosure and seen a lioness walking about.
Which is presumably why the judge in question happened to choose
Regents Park.
bb
.
On 19/12/2023 19:26, billy bookcase wrote:
"Colin Bignell" <cpb@bignellREMOVETHIS.me.uk> wrote in message
news:h8-dnTtvo8u9dxz4nZ2dnZeNn_WdnZ2d@giganews.com...
On 19/12/2023 14:00, billy bookcase wrote:
"notya...@gmail.com" <notyalckram@gmail.com> wrote in message
news:0c32e184-261f-4394-a157-6c7a1e242faan@googlegroups.com...
On Monday 18 December 2023 at 18:25:31 UTC, billy bookcase wrote:
"Mark Goodge" <use...@listmail.good-stuff.co.uk> wrote in message
news:u1m0oi1bu802bh969...@4ax.com...
On Mon, 18 Dec 2023 13:25:42 +0000, Pancho <Pancho...@proton.me> wrote: >>>>>>>quote:
On 18/12/2023 11:35, Mark Goodge wrote:
It's a civil case. The concept of guilt or innocence doesn't come into it.
What you've got is two sides to a dispute, both of which will present their
own evidence, and the judge will decide on the balance of probabilities.
The balance of what probability? How is it calculated.
To quote again from Lord Hoffman, this time in a judicial review case >>>>>> (Secretary of State for the Home Department v Rehman [2001] UKHL 47): >>>>>>
"It would need more cogent evidence to satisfy [a judge] that the
creature seen walking in Regent's Park was more likely than not to >>>>>> have been a lioness than to be satisfied to the same standard of
probability that it was an Alsatian."
unquote:
Indeed so
There's a useful article on it here:
https://uk.practicallaw.thomsonreuters.com/2-500-6576?contextData=(sc.Default)&transitionType=Default&firstPage=true
or https://tinyurl.com/227yteck
bb
I've seen a lion in Regent's Park!
But from this side of the bars, presumably.
I have ridden an elephant in Regent's Park.
But if you said that to anyone, they would immediately know what
you meant.
ITYM anyone who knew that they did elephant rides at the zoo more than 60 years ago :-)
Most current models of most cars have accessible GPS logs. But, of course, >there are still a lot of people driving around in older cars. I can check
the GPS history of my car (2018 reg), but not my wife's (2014). But both of >us can check the GPS history on our phones.
In message <quiuni53lguprm24ukatioganrsmi1ak90@4ax.com>, at 19:39:04 on
Sun, 17 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Most current models of most cars have accessible GPS logs. But, of course, >>there are still a lot of people driving around in older cars. I can check >>the GPS history of my car (2018 reg), but not my wife's (2014). But both of >>us can check the GPS history on our phones.
Slightly at a tangent, a couple of months ago I hired a car and could
access the GPS logs of where several previous hirers had been.
On Thu, 21 Dec 2023 12:57:35 +0000, Roland Perry <roland@perry.uk> wrote:
In message <quiuni53lguprm24ukatioganrsmi1ak90@4ax.com>, at 19:39:04 on >>Sun, 17 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Most current models of most cars have accessible GPS logs. But, of course, >>>there are still a lot of people driving around in older cars. I can check >>>the GPS history of my car (2018 reg), but not my wife's (2014). But both of >>>us can check the GPS history on our phones.
Slightly at a tangent, a couple of months ago I hired a car and could >>access the GPS logs of where several previous hirers had been.
That sounds like a potential GDPR fail, assuming it was in the UK or EU.
On Thu, 21 Dec 2023 12:57:35 +0000, Roland Perry <roland@perry.uk> wrote:
Slightly at a tangent, a couple of months ago I hired a car and could
access the GPS logs of where several previous hirers had been.
That sounds like a potential GDPR fail, assuming it was in the UK or EU.
Yes, but only if the car was a person. Roland hasn't the faintest clue as to who previously hired that car or used the GPS device whose logs he could
view so the logs were not "personal data" and nothing in GDPR was breached.
On 31/12/2023 15:11, Anthony R. Gold wrote:
Yes, but only if the car was a person. Roland hasn't the faintest clue
as to who previously hired that car or used the GPS device whose logs he
could view so the logs were not "personal data" and nothing in GDPR was
breached.
If I hired a car because mine was too small for some purpose, drove to
my aged mother's house and picked her up to take her out for the day I
might well be upset.
The very locations visited may constitute personal data.
Vir Campestris wrote:
If I hired a car because mine was too small for some purpose, drove to
my aged mother's house and picked her up to take her out for the day I
might well be upset.
The very locations visited may constitute personal data.
But is it your responsibility to wipe your destinations from the satnav
at the end of the hire, or the car hire company's responsibility?
What if you'd left some identifying paperwork in the car instead?
If I hired a car because mine was too small for some purpose, drove to
my aged mother's house and picked her up to take her out for the day I
might well be upset.
The very locations visited may constitute personal data.
On 2023-12-31, Andy Burns <usenet@andyburns.uk> wrote:
Vir Campestris wrote:
If I hired a car because mine was too small for some purpose, drove to
my aged mother's house and picked her up to take her out for the day I
might well be upset.
The very locations visited may constitute personal data.
But is it your responsibility to wipe your destinations from the satnav
at the end of the hire, or the car hire company's responsibility?
I would say it ought to be the car hire company's responsibility,
but I bet essentially none of them do it.
What if you'd left some identifying paperwork in the car instead?
That would certainly be the car hire company's responsibility,
inasmuch as they should certainly make sure the car is clean and
tidy ready for the next customer, and that would involve removing
anything left by the previous customer.
The last time I rented something they didn't even clean the nails from
the back tyres. I had a blowout on the motorway, and the breakdown man spotted the nail in the other one. I hadn't even got to my destination.
They then tries to bill me for the tyres - but failed :)
On Thu, 21 Dec 2023 14:27:25 +0000, Mark Goodge ><usenet@listmail.good-stuff.co.uk> wrote:
On Thu, 21 Dec 2023 12:57:35 +0000, Roland Perry <roland@perry.uk> wrote:
Slightly at a tangent, a couple of months ago I hired a car and could
access the GPS logs of where several previous hirers had been.
That sounds like a potential GDPR fail, assuming it was in the UK or EU.
Yes, but only if the car was a person. Roland hasn't the faintest clue as to >who previously hired that car or used the GPS device whose logs he could
view so the logs were not "personal data" and nothing in GDPR was breached.
On 31/12/2023 04:56 pm, Vir Campestris wrote:
On 31/12/2023 15:11, Anthony R. Gold wrote:
Yes, but only if the car was a person. Roland hasn't the faintest
clue as to who previously hired that car or used the GPS device
whose logs he could view so the logs were not "personal data" and >>>nothing in GDPR was breached.
If I hired a car because mine was too small for some purpose, drove
to my aged mother's house and picked her up to take her out for the
day I might well be upset.
The very locations visited may constitute personal data.
In that case, you'll be dead against ANPR, CCTV, doorbell cameras and
similar things in any and all circumstances.
And while we're at it, that would apply to vehicle registration marks too.
And to all electronic credit/debit card facilities (back to carbon
copies, eh?).
In message <slrnup3jf7.2nf.jon+usenet@raven.unequivocal.eu>, at 20:24:07
on Sun, 31 Dec 2023, Jon Ribbens <jon+usenet@unequivocal.eu> remarked:
On 2023-12-31, Andy Burns <usenet@andyburns.uk> wrote:
Vir Campestris wrote:
If I hired a car because mine was too small for some purpose, drove
to my aged mother's house and picked her up to take her out for the
day I might well be upset.
The very locations visited may constitute personal data.
But is it your responsibility to wipe your destinations from the
satnav at the end of the hire, or the car hire company's
responsibility?
I would say it ought to be the car hire company's responsibility,
but I bet essentially none of them do it.
What if you'd left some identifying paperwork in the car instead?
That would certainly be the car hire company's responsibility, inasmuch
as they should certainly make sure the car is clean and tidy ready for
the next customer, and that would involve removing anything left by the >>previous customer.
Often the turn-around is so fast they couldn't possibly do a stripsearch
of the entire vehicle to see what might or might not have been left
behind. A favourite place for hirers to secrete "paperwork" is inside
the wallet containing the user manual, inside the glove compartment.
You could argue that should be the first place the hire company should
look, but in practice they are usually more interested in taking the
mileage, making sure the tank is full of fuel, and perhaps giving the windscreen a quick wipe. I don't even see them taking the tyre pressures
or checking the oil.
