Do you have any source to back that up? Last I heard a random person or company won't have a way to find out the real identity given just an IP in general.
Per multiple opinions I got from people whose job was to advise me on the matter, a 2016 ECJ ruling[0] suggests that it doesn't matter if a provider can find a person from their IP address or any other detail, but that there exists a scenario where it is possible.
I am not sure how the CCPA treats IP address, but unless you're at Google or Facebook, it doesn't matter. Few can afford to build separately for the EU and the rest of the world, and hence err on adapting the strictest interpretation.
But the threat actor in this case is a state, which does have that ability. (And data brokers of varying degrees of shadiness can and do provide this info to anyone for a price.)
srockets|1 year ago
I am not sure how the CCPA treats IP address, but unless you're at Google or Facebook, it doesn't matter. Few can afford to build separately for the EU and the rest of the world, and hence err on adapting the strictest interpretation.
--
[0] https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
paledot|1 year ago