According to lawyers representing the singer Maryla Rodowicz, on the forum of one of the Polish portal websites appeared entries with the content which allegedly violated her personal rights (interests). The lawyers requested the owner to reveal IP addresses of users who posted these entries. The administrator of the portal website deleted the disputed entries but did not reveal any of the IP addresses. Lawyers filed a request to the Inspector General for Personal Data Protection (GIODO), who ordered the portal to disclose IPs on the grounds that these numbers are personal data. The owner of the portal again refused. The case went to the Voivodeship Administrative Court (VAC) in Warsaw, which in a judgment of 3 February 2010, case file II SA/Wa 1598/09 upheld the decision of the GIODO. The company who owns the portal may file a cassation to the Supreme Administrative Court (SAC). The VAC judgment provides the interpretation that IP address is a personal data, in accordance with the statutory definition included in article 6 of the Polish Act of 29 August 1997 on the Protection of Personal Data – PPD – (in Polish: Ustawa o ochronie danych osobowych), Journal of Laws (Dziennik Ustaw) of October 29, 1997, No. 133, item 883, unified text published in Journal of Laws (Dziennik Ustaw) of July 6, 2002, No. 101, item 926, with later amendments.

Article 6
1. Within the meaning of the Act personal data shall mean any information relating to an identified or identifiable natural person.
2. An identifiable person is the one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity.
3. A piece of information shall not be regarded as identifying where the identification requires an unreasonable amount of time, cost and manpower.

This judgment is not yet final. A cassation complaint may be filed to the Supreme Administrative Court.

The U.S. courts and judges have quite different views on this issue. Read for example Johnson v. Microsoft Corp., 2009 WL 1794400 (W.D. Wash. June 23, 2009).

See also my posts entitled “Polish regulations on personal data protection” and “Polish case law on personal data protection“.

Categories: Art. 6 PPD | Inspector General for Personal Data Protection | Polish Act on Protection of Personal Data | Polish courts | Polish law | Voivodeship Administrative Court | computer law | defamation | digital economy | personal data | personal rights.