In message <vk03pitbk5q8e7eqgjo805mil51se6d26b@4ax.com>, at 10:11:26 on
Sun, 31 Dec 2023, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
On Thu, 21 Dec 2023 14:27:25 +0000, Mark Goodge >><usenet@listmail.good-stuff.co.uk> wrote:
On Thu, 21 Dec 2023 12:57:35 +0000, Roland Perry <roland@perry.uk>
wrote:
Slightly at a tangent, a couple of months ago I hired a car and could
access the GPS logs of where several previous hirers had been.
That sounds like a potential GDPR fail, assuming it was in the UK or
EU.
Yes, but only if the car was a person. Roland hasn't the faintest clue
as to who previously hired that car or used the GPS device whose logs he >>could view so the logs were not "personal data" and nothing in GDPR was >>breached.
What if the previous hirer had also left their booking invoice in the
car. Would it suddenly become personal data then?
No, don't answer that, because something which *might* be personal data, which it obviously would be in such circumstances, MUST be treated as personal data in all circumstances.
ps If the Satnav has as one or more of its destinations as the driver's
home or work, it doesn't take a lot of detective work to determine who
they might be.
On 2023-12-31, Andy Burns <usenet@andyburns.uk> wrote:
Vir Campestris wrote:
If I hired a car because mine was too small for some purpose, drove to
my aged mother's house and picked her up to take her out for the day I
might well be upset.
The very locations visited may constitute personal data.
But is it your responsibility to wipe your destinations from the satnav
at the end of the hire, or the car hire company's responsibility?
I would say it ought to be the car hire company's responsibility,
but I bet essentially none of them do it.
What if you'd left some identifying paperwork in the car instead?
That would certainly be the car hire company's responsibility,
inasmuch as they should certainly make sure the car is clean and
tidy ready for the next customer, and that would involve removing
anything left by the previous customer.
In message <kvdlspFdkc9U2@mid.individual.net>, at 17:15:05 on Sun, 31
Dec 2023, JNugent <jnugent@mail.com> remarked:
On 31/12/2023 04:56 pm, Vir Campestris wrote:
On 31/12/2023 15:11, Anthony R. Gold wrote:
Yes, but only if the car was a person. Roland hasn't the faintest
clue as to who previously hired that car or used the GPS device
whose logs he could view so the logs were not "personal data" and
nothing in GDPR was breached.
If I hired a car because mine was too small for some purpose, drove
to my aged mother's house and picked her up to take her out for the
day I might well be upset.
The very locations visited may constitute personal data.
In that case, you'll be dead against ANPR, CCTV, doorbell cameras and
similar things in any and all circumstances.
And while we're at it, that would apply to vehicle registration marks too. >>
And to all electronic credit/debit card facilities (back to carbon
copies, eh?).
All these things are examples of personal data. Which is why there are
laws REGULATING what can and can't be done with that data.
Such laws DO NOT re-define things as "not personal data", because that's simply a fact deriving from their very existence.
In message <vk03pitbk5q8e7eqgjo805mil51se6d26b@4ax.com>, at 10:11:26 on
Sun, 31 Dec 2023, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
On Thu, 21 Dec 2023 14:27:25 +0000, Mark Goodge
<usenet@listmail.good-stuff.co.uk> wrote:
On Thu, 21 Dec 2023 12:57:35 +0000, Roland Perry <roland@perry.uk> wrote: >>>
Slightly at a tangent, a couple of months ago I hired a car and could
access the GPS logs of where several previous hirers had been.
That sounds like a potential GDPR fail, assuming it was in the UK or EU.
Yes, but only if the car was a person. Roland hasn't the faintest clue as to >> who previously hired that car or used the GPS device whose logs he could
view so the logs were not "personal data" and nothing in GDPR was breached.
What if the previous hirer had also left their booking invoice in the
car. Would it suddenly become personal data then?
No, don't answer that, because something which *might* be personal data, which it obviously would be in such circumstances, MUST be treated as personal data in all circumstances.
ps If the Satnav has as one or more of its destinations as the driver's
home or work, it doesn't take a lot of detective work to determine who
they might be.
On Sun, 07 Jan 2024 10:48:09 +0000, Roland Perry wrote:
In message <vk03pitbk5q8e7eqgjo805mil51se6d26b@4ax.com>, at 10:11:26 on
Sun, 31 Dec 2023, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
On Thu, 21 Dec 2023 14:27:25 +0000, Mark Goodge
<usenet@listmail.good-stuff.co.uk> wrote:
On Thu, 21 Dec 2023 12:57:35 +0000, Roland Perry <roland@perry.uk>
wrote:
Slightly at a tangent, a couple of months ago I hired a car and could >>>>> access the GPS logs of where several previous hirers had been.
That sounds like a potential GDPR fail, assuming it was in the UK or
EU.
Yes, but only if the car was a person. Roland hasn't the faintest clue
as to who previously hired that car or used the GPS device whose logs he >>> could view so the logs were not "personal data" and nothing in GDPR was
breached.
What if the previous hirer had also left their booking invoice in the
car. Would it suddenly become personal data then?
No, don't answer that, because something which *might* be personal data,
which it obviously would be in such circumstances, MUST be treated as
personal data in all circumstances.
ps If the Satnav has as one or more of its destinations as the driver's
home or work, it doesn't take a lot of detective work to determine who
they might be.
Especially if they have been saved as "Home".
My in car sat nav has my home location saved as "nearest police station".
Not that I ever use it.
On 04/01/2024 21:11, Vir Campestris wrote:
The last time I rented something they didn't even clean the nails from
the back tyres. I had a blowout on the motorway, and the breakdown man
spotted the nail in the other one. I hadn't even got to my destination.
They then tries to bill me for the tyres - but failed :)
How did you know the nails were in the tyres when you picked up the car, rather than being picked up when you were driving?
On 05/01/2024 07:45, Jeff Layman wrote:
On 04/01/2024 21:11, Vir Campestris wrote:It was a van, not a car.
The last time I rented something they didn't even clean the nails from
the back tyres. I had a blowout on the motorway, and the breakdown man
spotted the nail in the other one. I hadn't even got to my destination.
They then tries to bill me for the tyres - but failed :)
How did you know the nails were in the tyres when you picked up the
car, rather than being picked up when you were driving?
I picked it up from a hire company local to me to move my son's
belongings home when he left university.
I drove from the hire company's office to the nearest motorway (perhaps
5 miles) and was still on motorway when the blowout happened.
It seems very unlikely that I could have picked up nails on the
motorway, and had them on both back tyres, but neither front tyre.
It's extremely credible that the previous renter had reversed the van up
to something to load or unload it, and run over some building debris
that contained nails.
On Sun, 7 Jan 2024 10:50:24 +0000, Roland Perry <roland@perry.uk> wrote:
In message <kvdlspFdkc9U2@mid.individual.net>, at 17:15:05 on Sun, 31
Dec 2023, JNugent <jnugent@mail.com> remarked:
On 31/12/2023 04:56 pm, Vir Campestris wrote:
On 31/12/2023 15:11, Anthony R. Gold wrote:
Yes, but only if the car was a person. Roland hasn't the faintest
clue as to who previously hired that car or used the GPS device
whose logs he could view so the logs were not "personal data" and
nothing in GDPR was breached.
If I hired a car because mine was too small for some purpose, drove
to my aged mother's house and picked her up to take her out for the
day I might well be upset.
The very locations visited may constitute personal data.
In that case, you'll be dead against ANPR, CCTV, doorbell cameras and
similar things in any and all circumstances.
And while we're at it, that would apply to vehicle registration marks too. >>>
And to all electronic credit/debit card facilities (back to carbon
copies, eh?).
All these things are examples of personal data. Which is why there are
laws REGULATING what can and can't be done with that data.
Such laws DO NOT re-define things as "not personal data", because that's
simply a fact deriving from their very existence.
An item of data will only be personal data when it is linked to a particular >person.
A GPS point becomes personal data if, say, it is identified as the
home address of, or a place visited by, a particular person but a GPS point >in general is not personal data when not connected to a person. My shoe size >is 8 1/2 and that fact is my personal data, but in general shoe size 8 1/2
is not the personal data of anyone. If my passport number was 987654321 then >that fact is my personal data, but to claim that publishing a listing of all >billion nine digit integers amounts to violating the personal data of >millions of people would be absurd.
https://www.which.co.uk/consumer-rights/advice/what-counts-as-personal-d >ata-a4T2s2Y2ffXd
ps If the Satnav has as one or more of its destinations as the driver's
home or work, it doesn't take a lot of detective work to determine who
they might be.
Especially if they have been saved as "Home".
