Comment by ecnahc515

7 years ago

It's exactly as you state. This is the problem. The IP address needs to be stripped before storing or sending to anyone else, or it's still something you need to consider as personal data. This matters for GDPR. So in effect, this service still has to adhere to GDPR, because it is in fact receiving IP addresses, regardless of them getting stored or not.

1 comment

ecnahc515

Reply
iDemonix  7 years ago

GDPR bores the hole off of me so I haven't done much reading, but I do remember a court dismissing a piracy case recently because 'IP addresses alone are not enough to identify an individual' - how would this play in to this scenario?