Unfortunately, it appears that a federal judge in Seattle, Wash., still agrees with that cartoon. This is obvious from the fact that he dismissed a case addressing this very issue before it was ever argued in court.
It seems he ruled that a user’s IP address is not “personally identifiable” information.
"In order for 'personally identifiable information' to be personally identifiable, it must identify a person. But an IP address identifies a computer," U.S. District Court Judge Richard Jones said in a written decision.
Apparently, he does not believe a person is in front of the computer, or that the computer is housed at a physical location.
The court case, Johnson, et al. v Microsoft, was originally filed in 2006 after users claimed Microsoft Corp. (Nasdaq: MSFT) violated terms in its End User License Agreement (EULA) by collecting the user’s IP address as part of its anti-piracy software distribution.
The argument by the plaintiffs was that Microsoft states that it will only capture and collect information that does not personally identify the user after the user has validated he or she possesses a genuine Windows product during installation. Microsoft filed a motion in 2008 to have the case dismissed due to conflicting plaintiff information.
This decision contradicts several other decisions related to IP addresses in the United States and Europe. Additionally, many technologists argue that an IP address can be traced and, in conjunction with other information, identify a user’s physical location.
This was highlighted in a 2006 New York Times article that described how search queries released by AOL linked directly to Thelma Arnold, a 62-year-old woman from Georgia.
These points are above and beyond the fact that the latest case was decided by a judge in Seattle, and Microsoft is headquartered in Redmond, Wash. When dealing with Microsoft, I have a hard time believing this fact did not influence the decision.
The over-arching issue here is that once again, the user is getting the short end of the judgment. EULAs are already built by lawyers to protect the company and not the user, even though they are called “agreements.”
An example of this is that when you purchase Windows Vista or any other Microsoft product, you have to agree to the EULA. During the installation, if you read the EULA and do not agree with it, the installation ceases and the computer shuts down. And since you broke the seal to the software, Microsoft will not allow you to return it. So, in essence, you have no choice but to “agree.”
In today’s society, where “identity theft” is at critical levels, it is not just the user’s responsibility to protect his or her information. It is also imperative that our judicial system not pre-judge cases that can influence how businesses treat “personally identifiable information” today and in the future.