If known Person A accurately saved their Home into that device at GPS point >x,y then the data "GPS point x,y is the Home of Person A" will be the >personal data of Person A. But if through finger problems they saved the >point incorrectly or if indeed it was really the Home of another device
user, some unknown Person B, then how would GPS point x,y be the personal >data of Person A or Person B or anyone else?
In message <dgdlpide93ccb7enlkbdsfq7o09em4ua3r@4ax.com>, at 09:48:11 on
Sun, 7 Jan 2024, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
An item of data will only be personal data when it is linked to a particular >>person.
It is potentially personal data before being linked. So the practical
outcome is that without a crystal ball, people should *treat* it as
personal data from the start.
In message <3aflpidt6t5ga5cboc8uslhq81vjjbmflp@4ax.com>, at 10:15:08 on
Sun, 7 Jan 2024, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
ps If the Satnav has as one or more of its destinations as the driver's >>>> home or work, it doesn't take a lot of detective work to determine who >>>> they might be.
Especially if they have been saved as "Home".
If known Person A accurately saved their Home into that device at GPS point >>x,y then the data "GPS point x,y is the Home of Person A" will be the >>personal data of Person A. But if through finger problems they saved the >>point incorrectly or if indeed it was really the Home of another device >>user, some unknown Person B, then how would GPS point x,y be the personal >>data of Person A or Person B or anyone else?
Again, data doesn't flip between being personal or not, depending on
whether it's completely accurate.
On Tue, 9 Jan 2024 10:57:31 +0000, Roland Perry <roland@perry.uk> wrote:
In message <dgdlpide93ccb7enlkbdsfq7o09em4ua3r@4ax.com>, at 09:48:11 on >>Sun, 7 Jan 2024, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
An item of data will only be personal data when it is linked to a particular >>>person.
It is potentially personal data before being linked. So the practical >>outcome is that without a crystal ball, people should *treat* it as >>personal data from the start.
No; they should treat it as potentially personal data and take reasonable >steps to prevent it becoming personal data. Or, make sure that, if it does >become personal data, it is correctly treated as such.
Treating all potentially personal data as if it's already personal data
would be a classic example of knee-jerk overreach.
It's the sort of thing that leads to public bodies (mis)using "data >protection"
as an (unlawful)
excuse for failing to respond to an FOI request, for example. Or treating
the photo in this news report as personal data:
https://www.theguardian.com/uk-news/2022/jan/18/sadiq-khan-proposes-jour >ney-charge-for-motorists-in-london
Obviously, if certain data is very likely to become personal data, then it >does need to be treated more carefully, and there may be cases where it's >useful to adopt a safety-first approach and treat it as if it already is.
But not all potentially personal data will become personal data, and it
isn't necessary to treat it as if it is unless either it becomes so or it is >reasonable foreseeable that it will become so.
In message <9ujqpill0qcan07rj896071ohgp4ip8gr2@4ax.com>, at 14:09:48 on
Tue, 9 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Tue, 9 Jan 2024 10:57:31 +0000, Roland Perry <roland@perry.uk> wrote:
In message <dgdlpide93ccb7enlkbdsfq7o09em4ua3r@4ax.com>, at 09:48:11 on >>>Sun, 7 Jan 2024, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
An item of data will only be personal data when it is linked to a particular
person.
It is potentially personal data before being linked. So the practical >>>outcome is that without a crystal ball, people should *treat* it as >>>personal data from the start.
No; they should treat it as potentially personal data and take reasonable >>steps to prevent it becoming personal data. Or, make sure that, if it does >>become personal data, it is correctly treated as such.
Schrodinger's personal dada is an invention of computer geeks who don't >understand haw the law works.
Treating all potentially personal data as if it's already personal data >>would be a classic example of knee-jerk overreach.
No.
It's the sort of thing that leads to public bodies (mis)using "data >>protection"
That's a completely different layer of ignorance by DPOs working for
public bodies.
Obviously, if certain data is very likely to become personal data, then it >>does need to be treated more carefully, and there may be cases where it's >>useful to adopt a safety-first approach and treat it as if it already is. >>But not all potentially personal data will become personal data, and it >>isn't necessary to treat it as if it is unless either it becomes so or it is >>reasonable foreseeable that it will become so.
You are a computer geek, and I claim my five pounds.
On Thu, 11 Jan 2024 07:32:14 +0000, Roland Perry <roland@perry.uk> wrote:
In message <9ujqpill0qcan07rj896071ohgp4ip8gr2@4ax.com>, at 14:09:48 on >>Tue, 9 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Tue, 9 Jan 2024 10:57:31 +0000, Roland Perry <roland@perry.uk> wrote:
In message <dgdlpide93ccb7enlkbdsfq7o09em4ua3r@4ax.com>, at 09:48:11 on >>>>Sun, 7 Jan 2024, Anthony R. Gold <not-for-mail@ahjg.co.uk> remarked:
An item of data will only be personal data when it is linked to a >>>>>particular person.
It is potentially personal data before being linked. So the practical >>>>outcome is that without a crystal ball, people should *treat* it as >>>>personal data from the start.
No; they should treat it as potentially personal data and take reasonable >>>steps to prevent it becoming personal data. Or, make sure that, if it does >>>become personal data, it is correctly treated as such.
Schrodinger's personal dada is an invention of computer geeks who don't >>understand haw the law works.
Schrodinger has nothing to do with it. Something either is personal data or >it is not personal data. Some data is personal data intrinsically, because
it has no function other than to be linked to identifiable persons. Some
data is incapable of being personal data because it is never linked to >identifiable persons. And some data is neither intrinsically personal data >nor incapable of being personal data - it is personal data if linked to >identifiable persons, and not personal data if it is not. In the latter
case, it is essential to know when, and how, that linkage is made, in order >to be able to accurately distinguish personal from non-personal data.
Treating all potentially personal data as if it's already personal data >>>would be a classic example of knee-jerk overreach.
No.
A proper noun is potentially personal data. Your name is personal data. But >you may also share your name with things which are not you. The proper noun >"Roland" is personal data when applied to you. It is not personal data when >applied to my keyboard and drum machine. It would be utterly absurd to treat >every recorded instance of the name "Roland" as personal data just because
in some cases it means identifiable people.
It's the sort of thing that leads to public bodies (mis)using "data >>>protection"
That's a completely different layer of ignorance by DPOs working for
public bodies.
It's one of several layers of ignorance by DPOs working for public bodies.
Obviously, if certain data is very likely to become personal data, then it >>>does need to be treated more carefully, and there may be cases where it's >>>useful to adopt a safety-first approach and treat it as if it already is. >>>But not all potentially personal data will become personal data, and it >>>isn't necessary to treat it as if it is unless either it becomes so or it is >>>reasonable foreseeable that it will become so.
You are a computer geek, and I claim my five pounds.
I'm also, in a different capacity, a data protection geek. That's one of the >reasons why the often difficult job of distinguishing between personal and >non-personal data happens to be of considerable professional interest to me.
In message <cr50qilnb9smepjdivll7cteu60iq2v242@4ax.com>, at 16:41:27 on
Thu, 11 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Thu, 11 Jan 2024 07:32:14 +0000, Roland Perry <roland@perry.uk> wrote:
You are a computer geek, and I claim my five pounds.
I'm also, in a different capacity, a data protection geek. That's one of the >>reasons why the often difficult job of distinguishing between personal and >>non-personal data happens to be of considerable professional interest to me.
Despite that, you are clinging to a desperately wonky view.
I battled for years to get people in the industry to understand that IP >addresses were personal data "because we assert that sometimes you don't
know who they belong to". Finally (you can look up the GDPR itself if
you like):
<https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-
resources/personal-information-what-is-it/what-is-personal-data/what-is- >personal-data/>
On Fri, 12 Jan 2024 09:17:09 +0000, Roland Perry <roland@perry.uk> wrote:
In message <cr50qilnb9smepjdivll7cteu60iq2v242@4ax.com>, at 16:41:27 on >>Thu, 11 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Thu, 11 Jan 2024 07:32:14 +0000, Roland Perry <roland@perry.uk> wrote: >>>Despite that, you are clinging to a desperately wonky view.
You are a computer geek, and I claim my five pounds.
I'm also, in a different capacity, a data protection geek. That's one of the >>>reasons why the often difficult job of distinguishing between personal and >>>non-personal data happens to be of considerable professional interest to me. >>
I battled for years to get people in the industry to understand that IP >>addresses were personal data "because we assert that sometimes you don't >>know who they belong to". Finally (you can look up the GDPR itself if
you like):
Some IP addresses are personal data. Others aren't.
