[OSM-dev] IP as personal information (Was: Re: Any tile statistics (unique visitors))
Stefan de Konink
stefan at konink.de
Sun Dec 7 14:35:46 GMT 2008
Jochen Topf wrote:
> It doesn't matter whether you can identify everyone or only a few
> people. If you can identify one, you have breached his privacy. And
> thats bad enough.
So clearly for Dutch law it does; if there only a few people directly
addressable and you will not a priori know who they are, it is a "good
luck with that" situation. We are still talking about *one* file, not
correlated sources.
Because yes, if I had access to my serverlogs, and the server logs of my
providers DHCP pool, and to their CRM-system then I could say exactly
tell you the customer name, and still would only know that someone could
be potentially be at that location, or used a connection routed trough
this location.
We are only talking about IP addresses as an uncorrelated individual
measurement. If we actually took the API logs; with usernames; and we
make statistics out of that, which is already been done(!) we are
actually violating privacy. Now I don't hear anyone complaining about
letting everyone know that they have edited at a certain time.
>>>> Never the less, I expect from any users that do aggregation task they
>>>> care about aggregation results not about raw data :)
>>> Well, we were not talking about "users that do aggregation", but
>>> "anybody". You said you give anybody access to log files. If you give
>>> anybody access, thats more than just "users that do aggregation".
>> Anybody that can login to my server yes, TomH was noting root rights
>> where required for this. Anyone that is able to login to my server has
>> read rights on those files.
>
> Then I hope you restrict the number of people who can log in to your
> server.
Like everyone else does :)
Stefan
More information about the dev
mailing list