Can an IP address be legally traced?

Is the IP address relevant for data protection?

The most important information about the treatment of the IP address in data protection in brief

  • The European Court of Justice (ECJ) has decided that both static as well as dynamic IP addresses in terms of data protection are considered personal data. That means they specially protected Need to become.
  • Website operators are allowed to use the IP address of a user only save if this is for the use of their offer necessary is or its Functionality guaranteed.
  • The Storage of the IP address of a page visitor is still possible if a "Legitimate interest" on the part of the website operator.
  • In the course of the planned Data retention - which were temporary in 2017 exposed was - Internet providers are obliged to do so Assignment of an IP address to a customer store for ten weeks.

ECJ ruling: An IP address is personal

IP addresses are considered House numbers of the Internet: they contain all the necessary informationto make a contact between a computer and a server to enable. The European Court of Justice (ECJ) ruled that an IP address should be used privacy is considered a personal data element. From this assessment arise special Dealing with duties with IP addresses.

But why are IP addresses personal data? Who is allowed to save an IP address? This counselor explains how the IP address is to be treated in terms of data protection and which legal regulations to grab.

What's my IP address?

Sometimes it is helpful to know your own IP address. If you have your Find out the IP address you can find this out via the Windows command prompt. Alternatively, there are providers on the Internet who will show you your current IP address. You can find one e.g. B. on this page: https://meine-aktuelle-ip.vergleich.org/

Handling of personal data: the IP address in focus

Because an IP address lead back to a person can, the ECJ ruled that a classification as personal information necessary is. This has far-reaching consequences. Because this special dates may only be collected, stored and used in accordance with the Federal Data Protection Act if this is actually the case necessary is.

This requirement represents Website operator However, faced a dilemma: Many tools and settings save the IP addresses the website visitor automatically from. According to the law, this is only permitted if:

the transmission is necessary to safeguard an important public interest or to assert, exercise or defend legal claims in court. (§ 4c BDSG)

Usually refer to the latter Website operatorin order to collect the IP address justify.

According to § 4 BDSG every site visitor has to know about the collection of his personal data informed become. A data protection declaration is necessary for this.

Who can save an IP address?

But the ECJ ruling does not meanthat nobody is allowed to save an IP address anymore. Allowed is this still when Security or functionality interests the data protection of the site visitors outweigh.

When in doubt, however, the Individual case being checked.

Data retention: Internet providers need to save the IP address

Data retention is a exampleat which the Security interest was rated higher than data protection. The IP address, which assigned to a person as well as the time and duration of Internet use must be determined by the Internet providers according to legal guidelines Saved for ten weeks become.

These information supposed to be the pursuit of Offenders serve. The data retention should be for 01.07.2017 come into effect.

However, there was data retention temporarily suspended. It is to be expected that they will only in 2018 is reactivated.

Dilemma about server log files: Does the storage of the IP address conflict with data protection?

Given the Legal position is the permissibility of the so-called server log files, which not only include the IP address of a visitor, but also the browser used and the operating system used, along with the exact time of access to save, very questionable.

Website operator argue with the need in case of cyberattacks or illegal use of the site comprehend to have to see who did the deed. Until one relevant court decision about the log files, you should access the Collection of the data in the privacy policy of your website.

(75 Ratings, average: 4,39 of 5)
Is the IP address relevant for data protection?
4.39575Loading ...

You might also be interested in: