GDPR/sender-ip (was: make received-header on submission optional or at least drop the ip in it)

John Fawcett john at voipsupport.it
Wed Jan 5 16:39:12 UTC 2022 

On 05/01/2022 14:41, dc-ml at dvl.werbittewas.de wrote:
>
> Am 04.01.22 um 08:39 schrieb Aki Tuomi:
>
>> We'll take a look at your patch. Can you please point out to some legal information about the Received header's GDPR incompliance, I would be interested to see it.
> thanks for doing so.
>
>
> the GDPR says about personal data:
> - that only really needed data has to be stored
> - that this data has to be used only for that declared needs
> - that any other usage has to be prevented, especially by third-parties
>
> the EuGH has judged in 2016 (Patrick Breyer vs. Germany, C-582/14), that
> an IP-addresses can be personal data, because the person may be
> identified via this IP, so they have to be handled as such.
>
> http://curia.europa.eu/juris/documents.jsf?num=C-582/14
>
> therefore the possibility, that others may for example see when a person
> was at a place (connected to an IP) has to be prevented at least in europe.
>
> if such information is published for people with high email-activity,
> then it would be possible for everyone, who has access to this email
> (which might be really everyone on earth for example in archived
> mailing-lists) to track these people over the whole time.
>
>
> for security-reasons we're logging any submission-request together with
> the origin-IP in our logs for at least seven days. so any mis-use of our
> service may be prosecuted even without storing this information in every
> email. In germany some courts judged, that if the police asks us for the
> IP, we've to store the log-entry at least as long, as a court needs to
> judge, that we have to give it to the police.
> (I think this is a reasonable balance between protection of personal
> data and legitimate public interest)
>
> if there are further questions to this topic I'll try to reply, but you
> should know, that my english isn't that good, especially to explain
> juridicial things...
>
>
> regards
>
>
> d.

Hi

the safest non technical approach is to request that your users consent 
to the processing of the data. The dynamic ip address is however 
personal data in a very limited sense ( i.e. where the service provider 
can link the dynamic ip address to other information that then 
identifies the individual). Where people are sending email to public 
mailing lists, there is no presumption of privacy.

John

More information about the dovecot mailing list