192.168.0.1 isn't, for
example. Nor is 172.67.180.221. It's also contextual. A log of IP addresses >connecting to a web server is very likely to contain personal data. A log of >IP addresses connecting to an SMTP server almost certainly doesn't.
The particular problem with IP addresses is that without a certain amount of >technical knowledge, you can't tell which might identify people and which >can't. So, in practice, it's often safest to treat them as personal data >unless you can demonstrate that they aren't.
The question of not knowing which person data relates to is different, and I >entirely agree with you that not knowing doesn't make it not personal.
Taking IP addresses as an example, if I'm a member of a web forum about,
say, train spotting, then the forum administrators will be able to link IP >addresses from their logs with logins and therefore identify individual >members from their IP addresses. Other websites, that I don't log in to, >won't be able to identify me from the IP address alone. But if one of those >websites was to publish their server logs, on the basis that they can't link >IP addresses to individuals, then the sysadmins of the forum would be able
to search those logs and find my IP address in there. They would then know >that I visit that website. Which is unlikely to be objectionable if it's BBC >News, but possibly less so if it's Meerkat Porn Daily.
So with IP addresses, the equation is relatively simple: If an IP address
can be linked to an identifiable individual then it is personal data even if >you don't actually make that link yourself. But if it can't be linked to an >identifiable individual then it isn't personal data. And if you don't know >whether it can be linked or not, it's best to assume it can until you are >sure it can't.
<https://ico.org.uk/for-organisations/uk-gdpr-guidance-and- >>resources/personal-information-what-is-it/what-is-personal-data/what-is- >>personal-data/>
That page doesn't support
a blanket assertion that all data which might potentially be personal
data should be treated as if it is personal data. Far from it. It
explicitly states that some data is not personal data (eg, data which
relates to legal persons rather than natural persons), and, rather than >suggsting a blanket default of assuming all potentially personal data
is personal data, it says that where it is unclear "you will need to >carefully consider the information you hold to determine whether it is >personal data". Which is broadly what I've been saying.
In message <2pc2qipn4pulieepeuv3510gs4pfa331pu@4ax.com>, at 13:21:52 on
Fri, 12 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Fri, 12 Jan 2024 09:17:09 +0000, Roland Perry <roland@perry.uk> wrote:
In message <cr50qilnb9smepjdivll7cteu60iq2v242@4ax.com>, at 16:41:27 on >>>Thu, 11 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>remarked:
On Thu, 11 Jan 2024 07:32:14 +0000, Roland Perry <roland@perry.uk> wrote: >>>>
You are a computer geek, and I claim my five pounds.
I'm also, in a different capacity, a data protection geek. That's one of the
reasons why the often difficult job of distinguishing between personal and >>>>non-personal data happens to be of considerable professional interest to me.
Despite that, you are clinging to a desperately wonky view.
I battled for years to get people in the industry to understand that IP >>>addresses were personal data "because we assert that sometimes you don't >>>know who they belong to". Finally (you can look up the GDPR itself if
you like):
Some IP addresses are personal data. Others aren't.
I give up, I really do. Your persistence in flogging this dead horse is >astonishing.
<https://ico.org.uk/for-organisations/uk-gdpr-guidance-and- >>>resources/personal-information-what-is-it/what-is-personal-data/what-is- >>>personal-data/>
That page doesn't support
The classic "that cite doesn't say what you claim it does". Except
that's false.
a blanket assertion that all data which might potentially be personal
data should be treated as if it is personal data. Far from it. It >>explicitly states that some data is not personal data (eg, data which >>relates to legal persons rather than natural persons), and, rather than >>suggsting a blanket default of assuming all potentially personal data
is personal data, it says that where it is unclear "you will need to >>carefully consider the information you hold to determine whether it is >>personal data". Which is broadly what I've been saying.
s/saying/dead horse flogging/
It's blindingly obvious to anyone with any understanding at all of how
the Internet works that not all IP addresses will be personal data.
In message <q626qi1tvuud6lo34ldups3745mdvikvod@4ax.com>, at 22:06:13 on
Sat, 13 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
It's blindingly obvious to anyone with any understanding at all of how
the Internet works that not all IP addresses will be personal data.
Not ABSOLUTELY ALL OF THEM, but enough that ABSOLUTELY ALL OF THEM NEED
TO BE TREATED AS POTENTIAL PERSONAL DATA.
Rather than the opposite approach, much loved by US-Influenced geeks,
that if even a single one can be shown not to be personal dada, NONE AT
ALL need to be treated as if the might be.
On Sun, 14 Jan 2024 09:08:10 +0000, Roland Perry <roland@perry.uk> wrote:
In message <q626qi1tvuud6lo34ldups3745mdvikvod@4ax.com>, at 22:06:13 on >>Sat, 13 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
It's blindingly obvious to anyone with any understanding at all of how >>>the Internet works that not all IP addresses will be personal data.
Not ABSOLUTELY ALL OF THEM, but enough that ABSOLUTELY ALL OF THEM NEED
TO BE TREATED AS POTENTIAL PERSONAL DATA.
No. Really, no. Really, really no. A block of IP addresses assigned to, say, >Cloudflare, or Amazon AWS, or Microsoft Azure, cannot possibly be personal >data in any practical or realistic circumstances. And there is no need to >treat those addresses as if they are personal data.
In message <d9o7qihgkmbt20ml290f5sm9m5uut83eoe@4ax.com>, at 14:14:27 on
Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Sun, 14 Jan 2024 09:08:10 +0000, Roland Perry <roland@perry.uk> wrote:
In message <q626qi1tvuud6lo34ldups3745mdvikvod@4ax.com>, at 22:06:13 on >>>Sat, 13 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>remarked:
It's blindingly obvious to anyone with any understanding at all of how >>>>the Internet works that not all IP addresses will be personal data.
Not ABSOLUTELY ALL OF THEM, but enough that ABSOLUTELY ALL OF THEM NEED >>>TO BE TREATED AS POTENTIAL PERSONAL DATA.
No. Really, no. Really, really no. A block of IP addresses assigned to, say, >>Cloudflare, or Amazon AWS, or Microsoft Azure, cannot possibly be personal >>data in any practical or realistic circumstances. And there is no need to >>treat those addresses as if they are personal data.
I realise that after years of trying to convince people in
the industry, and finally persuading the EU Commission to
write it in.words.of.one.syllable into GDPR that some people
are still in denial. That's you, by the way.
On Sun, 14 Jan 2024 18:37:07 +0000, Roland Perry <roland@perry.uk> wrote:
In message <d9o7qihgkmbt20ml290f5sm9m5uut83eoe@4ax.com>, at 14:14:27 on >>Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Sun, 14 Jan 2024 09:08:10 +0000, Roland Perry <roland@perry.uk> wrote: >>>
In message <q626qi1tvuud6lo34ldups3745mdvikvod@4ax.com>, at 22:06:13 on >>>>Sat, 13 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>remarked:
It's blindingly obvious to anyone with any understanding at all of how >>>>>the Internet works that not all IP addresses will be personal data.
Not ABSOLUTELY ALL OF THEM, but enough that ABSOLUTELY ALL OF THEM NEED >>>>TO BE TREATED AS POTENTIAL PERSONAL DATA.
No. Really, no. Really, really no. A block of IP addresses assigned to, say, >>>Cloudflare, or Amazon AWS, or Microsoft Azure, cannot possibly be personal >>>data in any practical or realistic circumstances. And there is no need to >>>treat those addresses as if they are personal data.
I realise that after years of trying to convince people in
the industry, and finally persuading the EU Commission to
write it in.words.of.one.syllable into GDPR that some people
are still in denial. That's you, by the way.
Then please cite the location in GDPR where it explicitly says that any
class of data which can contain personal data must always be treated as >personal data even if you are able to distinguish between personal and >non-personal data in your dataset. Because so far, you haven't.
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on
Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Then please cite the location in GDPR where it explicitly says that any >>class of data which can contain personal data must always be treated as >>personal data even if you are able to distinguish between personal and >>non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >January?
ps I'm still interested whether it's a relative of yours who has an >unlawfully spaced GOODGE personal numberplate on their car. I saw it
again yesterday. It was also parked in a disabled space, so can you
confirm they have a blue badge?
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote:
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Then please cite the location in GDPR where it explicitly says that any >>>class of data which can contain personal data must always be treated as >>>personal data even if you are able to distinguish between personal and >>>non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>January?
No, I'm trying to get you to back up your assertions with facts. If anyone
is flogging a dead horse here it appears to be you. I'd be surprised if >anyone else here agrees with you, and you certainly haven't provided any >evidence to back your claims.
ps I'm still interested whether it's a relative of yours who has an >>unlawfully spaced GOODGE personal numberplate on their car. I saw it
again yesterday. It was also parked in a disabled space, so can you
confirm they have a blue badge?
I have no idea. Goodge isn't a particularly common surname, but, as it >happens, East Cambridgeshire is one of its hotspots. I suppose if you go
back far enough I'm probably related to a fair number of them, but the only >one I know personally is my brother, and he doesn't have a personalised >registration plate or a blue badge.
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on
Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote:
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>remarked:
Then please cite the location in GDPR where it explicitly says that any >>>>class of data which can contain personal data must always be treated as >>>>personal data even if you are able to distinguish between personal and >>>>non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>>January?
No, I'm trying to get you to back up your assertions with facts. If anyone >>is flogging a dead horse here it appears to be you. I'd be surprised if >>anyone else here agrees with you, and you certainly haven't provided any >>evidence to back your claims.
Have you actually read the Directive?
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote:
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on >>Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote: >>>
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>>Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>remarked:
Then please cite the location in GDPR where it explicitly says that any >>>>>class of data which can contain personal data must always be treated as >>>>>personal data even if you are able to distinguish between personal and >>>>>non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>>>January?
No, I'm trying to get you to back up your assertions with facts. If anyone >>>is flogging a dead horse here it appears to be you. I'd be surprised if >>>anyone else here agrees with you, and you certainly haven't provided any >>>evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant >section, I'll look it up. But so far, you haven't!
In message <181bqi1ufjp979c4avieljum1kigaqt9cn@4ax.com>, at 19:20:41 on
Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote:
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on
Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote: >>>>
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>>> Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Then please cite the location in GDPR where it explicitly says that any >>>>>> class of data which can contain personal data must always be treated as >>>>>> personal data even if you are able to distinguish between personal and >>>>>> non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>>>> January?
No, I'm trying to get you to back up your assertions with facts. If anyone >>>> is flogging a dead horse here it appears to be you. I'd be surprised if >>>> anyone else here agrees with you, and you certainly haven't provided any >>>> evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant
section, I'll look it up. But so far, you haven't!
I'd have expected the GDPR to be a sufficiently well known thing you
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its
finger about.
In message <181bqi1ufjp979c4avieljum1kigaqt9cn@4ax.com>, at 19:20:41 on
Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote:
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on >>>Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote: >>>>
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>>>Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>>remarked:
Then please cite the location in GDPR where it explicitly says that any >>>>>>class of data which can contain personal data must always be treated as >>>>>>personal data even if you are able to distinguish between personal and >>>>>>non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>>>>January?
No, I'm trying to get you to back up your assertions with facts. If anyone >>>>is flogging a dead horse here it appears to be you. I'd be surprised if >>>>anyone else here agrees with you, and you certainly haven't provided any >>>>evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant >>section, I'll look it up. But so far, you haven't!
I'd have expected the GDPR to be a sufficiently well known thing you
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its
finger about.
I'd have expected the GDPR to be a sufficiently well known thing youThat is the point. It is well known, and I am reasonably familiar with it. But I'm not aware of anywhere where it specifically mentions IP addresses,
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its
finger about.
or makes the claim that you are making. And, as has already been pointed out in a parallel reply, the UK legislation contains no such reference.
Mark
On 16/01/2024 22:17, Mark Goodge wrote:
I'd have expected the GDPR to be a sufficiently well known thing youThat is the point. It is well known, and I am reasonably familiar with it. >> But I'm not aware of anywhere where it specifically mentions IP addresses, >> or makes the claim that you are making. And, as has already been pointed out >> in a parallel reply, the UK legislation contains no such reference.
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its
finger about.
Mark
Yet a very quick search turns up
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/pers >onal-information-what-is-it/what-is-personal-data/what-are-identifiers-a >nd-related-factors/#pd3
"What are online identifiers?
The UK GDPR specifically includes the term ‘online identifiers’
within the definition of what constitutes personal data.
These may include information relating to the device that an individual
is using, applications, tools or protocols. A non-exhaustive list is
included in Recital 30:
internet protocol (IP) addresses;
cookie identifiers; and
other identifiers such as radio frequency identification (RFID) tags.
Other examples of online identifiers that may be personal data include:
MAC addresses;
advertising IDs;
........"
On Tue, 16 Jan 2024 07:13:36 +0000, Roland Perry <roland@perry.uk> wrote:
In message <181bqi1ufjp979c4avieljum1kigaqt9cn@4ax.com>, at 19:20:41 on >>Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on >>>>Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote: >>>>>
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>>>>Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>>>remarked:
Then please cite the location in GDPR where it explicitly says that any >>>>>>>class of data which can contain personal data must always be treated as >>>>>>>personal data even if you are able to distinguish between personal and >>>>>>>non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>>>>>January?
No, I'm trying to get you to back up your assertions with facts. If anyone >>>>>is flogging a dead horse here it appears to be you. I'd be surprised if >>>>>anyone else here agrees with you, and you certainly haven't provided any >>>>>evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant >>>section, I'll look it up. But so far, you haven't!
I'd have expected the GDPR to be a sufficiently well known thing you
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its >>finger about.
That is the point. It is well known, and I am reasonably familiar with it. >But I'm not aware of anywhere
From a different EU Commission website:
where it specifically mentions IP addresses, or makes the claim that
you are making. And, as has already been pointed out in a parallel
reply, the UK legislation contains no such reference.
Roland Perry <roland@perry.uk> wrote:
In message <181bqi1ufjp979c4avieljum1kigaqt9cn@4ax.com>, at 19:20:41 on
Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on >>>> Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote: >>>>>
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>>>> Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Then please cite the location in GDPR where it explicitly says that any >>>>>>> class of data which can contain personal data must always be treated as >>>>>>> personal data even if you are able to distinguish between personal and >>>>>>> non-personal data in your dataset. Because so far, you haven't.
Are you going for 2024's "Flogging a dead dead horse award" so soon in >>>>>> January?
No, I'm trying to get you to back up your assertions with facts. If anyone
is flogging a dead horse here it appears to be you. I'd be surprised if >>>>> anyone else here agrees with you, and you certainly haven't provided any >>>>> evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant >>> section, I'll look it up. But so far, you haven't!
I'd have expected the GDPR to be a sufficiently well known thing you
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its
finger about.
If you mean the Data Protection Act 2018 which government website says is
the UK’s implementation of GDPR then you will find that a search of the >text does not find any references to IP addresses.
The word ‘address’ appears but not in a sense related to the internet.
IP appears but not as the abbreviation for Internet Protocol.
In message <a00eqi9q5dqu1r59ne7ctg714afbs80a0b@4ax.com>, at 22:17:03 on
Tue, 16 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Tue, 16 Jan 2024 07:13:36 +0000, Roland Perry <roland@perry.uk> wrote:
In message <181bqi1ufjp979c4avieljum1kigaqt9cn@4ax.com>, at 19:20:41 on
Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>>
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on >>>>> Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry <roland@perry.uk> wrote:
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on >>>>>>> Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>>>> remarked:
Then please cite the location in GDPR where it explicitly says that anyAre you going for 2024's "Flogging a dead dead horse award" so soon in >>>>>>> January?
class of data which can contain personal data must always be treated as
personal data even if you are able to distinguish between personal and >>>>>>>> non-personal data in your dataset. Because so far, you haven't. >>>>>>>
No, I'm trying to get you to back up your assertions with facts. If anyone
is flogging a dead horse here it appears to be you. I'd be surprised if >>>>>> anyone else here agrees with you, and you certainly haven't provided any >>>>>> evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant >>>> section, I'll look it up. But so far, you haven't!
I'd have expected the GDPR to be a sufficiently well known thing you
could find those for yourself. Then you do a search for IP Address, as
an indicative example of a class of data the Directive is wagging its
finger about.
That is the point. It is well known, and I am reasonably familiar with it. >> But I'm not aware of anywhere
Have you yet actually read it this week? A continuing failure to do so
is rather embarrassing.
From a different EU Commission website:
Examples of personal data
a name and surname;
a home address;
an email address such as name.surnameatcompany.com (name[dot]surname
[at]company[dot]com);
an identification card number;
location data (for example the location data function on a mobile
phone)*;
an Internet Protocol (IP) address;
a cookie ID*;
the advertising identifier of your phone;
data held by a hospital or doctor, which could be a symbol that
uniquely identifies a person.
Examples of data not considered personal data
a company registration number;
an email address such as infoatcompany [dot] com
(info[at]company[dot]com);
anonymised data.
where it specifically mentions IP addresses, or makes the claim that
you are making. And, as has already been pointed out in a parallel
reply, the UK legislation contains no such reference.
