Here is a question about the use of IP Addresses used by Companies, Websites, Social Media and others admittedly, to avoid the GDPR and blocking access to EU Citizens. Is this a GDPR violation of using Personal Data (IP Addresses) without the EU Citizens Consent?

GDPR Personal Data

The term ‘personal data’ is the entryway to application of the Data Protection Basic Regulation and is defined in Art. 4 para. 1 no. 1. Personal data are all information which is related to an identified or identifiable natural person.

Also, written answers from a test-taker and any remarks from the test about these answers are “personal data” if the test-taker can be theoretically identified. The same also applies to IP addresses. If the processor has the legal option to oblige the provider to publish additional information which can identify the user who is behind the IP address, this is also personal data. In addition, one must note that personal data need not be objective.

Recital 30 Online identifiers for profiling and identification*

1 Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. 2 This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s