dcsimg
www.webdeveloper.com
Results 1 to 8 of 8

Thread: Is it legal to store IP addresses into a database?

  1. #1
    Join Date
    Jan 2013
    Posts
    84

    Exclamation Is it legal to store IP addresses into a database?

    I thought to a site where visitors can vote elements without need to register.. For avoid that an user could vote more than once, i thought to keep trace of his vote according to his ip address.
    Yes i know that ip addresses are dynamic and an user can disconnect and reconnect for vote a secon time, but it's not a problem for me.

    The principal question is: is it legal to store ip addresses into the database?

  2. #2
    Join Date
    Nov 2011
    Location
    Dallas, TX
    Posts
    369
    This site does it

    It's what you do with the information that could get you into trouble. Using the IP address information to verify voting info wouldn't get you into trouble.
    "Life is unpredictable, eat dessert first."

  3. #3
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,501
    Not illegal...

    IP addresses can change as you rightly say, mine changes each time I log in to the internet via my dongle.

    Therefore using IP addresses to determine if someone has voted or not will be very unreliable and in your case you would be best off needing a users IP address + email address and also the users browser information.

    That would mean that the user would have to have multiple email accounts, web browsers and IP addresses.

    This would also allow users who share an internet account to vote.

    Although unreliable you could use cookies on the local users machine to assist keeping in mind that they can be expired and in the EU these days the legal requirement is to display an opt in notice is required.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

  4. #4
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,501
    Data Protection Act only comes in to play if you store personal information or information that could identify an individuals personal data in a public domain. So if you had the users name and email address and IP address, that wouldn't be counted, however if you had the users name, address, medical information then you would need to employ privacy protocols by encrypting and also registering as a data processor with your local agency that deals with such things, like here in the UK it would be the ICO.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

  5. #5
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,501
    If you wanted to use a voting system that would guarantee your visitor is unique then you would need to implement the use of JAVA (NOT Javascript) to get the users connection information from the users machine.

    You could then have a voting console that gathers the users connection information and vote that then posts to your PHP script / database.

    That is the only way I can think that you could effectively gather MAC ID's for a connection to then bar subsequent votes from that users machine.

    This has an added problem that most computers are shared between users.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

  6. #6
    Join Date
    Jan 2013
    Posts
    84
    Quote Originally Posted by \\.\ View Post
    Not illegal...

    IP addresses can change as you rightly say, mine changes each time I log in to the internet via my dongle.

    Therefore using IP addresses to determine if someone has voted or not will be very unreliable and in your case you would be best off needing a users IP address + email address and also the users browser information.

    That would mean that the user would have to have multiple email accounts, web browsers and IP addresses.

    This would also allow users who share an internet account to vote.

    Although unreliable you could use cookies on the local users machine to assist keeping in mind that they can be expired and in the EU these days the legal requirement is to display an opt in notice is required.
    request the email informatio coul be a sort of registration form, and i want to avoid it
    So i could use IP control + local cookie
    I don't see how getting browser and OS information can identify an user

  7. #7
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,501
    You need to read up on what constituted identifiable and personal data.

    An email is not "Personal Data", if it were then websites and forums that ask for it wouldn't be in existence.

    You can discriminate by browser, theirs 30 or more types of web browser in general use, these are on various devices like computers, mobile phones, PDA's and Tablets.

    You could have two people at one IP address, one is a Linux build using Opera and another is a Windows Build using FireFox.

    Each user at that IP address would be different and that would allow you by asking for an email address the ability to ensure that you are identifying two different browsers or connections.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

  8. #8
    Join Date
    Jan 2013
    Posts
    84
    Quote Originally Posted by \\.\ View Post
    You could have two people at one IP address, one is a Linux build using Opera and another is a Windows Build using FireFox.
    This can be solved with combo check of IP + cookie, or maybe only with cookie

    The problem of using mail is not the question about personal data, is that i want to make the service most accessible as possibile, without steps such registration or any sort of identification.. I know that there are so many workaround using the check of IP or cookie based, but it's not matter for what i want to do

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles