I think the issue here is not with security but with privacy. for many people the ip address is PII (personally identifiable information). My hope ip is static and only used by me. so any records showing my ip address are equivalent to showing my home address. If we're going to protect people's PII we should be protecting IP addresses too.
I think the issue here is not with security but with privacy. for many people the ip address is PII (personally identifiable information). My hope ip is static and only used by me. so any records showing my ip address are equivalent to showing my home address. If we're going to protect people's PII we should be protecting IP addresses too.
But that was the idea. The intent was to find out who accessed a dropbox account. That information wasn't available directly, but apparently the IP addresses were available. If someone has a legitimate reason to want to find the person, then there is no reason not to hand over IP addresses.
that's fine perhaps, my point is that ip addresses need to be treated with the same sensitivity as names and mailing addresses. To balance privacy against disclosure, there are rules for when names and addresses are withheld and when they are released. These rules should also apply to IP addresses.
"I have just one word for you, my boy...plastics."
- from "The Graduate"
Technically correct?? (Score:1)
That's the best kind of correct!
Re: (Score:2)
I think the issue here is not with security but with privacy. for many people the ip address is PII (personally identifiable information). My hope ip is static and only used by me. so any records showing my ip address are equivalent to showing my home address. If we're going to protect people's PII we should be protecting IP addresses too.
Re:Technically correct?? (Score:2)
I think the issue here is not with security but with privacy. for many people the ip address is PII (personally identifiable information). My hope ip is static and only used by me. so any records showing my ip address are equivalent to showing my home address. If we're going to protect people's PII we should be protecting IP addresses too.
But that was the idea. The intent was to find out who accessed a dropbox account. That information wasn't available directly, but apparently the IP addresses were available. If someone has a legitimate reason to want to find the person, then there is no reason not to hand over IP addresses.
Re: (Score:2)
that's fine perhaps, my point is that ip addresses need to be treated with the same sensitivity as names and mailing addresses. To balance privacy against disclosure, there are rules for when names and addresses are withheld and when they are released. These rules should also apply to IP addresses.