Google outlined its position on the issue in February of last year in response to the ongoing debate on online data protection and how search engines comply with various global privacy regimes.
The search giant said the issue is not as "black-and-white" as suggesting every IP address can be considered personal or associated with a specific person.
In Australia this week, Symantec government relations director, Illias Chantzos echoed his concerns at the potential for "oversimplification" of the challenges of matching an IP address with a specific person.
"The IP address is not a very good identifier," Chantzos said.
"They regularly change, can be spoofed or hopped and things get more complicated when people use proxies."
Advocates for treating IP addresses as personally identifiable information generally rely on the argument that most people use the same computer and static IP address regularly.
But Chantzos said that linking an IP address to an individual in this way isn't always possible.
If, for example, a user shares the computer with other family members, it may only be possible to identify a group of people rather than the specific individual using the computer at a particular point in time.
Or if a user attempts to track down the identity of a person attacking their network using only an IP address, "the best I can work out is it's a [particular ISP's] address", said Chantzos.
"I can't identify personally who's attacking me," he said.
He continued: "I think the question of whether IP addresses can be considered personal or not is contextual.
"If through using forensics I know the same IP address also did a Google search and was logged into a webmail service with the username X, I can work out whether the IP address matches.
"There has to be some correlation across different points to form some sort of linkage between an IP address and a person. We need to move beyond the mere possibility or probability of a third party somehow being identifiable."
Chantzos also said there are also practical issues to the debate.
"I look at personal information as data that I have the ability to disclose or keep to myself, but if I refuse to disclose my IP address then I'm not online," Chantzos said, as a reason why an IP address should not be considered personal data.
Issue: 316 | July 2013
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.
