RIPE is now claiming the IP addresses they are collecting on their blacklist are not "personal information." I thought business contacts are considered "personal information" under the EU privacy directives? IP addresses allocated to businesses are in various whois databases. Reverse lookups identify domains which also lead to businesses. It seems to me that the blacklisting done by RIPE falls into this category when it is used to specifically blacklist a business. How is is that the contacts in the RIPE database are "personal information" yet the IP addresses associated with those contacts are not? Aren't they associated by doing a whois lookup that anyone can do? RIPE won't explain or acknowledge my request to have the matter reviewed by the Dutch Data Protection office. All I got was the vague response shown below. Thank You
On 1/16/2012 10:22 AM, RIPE Database Manager wrote: Dear Russ,
Please note that we do not collect any personal informations.
The access block to the RIPE Database is based only on the IP address.
I hope to have informed you sufficiently.