On Sun, Dec 07, 2008 at 02:22:54PM +0100, Stefan de Konink wrote: > Jochen Topf wrote: >> On Sun, Dec 07, 2008 at 01:36:05AM +0100, Stefan de Konink wrote: >>> Tom Hughes wrote: >>>> If what you're asking is why we don't just give anybody who asks >>>> root access to the web server then I hope that would answer itself. >>> Read-rights on my logs are available to anyone :) >> >> I hope you have properly anonymized them beforehand! Even anonymized, >> the logs of a tile server are problematic in a privacy sense. You can >> probably identify some individuals from the session data. > > In The Netherlands 'personal data' is extremely well defined. And I can > tell you, an IP address is definitely *not* one of them.
A German court ordered a German federal ministry this year to stop logging IP addresses because they contain personal information. But it doesn't matter how you or "The Netherlands" define "personal data", some IP addresses can be traced back to a person. And even if you anonymize the IP address you'll still get data that can be traced back to a person. If you know all the places somebody has looked at, chances are that you can figure out in some cases who that person is. If you don't believe this, I encourage you to read up about the AOL search log disaster two years ago. For instance at: http://www.wired.com/politics/security/news/2006/08/71579 > Never the less, I expect from any users that do aggregation task they > care about aggregation results not about raw data :) Well, we were not talking about "users that do aggregation", but "anybody". You said you give anybody access to log files. If you give anybody access, thats more than just "users that do aggregation". Jochen -- Jochen Topf [EMAIL PROTECTED] http://www.remote.org/jochen/ +49-721-388298 _______________________________________________ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
