Trends

Dynamic IP addresses qualify as personal data according to the EU Advocate General

Dynamic IP addresses qualify as personal data according to the EU Advocate General

Dynamic IP addresses qualify as personal data according to the EU Advocate General

17.05.2016 EU law

Personal data is defined, both in the currently applicable Directive 95/46/EC and in the new Regulation 2016/679 as information relating to an identified or an identifiable natural person.

In a pending case before the EU Court of Justice (C-582/14 Patrick Breyer v. Germany), the EU Advocate General (AG) asserts that dynamic IP addresses can qualify as personal data to the extent that, read in conjunction with further data held by an internet access provider, such IP addresses can identify the user.

Moreover, the AG confirms that the processing of such data by a website operator so as to avoid hacking and to ensure the proper operability of the website might amount to a legitimate purpose. To assess whether the processing can be legally justified, this purpose must be balanced against the rights of the data subject. It will of course now be up to the ECJ to decide on this delicate matter.
 

Team

Related news

24.09.2021 EU law
Digital Law Up(to)date: (1) the download of a software with a permanent licence can constitute a “sale of goods”; (2) alert of the BEUC regarding the privacy policy of WhatsApp and its new term of use

Articles - In this blog, we briefly present two interesting news in the field of digital law: (1) a judgment of the CJEU considering that the download of a software with a permanent licence can constitute a “sale of goods”, and (2) an alert of the BEUC regarding the privacy policy of WhatsApp and its new terms of use.

Read more