Modulo the fallout from Brexit, GDPR applies to all member countries
despite any transcription errors/omissions in the local version.
Roland Perry <roland@perry.uk> wrote:
In message <a00eqi9q5dqu1r59ne7ctg714afbs80a0b@4ax.com>, at 22:17:03 on
Tue, 16 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Tue, 16 Jan 2024 07:13:36 +0000, Roland Perry <roland@perry.uk> wrote: >>>
In message <181bqi1ufjp979c4avieljum1kigaqt9cn@4ax.com>, at 19:20:41 on >>>> Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 16:41:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>>>
In message <v4haqihp0dj9qo9nntph9aneqn4gai3udj@4ax.com>, at 14:49:15 on >>>>>> Mon, 15 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Mon, 15 Jan 2024 06:45:31 +0000, Roland Perry >>>>>>><roland@perry.uk> wrote:
In message <0jf8qipsa4cfhg75b2h0v4oen751eret4g@4ax.com>, at 20:11:46 on
Sun, 14 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk> >>>>>>>> remarked:
Then please cite the location in GDPR where it explicitly says >>>>>>>>>that anyAre you going for 2024's "Flogging a dead dead horse award" so soon in >>>>>>>> January?
class of data which can contain personal data must always be >>>>>>>>>treated as
personal data even if you are able to distinguish between personal and
non-personal data in your dataset. Because so far, you haven't. >>>>>>>>
No, I'm trying to get you to back up your assertions with facts. >>>>>>>If anyone
is flogging a dead horse here it appears to be you. I'd be surprised if >>>>>>> anyone else here agrees with you, and you certainly haven't provided any
evidence to back your claims.
Have you actually read the Directive?
Which one? If you can actually cite the directive number and the relevant >>>>> section, I'll look it up. But so far, you haven't!
I'd have expected the GDPR to be a sufficiently well known thing you
could find those for yourself. Then you do a search for IP Address, as >>>> an indicative example of a class of data the Directive is wagging its
finger about.
That is the point. It is well known, and I am reasonably familiar with it. >>> But I'm not aware of anywhere
Have you yet actually read it this week? A continuing failure to do so
is rather embarrassing.
From a different EU Commission website:
Examples of personal data
a name and surname;
a home address;
an email address such as name.surnameatcompany.com (name[dot]surname
[at]company[dot]com);
an identification card number;
location data (for example the location data function on a mobile
phone)*;
an Internet Protocol (IP) address;
a cookie ID*;
the advertising identifier of your phone;
data held by a hospital or doctor, which could be a symbol that
uniquely identifies a person.
Examples of data not considered personal data
a company registration number;
an email address such as infoatcompany [dot] com
(info[at]company[dot]com);
anonymised data.
where it specifically mentions IP addresses, or makes the claim that
you are making. And, as has already been pointed out in a parallel
reply, the UK legislation contains no such reference.
Modulo the fallout from Brexit, GDPR applies to all member countries
despite any transcription errors/omissions in the local version.
Does DNS violate GDPR?
Yet a very quick search turns up
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/personal-information-what-is-it/what-is-personal-data/what-are-identifiers-and-related-factors/#pd3
"What are online identifiers?
The UK GDPR specifically includes the term online identifiers within
the definition of what constitutes personal data.
These may include information relating to the device that an individual
is using, applications, tools or protocols. A non-exhaustive list is
included in Recital 30:
internet protocol (IP) addresses;
cookie identifiers; and
other identifiers such as radio frequency identification (RFID) tags.
From a different EU Commission website:
Examples of personal data
a name and surname;
a home address;
an email address such as name.surnameatcompany.com (name[dot]surname
[at]company[dot]com);
an identification card number;
location data (for example the location data function on a mobile
phone)*;
an Internet Protocol (IP) address;
a cookie ID*;
the advertising identifier of your phone;
data held by a hospital or doctor, which could be a symbol that
uniquely identifies a person.
On Wed, 17 Jan 2024 07:55:24 +0000, Mike Scott ><usenet.16@scottsonline.org.uk.invalid> wrote:
Yet a very quick search turns up
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/per >>sonal-information-what-is-it/what-is-personal-data/what-are-identifiers >>-and-related-factors/#pd3
"What are online identifiers?
The UK GDPR specifically includes the term ‘online identifiers’ within >>the definition of what constitutes personal data.
These may include information relating to the device that an individual
is using, applications, tools or protocols. A non-exhaustive list is >>included in Recital 30:
internet protocol (IP) addresses;
cookie identifiers; and
other identifiers such as radio frequency identification (RFID) tags.
Yes, I'm well aware of that page. But that doesn't make the claim that
Roland is making.
It says that IP addresses are among the things that "may"
be personal data, if they relate to a device that an individual is using.
The public IP address of my phone is clearly personal data, as is the public >IP address of my home Internet connection, because both of those are devices >which relate to me. But the IP addresses of, say, Amazon's web server, or >Gmail's MX server, are clearly not personal data because they don't relate
to devices linked to an individual.
I don't think anyone is disputing that some IP addresses are personal data. >I've certainly never disputed that. What I am disputing is Roland's claim >that *all* IP addresses must be treated as personal data, even when they do >not relate to a device used by an individual.
In message <9ibfqiplq35on416bjdsd6nt0onjana9va@4ax.com>, at 10:43:25 on
Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
On Wed, 17 Jan 2024 07:55:24 +0000, Mike Scott >><usenet.16@scottsonline.org.uk.invalid> wrote:
Yet a very quick search turns upYes, I'm well aware of that page. But that doesn't make the claim that >>Roland is making.
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/per >>>sonal-information-what-is-it/what-is-personal-data/what-are-identifiers >>>-and-related-factors/#pd3
"What are online identifiers?
The UK GDPR specifically includes the term online identifiers within >>>the definition of what constitutes personal data.
These may include information relating to the device that an individual >>>is using, applications, tools or protocols. A non-exhaustive list is >>>included in Recital 30:
internet protocol (IP) addresses;
cookie identifiers; and
other identifiers such as radio frequency identification (RFID) tags. >>
Once again, "the cite doesn't say what you claim it does".
I don't think anyone is disputing that some IP addresses are personal data. >>I've certainly never disputed that. What I am disputing is Roland's claim >>that *all* IP addresses must be treated as personal data, even when they do >>not relate to a device used by an individual.
And that is the final nail in your coffin.
In message <uo81pb$1tl8u$1@dont-email.me>, at 08:06:03 on Wed, 17 Jan
2024, Owen Rees <orees@hotmail.com> remarked:
Does DNS violate GDPR?
That has been one of the long open questions, in particular can someone
with an IP address allocation from an RIR (rather than an ISP) be forced
to register their contact details in public. I suggest you ask RIPE NCC
for their latest opinion.
But if you want *me* to answer it today, my daily rate as an expert
witness is 2k, so how many days do you want to pay for?
On Wed, 17 Jan 2024 11:36:57 +0000, Roland Perry <roland@perry.uk> wrote
in <Lq1yiELZv7plFAER@perry.uk>:
[quoted text muted]
[quoted text muted]
We were discussing IP addresses.
On Wed, 17 Jan 2024 11:36:57 +0000, Roland Perry <roland@perry.uk> wrote
in <Lq1yiELZv7plFAER@perry.uk>:
In message <uo81pb$1tl8u$1@dont-email.me>, at 08:06:03 on Wed, 17 Jan
2024, Owen Rees <orees@hotmail.com> remarked:
Does DNS violate GDPR?
That has been one of the long open questions, in particular can someone >>with an IP address allocation from an RIR (rather than an ISP) be forced
to register their contact details in public. I suggest you ask RIPE NCC
for their latest opinion.
But if you want *me* to answer it today, my daily rate as an expert
witness is 2k, so how many days do you want to pay for?
We were discussing IP addresses.
If IP addresses should always be treated as personal data, why is is >acceptable for DNS name servers scattered throughout the world to return
IP addresses in response to the A record queries?
The people responsible for designing and implementing systems that
handle data some of which is Personal Data and which need to satisfy the >regulations in more than one jurisdiction have to go into a level of
detail where generalisations are of no value whatsoever.
On Sat, 20 Jan 2024 13:20:58 +0000, Owen Rees <orees@hotmail.com> wrote:
On Wed, 17 Jan 2024 11:36:57 +0000, Roland Perry <roland@perry.uk> wrote
in <Lq1yiELZv7plFAER@perry.uk>:
In message <uo81pb$1tl8u$1@dont-email.me>, at 08:06:03 on Wed, 17 Jan
2024, Owen Rees <orees@hotmail.com> remarked:
Does DNS violate GDPR?
That has been one of the long open questions, in particular can someone
with an IP address allocation from an RIR (rather than an ISP) be forced >>> to register their contact details in public. I suggest you ask RIPE NCC
for their latest opinion.
But if you want *me* to answer it today, my daily rate as an expert
witness is £2k, so how many days do you want to pay for?
We were discussing IP addresses.
I'll do it for £500 :-)
If IP addresses should always be treated as personal data, why is is
acceptable for DNS name servers scattered throughout the world to return
IP addresses in response to the A record queries?
To be fair, just because something is personal data doesn't mean it can't be stored or processed. There are very many uses of personal data that can be covered by the "legitimate interest" justification. So even if all IP addresses were personal data, it would still be acceptable for DNS servers
to return them in response to a request, just as it's acceptable for directory enquiries to return a domestic phone number on request. People can opt out of their phone number being in directory enquiries by going ex-directory, and people can opt out of their IP addresses being in DNS by not assigning them to an A record. The mere fact that data is available doesn't, in itself, tell you anything about whether it's personal.
So the answer is, quite simply, DNS doesn't violate GDPR, because the only
IP addresses returned by DNS are those which have been assigned to DNS records, it's always the choice of someone not to do that, and those IP addresses which are in DNS are necessary for the functioning of the system. So it's pretty much a slam dunk "legitimate interest" to process IP
addresses for the purpose of DNS, even if they are personal data.
A more relevant query is whether whois violates GDPR. That is more arguable, and probably is worth a £2k per day consultancy fee, provided you can find the right consultant ;-)
On Wed, 17 Jan 2024 11:36:57 +0000, Roland Perry <roland@perry.uk> wrote
in <Lq1yiELZv7plFAER@perry.uk>:
In message <uo81pb$1tl8u$1@dont-email.me>, at 08:06:03 on Wed, 17 Jan
2024, Owen Rees <orees@hotmail.com> remarked:
Does DNS violate GDPR?
That has been one of the long open questions, in particular can someone >>with an IP address allocation from an RIR (rather than an ISP) be forced
to register their contact details in public. I suggest you ask RIPE NCC
for their latest opinion.
But if you want *me* to answer it today, my daily rate as an expert
witness is 2k, so how many days do you want to pay for?
We were discussing IP addresses.
When people refer to DNS they mean the system or name servers as defined
in https://www.ietf.org/rfc/rfc1035.txt - the name servers do not
contain registration data for either IP address ranges or for domain
names. Such information is held elsewhere in other systems and subject
to different privacy policies.
The most commonly used query to a DNS name server is for an A record as >defined in section 3.4.1 of the RFC cited above. Every time someone
clicks on a link on a web page the brower need to get the IP address of
the destination.
https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2 describes
the various possibilities but in the majority of cases the URL contains
a registered name and that name is looked up in DNS with an A record
query.
If IP addresses should always be treated as personal data, why is is >acceptable for DNS name servers scattered throughout the world to return
IP addresses in response to the A record queries?
There is a convenient command 'host' on the Linux system I am using, it
will make DNS queries and show the results.
Here are two examples. Are any of the IP addresses in either response >personal data? Is there any difference between the queries with respect
to the right to return those IP addresses?
owen@owen-VBox:~$ host -v google.co.uk
Trying "google.co.uk"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53622
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.uk. IN A
;; ANSWER SECTION:
google.co.uk. 270 IN A 142.250.187.195
Received 46 bytes from 127.0.0.53#53 in 0 ms
Trying "google.co.uk"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48048
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.uk. IN AAAA
;; ANSWER SECTION:
google.co.uk. 4 IN AAAA 2a00:1450:4009:827::2003
Received 58 bytes from 127.0.0.53#53 in 0 ms
Trying "google.co.uk"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33837
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.uk. IN MX
;; ANSWER SECTION:
google.co.uk. 283 IN MX 0 smtp.google.com.
Received 61 bytes from 127.0.0.53#53 in 0 ms
owen@owen-VBox:~$ host -v google.co.uk 8.8.8.8
Trying "google.co.uk"
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36221
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.uk. IN A
;; ANSWER SECTION:
google.co.uk. 300 IN A 142.250.200.3
Received 46 bytes from 8.8.8.8#53 in 20 ms
Trying "google.co.uk"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60760
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.uk. IN AAAA
;; ANSWER SECTION:
google.co.uk. 300 IN AAAA 2a00:1450:4009:822::2003
Received 58 bytes from 8.8.8.8#53 in 24 ms
Trying "google.co.uk"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41846
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.co.uk. IN MX
;; ANSWER SECTION:
google.co.uk. 300 IN MX 0 smtp.google.com.
Received 61 bytes from 8.8.8.8#53 in 24 ms
owen@owen-VBox:~$
The people responsible for designing and implementing systems that
handle data some of which is Personal Data and which need to satisfy the >regulations in more than one jurisdiction have to go into a level of
detail where generalisations are of no value whatsoever.
Let's try this from a different approach.
That's why a blanket insistence that all IP addresses must be
treated as personal data doesn't stack up.
In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on
Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
In message <frinqi1qv4851bpdkvhfc38up0g0q6svbv@4ax.com>, at 14:02:16 on
Sat, 20 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
That's why a blanket insistence that all IP addresses must be
treated as personal data doesn't stack up.
No, that's why you simply don't understand the law. And the more you
keep banging on about it, the less we might think you understand other >aspects of the law.
On Sun, 21 Jan 2024 19:54:43 +0000, Roland Perry <roland@perry.uk> wrote:
In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on
Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
I think I've dug far enough to reach the point at which it's clear you have no answer that will not expose your inability to rebut the points I and others have made.
On Sun, 21 Jan 2024 20:29:19 +0000, Mark Goodge
<usenet@listmail.good-stuff.co.uk> wrote:
On Sun, 21 Jan 2024 19:54:43 +0000, Roland Perry <roland@perry.uk> wrote: >>> In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on
Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
I think I've dug far enough to reach the point at which it's clear you have >> no answer that will not expose your inability to rebut the points I and
others have made.
The place where you are digging is in some lack of logic or fairness in treating certain matters as protected personal data whereas the place
where Roland is digging is in law and regulations concerning what must
be protected. Because you are digging into different mountains your
two tunnels can never meet.
On 2024-01-21, Anthony R. Gold <not-for-mail@ahjg.co.uk> wrote:
On Sun, 21 Jan 2024 20:29:19 +0000, Mark Goodge >><usenet@listmail.good-stuff.co.uk> wrote:
On Sun, 21 Jan 2024 19:54:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>> In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on >>>> Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
I think I've dug far enough to reach the point at which it's clear you have >>> no answer that will not expose your inability to rebut the points I and
others have made.
The place where you are digging is in some lack of logic or fairness in
treating certain matters as protected personal data whereas the place
where Roland is digging is in law and regulations concerning what must
be protected. Because you are digging into different mountains your
two tunnels can never meet.
But that isn't true at all. Mark is digging into the regulations and law. >Roland is digging into his own imagination, by all appearences.
In message <slrnuqreae.2nf.jon+usenet@raven.unequivocal.eu>, at 00:39:42
on Mon, 22 Jan 2024, Jon Ribbens <jon+usenet@unequivocal.eu> remarked:
On 2024-01-21, Anthony R. Gold <not-for-mail@ahjg.co.uk> wrote:
On Sun, 21 Jan 2024 20:29:19 +0000, Mark Goodge
<usenet@listmail.good-stuff.co.uk> wrote:
On Sun, 21 Jan 2024 19:54:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>>> In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on >>>>> Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
I think I've dug far enough to reach the point at which it's clear you have
no answer that will not expose your inability to rebut the points I and >>>> others have made.
The place where you are digging is in some lack of logic or fairness in
treating certain matters as protected personal data whereas the place
where Roland is digging is in law and regulations concerning what must
be protected. Because you are digging into different mountains your
two tunnels can never meet.
But that isn't true at all. Mark is digging into the regulations and law.
Roland is digging into his own imagination, by all appearences.
It isn't my imagination spending years working in this area (the
interface between the law and geeks who think that because they know how
to program a BGP router they also know more about the law than anyone
else) at the very highest levels.
Supporting "team geek" isn't necessarily a very good look!
On 2024-01-21, Anthony R. Gold <not-for-mail@ahjg.co.uk> wrote:
On Sun, 21 Jan 2024 20:29:19 +0000, Mark Goodge >><usenet@listmail.good-stuff.co.uk> wrote:
On Sun, 21 Jan 2024 19:54:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>> In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on >>>> Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
I think I've dug far enough to reach the point at which it's clear you have >>> no answer that will not expose your inability to rebut the points I and
others have made.
