21 January, 2021 by Moeller IP Argentina, Data Protection, Data Protection Law, IP Internet Protocol 0 comments
IP – Internet Protocol – Is Not Personal Data – an Argentinean Court Rules
The Federal Court of the Argentine province of Córdoba, on December 29, 2020, in the file FCB 88747/2018/1 / CA1, issued a judgment, from which it confirmed the decision of the 1st Instance Judge who declared that the IP address is not personal data.
The official defense of the accused filed an appeal in order to revoke the judicial decision of the federal judge of 1 ° instance that rejected the proposal for nullity against the measure carried out by the Prosecutor, from which she requested reports to different agencies -among them the Federal Administration of Public Revenues and companies that provide internet services-, which involved the use of the defendant’s IP address, from which information was extracted, regarding changes of addresses, issuance of invoices-making state date of issue, name of the purchaser, type of invoice, voucher number, point of sale and IP address- and economic activities that involved it, as well as its full name and address.
The reports, as recorded in the case and was the basis for the appeal, were requested without a prior court order.
The Official Defender relied on art. 18 of the Argentine Constitution -which protects private correspondence- and the laws No. 25,326 of Protection of Personal Data and No. 25,520 of National Intelligence, to found that the IP is personal data and that its violation is comparable to the interception of telephone communications.
The prosecutor, for her part, requested the rejection of the nullity claim filed by the defense, broadening her position that: 1) the information requested is exempt from fiscal secrecy; 2) that the Public Prosecutor’s Office, based on said exception, has the faculties to request it directly from the AFIP – Argentinean Taxes Bureau-, as long as the prosecutor herself directs the investigation; 3) and that the IP address is simply an interface that allows, among other issues, to establish who is the internet service provider company, not being able to expressly know the user’s activities.
The judge of first instance rejected the proposal of nullity of the accused’s defense, arguing that in no way is equivalent to the act of telephone interception, the request for ownership of the IP to internet service providers, basing its criteria on judicial precedents and legal interpretations, especially of the personal data protection law, art. 5, part 2, sections b and c, outlining that certain data even have less protection than others.
Finally, the Court confirmed the rejection of the nullity claim based on the following arguments: 1) that the appealed resolution was issued in accordance with the law and properly founded; 2) That the judge a quo made a correct interpretation of why the request for ownership of the IP is not comparable to telephone interception; 3) That the prosecutor did not exceed the functions that the procedural law grants her when requesting information on the ownership of the IP; 4) That the Court takes the arguments provided by the Prosecutor’s Office by accepting that the IP address does not allow access to personal data or correspondence of its owner, so it is not comparable to telephone interception; 5) That the personal data protection law on does not apply to the case and that the rights that it protects are not absolute when there are exceptions to the general principle of the obligation to obtain the consent of the owner (art. 5 °, 2nd part, subsections b and c); 5) That the data collected is nominative and does not affect the privacy of the owner; 6) That, finally, judicial authorization is not required to carry out the evidentiary diligence carried out by the Prosecutor’s Office since the privacy of the holder is not being violated.