pen register

pen registers and the 4th amendment

pen registers require an application to obtain the set of ip addresses that visit a website and other data from a 3rd party server etc., and are generally considered obtaining the data of the 3rd party and not information that belongs to the entity who is the reason for the pen register. a basic rule is that if the government were to physically do what the pen register represents doing, would it be a violation of the 4th amendment.

example 1: it is not unlawful to go to a grocery store and ask the grocery store for a copy of their security camera so that every face of each person entering the front door can be viewed.

example 2: gps data from cell tower data triangulated is tantamount to following physically right behind a car in which is riding a passenger using a cell phone. this would violate the 4th amendment.


ip address tracking GDPR & HIPAA legal issues

ip addresses are a nuanced issue when it comes to tracking. it is lawful in many situations for an online entity to track the ip address of visitors to their website. there are issues though when it comes to GDPR & HIPPA with respect to whether the entity type is a type that has the legal and technical capacity to ascertain more information from the ip address than the normal legal limit of just the city and state of the origin of the ip address.