Australian Tribunal Says User's IP Address And URLs Visited Are Not Personal Information
from the too-remote dept
In the AAT decision deputy president Stephanie Forgie took a narrow approach to defining personal information. She said that information such as IP and URL data were too remote to be considered personal information.That ignores just how much information even a single URL reveals about the visitor to the site and page in question. Moreover, putting all those URLs together can create an extremely detailed picture of the person concerned -- from things like their general character and beliefs to current concerns. It's an extension of the incorrect argument trotted out by governments that gathering and storing metadata isn't as intrusive as retaining content, when exactly the opposite is true. Since metadata is pre-sorted into handy conceptual categories, analysing and aggregating the information is extremely easy, even on a huge scale -- just ask the NSA and GCHQ.
"That data is no longer about Mr Grubb or the fact that he made a call or sent a message or about the number or address to which he sent it. It is not about the content of the call or the message. The data is all about the way in which Telstra delivers the call or the message. That is not about Mr Grubb," she wrote.
However, the Australian privacy commissioner is not taking things lying down:
The privacy commissioner, Timothy Pilgrim, has launched a federal court challenge to a ruling that a journalist was not entitled to access parts of his personal mobile phone data.
As the Guardian rightly notes, the outcome of the case is likely to have important ramifications for future requests involving personal information under the country's privacy laws.
The landmark challenge is believed to be the first time the Office of the Australian Information Commissioner has sought to appeal a case before the federal court.