The place where you are digging is in some lack of logic or fairness in
treating certain matters as protected personal data whereas the place
where Roland is digging is in law and regulations concerning what must
be protected. Because you are digging into different mountains your
two tunnels can never meet.
But that isn't true at all. Mark is digging into the regulations and law. >Roland is digging into his own imagination, by all appearences.
On 22 Jan 2024 at 11:12:13 GMT, "Roland Perry" <roland@perry.uk> wrote:
Supporting "team geek" isn't necessarily a very good look!
What you seem to be saying is that if you don't know it is better to treat IP >addresses as personal data;
Mark is saying that if you do have a relieable
means of classifying the IP addresses you hold then you only have to treat the >subset belonging to natural persons as personal data. These two positions are >*not* contradictory, the only debate is about the reliability of the >classification process.
It is a non-argument, except in the sense that you are doubting his >professional competence to design such a reliable classification system, on no >particularly good grounds except that it is hard.
On Mon, 22 Jan 2024 00:39:42 -0000 (UTC), Jon Ribbens <jon+usenet@unequivocal.eu> wrote:
On 2024-01-21, Anthony R. Gold <not-for-mail@ahjg.co.uk> wrote:
On Sun, 21 Jan 2024 20:29:19 +0000, Mark Goodge
<usenet@listmail.good-stuff.co.uk> wrote:
On Sun, 21 Jan 2024 19:54:43 +0000, Roland Perry <roland@perry.uk> wrote: >>>>> In message <ar2gqihvc7a2nelgjnjrdmgscpujh29sqr@4ax.com>, at 18:49:59 on >>>>> Wed, 17 Jan 2024, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:
Let's try this from a different approach.
The only different approach that will work, is for you to "stop
digging".
I think I've dug far enough to reach the point at which it's clear you have
no answer that will not expose your inability to rebut the points I and >>>> others have made.
The place where you are digging is in some lack of logic or fairness in
treating certain matters as protected personal data whereas the place
where Roland is digging is in law and regulations concerning what must
be protected. Because you are digging into different mountains your
two tunnels can never meet.
But that isn't true at all. Mark is digging into the regulations and law.
Roland is digging into his own imagination, by all appearences.
I think it's simpler than that. Roland merely appears to be making the classic error of treating guidance as law.
It is true that in the guidance published by the EU (and repeated in the UK by the ICO), IP addresses are included in the list of examples of personal data. See, for example:
https://commission.europa.eu/law/law-topic/data-protection/reform/what-personal-data_en
or http://tinyurl.com/hanj75zc
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/personal-information-what-is-it/what-is-personal-information-a-guide/
or http://tinyurl.com/yckjte35
The EU one is, on the face of it, clearer, and explicitly includes IP addresses as examples of personal data. It also includes email addresses, which is relevant beacuse the next section, examples of non-personal data, also includes a different set of email address. So the fact that IP
addresses are included in the first set, but there isn't a counter-example
of a different group of IP addresses in the second set, might lead some people to conclude that all IP addresses are personal data.
I have a feeling this is Roland's position, especially since he cited that guidance in Message-ID <NaazefEmf4plFA2U@perry.uk> and appeared to give the impression that he believes it to be authoritative.
However, when you look at the actual UK legislation which incorporates GDPR, it becomes obvious that this is not the case. The legislation states explicitly that:
"Personal data" means any information relating to an identified or
identifiable living individual
and that
"Identifiable living individual" means a living individual who can be
identified, directly or indirectly, in particular by reference to-
(a) an identifier such as a name, an identification number, location data
or an online identifier
[...]
https://www.legislation.gov.uk/ukpga/2018/12/section/3/enacted
That's broadly the same as the wording in the original EU directive,
although that lacks the word "online":
'personal data' shall mean any information relating to an identified or
identifiable natural person ('data subject'); an identifiable person is
one who can be identified, directly or indirectly, in particular by
reference to an identification number or to one or more factors specific
to his physical, physiological, mental, economic, cultural or social
identity;
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:31995L0046
Now, it's certainly true that IP addresses are "online identifiers". But not all of them identify individuals. Some of them identify corporate entities. So as a matter of both fact and law, not all IP addresses are personal data.
The EU and ICO guidance should be read in that context, therefore. When it says that IP addresses are examples of personal data, it doesn't mean that all IP addresses are personal data. It simply means that any IP address
which identifies (or could identify) an individual is personal data.
Now, to be fair to Roland here, there is an argument often made by those who know a bit about technology but little about the law that an IP address always only ever identifies a device (or a network location), and therefore is never personal data. But that doesn't stack up, because if you can identify a person by their device (eg, a computer, or a phone) then you can identify that person by that device's online identifier (eg, an IP address). Arguing that an IP address isn't personal data because it identifies a device, not a person, is a bit like arguing that a residential postal
address isn't personal data because it identifies a plot of land, not a person. Roland has, in his posts, correctly rebutted that fallacy. I'm not disagreeing with him there.
It's also true that, in practice, given an uncategorised list of IP
addresses with no other context, there's a strong probability that at least some of them relate to identifiable individuals and are therefore personal data. So, without doing a lot of work to split them into personal and non-pesonal categories, it's safest to treat them all as personal data. But not all lists of IP addresses are context-free. My Apache logs definitely contain IP addresses that are personal data, for example. But my Postfix logs, with one exception, almost certainly do not. Provided I maintain that distinction, I can, therefore, treat those two sets of IP addresses differently. Even with the Apache logs, I can generally extract the IP addresses that are definitely non-personal, leaving the rest to be treated
as personal data.
The guidance issued by the EU, and the ICO, therefore needs to be seen in that context. It's not saying that everything in that list is always
personal data, whether it relates to an individual or not. That would contradict not only the law, but also the rest of the guidance. It's simply saying that anything in that list which relates to an individual is personal data.
Incidentally, the EU's examples of email addresses that are either personal or non-personal data isn't necessarily 100% accurate. It gives two examples, and suggests that the first is personal data and the second isn't:
name.surname@company.com
info@company.com
Firstly, of course, we should point out that that's a really, really bad choice of example, because company.com is a real domain name and has MX records, so publishing those addresses on a high profile website is almost certainly generating spam to those addresses as a result of them being scraped by harvesters. It should, of course, have used the example.com
domain (and the fact that it doesn't is a strong indicator that those responsible for writing it didn't have a particularly deep understanding of the Internet, which is relevent when considering what they've written about IP and email addresses).
But, even disregarding that, the guidance is potentially ambiguous. It assumes, for a start, that we can recognise a firstname and a surname when
we see one, which is a very Eurocentric approach to personal names. It also assumes that names are never abbreviated in email addresses. And it assumes that a name can never be abbreviated to a dictionary word.
Back in the 90s, I used to work for a company which had a policy that your email address was [surname][first initial]@[domain]. So I was, for example, goodgem. But looking at it, would you know that related to a person? To me, and the people who know me, it's obviously 'goodge m'. But to someone who didn't know me, they might parse it as 'good gem'. In which case, they might well assume that it's some kind of marketing address rather than a person. And what if we had hired someone called Stephen Sale? Or Gok Wan's brother, Kwoklyn? (yes, that really is his name, thank you Wikipedia).
So just because an email address looks like a role address doens't mean it always is. Equally, just because it looks like a person, doesn't mean it is. An email address for fan mail sent to harry.potter@marketingcompany would
not be personal data, for example.
The guidance published by the EU and ICO, therefore, is clearly limited in application and doesn't fully reflect the underlying legislation. As
guidance goes, it's good enough for most practical purposes. But it isn't an exhaustive, and complete, guide to the law. If you want to know in general terms whether something is likely to be personal data, the guidance will
tell you. But if you want to know the actual legal status of a specific data point, you have to look at both the actual law and the actual data point.
Mark
Oh look, another Internet geek who wrongly thinks they also understand
the law, in denial of what took years of work to get Data Protection >professionals to put in writing.
On Sun, 21 Jan 2024 19:52:04 +0000, Roland Perry <roland@perry.uk> wrote
in <8dIP$7nkXXrlFAQH@perry.uk>:
Oh look, another Internet geek who wrongly thinks they also understand
the law, in denial of what took years of work to get Data Protection >>professionals to put in writing.
Yet you are unable to give a specfic reference.
I have just been looking at Regulation (EU) 2016/679 (General Data
Protection Regulation). It mentions IP addresses but does not match your assertion.
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 300 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 48:40:38 |
| Calls: | 6,710 |
| Calls today: | 3 |
| Files: | 12,243 |
| Messages: | 5,354,642 |
| Posted today: | 1 |
