Can You Really Be Traced From an IP Address?

Barence writes "Identifying individuals using nothing more than their IP address has become a key part of anti-piracy and criminal investigations. But a PC Pro investigation casts serious doubt on the validity of IP-based evidence. 'In general, the accuracy of IP address tracing varies depending on the type of user behind the IP address,' Tom Colvin, chief technology officer with security vendor Conseal told PC Pro. 'Whilst big businesses can be traceable right back to their datacenters, standard family broadband connections are often hard to locate, even to county-level accuracy.'"

Re:Sure. Don't be paranoid!

[rolfwind]

Apparently they can't meter you too well.

http://www.digitaltrends.com/computing/att-vows-to-improve-inaccurate-broadband-metering/ [digitaltrends.com]

As to the tracking, I'm sure it can be done, however, unlike DNA, spoofing is completely trivial, so I would never be comfortable having it as the only evidence in some type of trial.

Quote in summary is misleading

[Coopjust]

RTFA and you see that, as many of us already know, you can get a court order to get the exact identity of the account holder, so the problem as described by the summary quote is not the real issue. Rather, just because you know the account holder does not mean that you can prove that the account holder, or whoever you have on the stand, is the one that infringed.

Despite rear-end covering clauses in the terms of most home ISPs that state that the account holder is liable for everything that goes across their connection, most courts won't accept that. I wouldn't be willing to test it, but it's a very valid point of defense. The number of people with open Wi-Fi is staggering, and even then there are attacks which work on WEP (a ton) and WPA (GPU accelerated attacks can get passphrases in under a minute on many routers), which is the maximum security many home routers in use are capable of. That makes this point even more valid.

Re:Depends if someone...

[danhuby]

I had no idea what you meant until I saw this: http://www.youtube.com/watch?v=hkDD03yeLnU [youtube.com]

Made me cringe!

No they can not

[Charliemopps]

Having worked for several large ISPs in their "Copyright infringement" department (ironic I know) I can tell you that no, tracing an IP address back to its original user is not likely and shouldn't be admissible in court.

The way the system works is this:
The ISP gets an email claiming copyright infringement on a certain date and time by a paticular IP.
It's important to note, the ISP has no way of verifying any of the following:
          The email came from the person it's claiming to come from
          That person is the copyright holder
          There is even a copyright on the file in question
          The person sending the email did anything to confirm what they were downloading was a copyrighted file (is batman.zip the new or fan fiction?)
          The ISP can not even confirm that anything at all was downloaded.
The ISP then takes the IP address provided and the time claimed and compares this to their DHCP server and looks for lease statements before and after the time the file was claimed to be downloaded. So if the complaint was at 10pm and we had that IP time stamps at 9:30pm and 11:00pm for Jim, then Jim gets a letter.

As you can imagine there are all kinds of holes in this. There are a zillion and one ways that could be inaccurate inside the ISP alone. This doesn't even include all the failures on the part of the copyright holders. We had one that was so inaccurate they were sending us multiple complaints on a daily basis against IPs we hadn't had leased out to anyone for days surrounding the times of their complaints. We made repeated inquiries with the "Company" to try and clarify their problem. But in the end just blacklisted their email accounts. We had other incidents in which the complaint was that the user downloaded a dozen or so movies... but a quick check of their usage logs showed they were using less than a couple hundred meg a month.

It was clear that the copyright holders were using automated scripting software to flood us with complaints with no real checks and balance on their part and then expected the ISP to do the heavy lifting when it came to investigation.

Re:No they can not

[Charliemopps]

They are not "helping" the copyright holder, no information is returned to the copyright holder. In every case that I'm aware of they did not even acknowledge receipt of the emails.

OCILLA (part of the DMCA) gives ISPs safe harbor against litigation for copyright infringement if they take "some action" to prevent the copyright violations. What that "action" is, isn't really defined by the act. In most cases, ISPs send a letter to the customer informing them of the complaint, request that they desist and threaten to disconnect them if they do not. I think disconnections are ebcoming increasingly rare. Most companies do not want to lose customers over this. The entire process is a waste of resources and money to them... and they certainly don't want to be disconnecting paying customers when they really have very little proof that the customer had done anything that would put the ISP in legal jeopardy. Add to that the fact that no lawsuit has been filed against an ISP much less won... and you have a situation in which ISPs are doing the very bare minimum to comply with the law. I've seen this at 2 major ISPs and have a friend working at a 3rd that confirms the same things happen there. Yes, if you're using some antiquated service like limewire, are hosting 50 of the most popular movies in release atm, have a 20mb connection and are uploading gigs and gigs of data a night... Your ISP is probobly going to get a FLOOD of complaints about you and will likely have to do something. But that's your own dumb fault.