Identifying individuals using nothing more than their IP address has become a key part of anti-piracy and criminal investigations. But just how reliable is such IP address evidence?
British courts have recently begun to cast doubt over its validity. The use of IP addresses to tie individuals to illegal downloads was a tactic employed by ACS Law, which sent letters demanding up to £500 compensation on behalf of copyright holders whose intellectual property was said to have been stolen.
At a hearing where 27 of these cases came to court, Judge Birss QC suggested that ACS Law had “materially overstated the untested merits” of using IP addresses in this way, and questioned if the process of simply identifying an IP address could establish a copyright infringement by anyone related to it. “Even if it is proof of infringement by somebody,” Judge Birss said, “the fact that someone may have infringed does not mean the particular named defendant has done so.”
What is an IP Address?
Everything that is connected to the internet will have an internet protocol (IP) address, a numerical label that acts much like any address, in that it enables the correct delivery of something – in this case, data. It is what allows you to connect to the right web page when typing a URL into your browser (the numerical IP address is translated to and from the alphabetical URL by the Domain Name System, or DNS for short) and for email to reach you when someone hits send.
The public IP address you are allocated by your ISP may be permanent (static) or temporary (dynamic), the latter being picked from a pool of available addresses owned by the ISP for the duration of your session. Businesses tend to have a static IP so that they can easily set up servers and remote connections; home users are more likely to have a dynamic IP. Every bit of connected kit behind your router will have a private IP address, but it’s the public one that the router uses when making that internet connection that leaves an online footprint.
The ACS Law case would suggest that IP tracing is something of a double-edged sword: obtaining the required legal order to force an ISP to identify a customer from an IP address isn’t difficult, but proving beyond reasonable doubt that it was the same customer breaking the law certainly is.
Tracking Accuracy of an IP Address
Identifying end users via IP addresses is based on the assumption that every address can be accurately traced back to an individual. That’s not necessarily the case, however.
“In general, the accuracy of IP address tracing varies depending on the type of user behind the IP address,” Tom Colvin, chief technology officer with security vendor Conseal. “Whilst big businesses can be traceable right back to their datacenters, standard family broadband connections are often hard to locate, even to county-level accuracy.
“The reason is that there are a number of sources of IP address information, the accuracy of which deteriorates with the number of hops from the backbone. There are some huge IP-to-location databases (for example Quova or MaxMind) which provide great results for backbones and carriers, but not for end users – one of the reasons being that ISPs can assign IP addresses randomly.”
In that case, how useful is IP tracking in police investigations? David Wright is a detective constable with Devonshire and Cornwall police, which uses Quova’s IP geolocation database to support its criminal investigations. “This is a valuable tool in almost all e-crime investigations,” he said. “Despite the use of shared internet access or open wireless networks, law enforcement continues to have great success in resolving an IP address back to a suspect. Other traditional policing methods can often be brought into play which further assists in identifying a suspect user, should the need arise.”
Unlike anti-piracy cases, however, IP tracking is only ever used as supporting, rather than primary, evidence in a criminal prosecution. “It is useful to track the movement and behaviour and match that to more traditional evidence,” said Stuart Scott, solutions engineer at Quova. “The other important information available in IP geolocation is the ISP used by the suspect. The ISP will be able to provide an exact address where the IP address has been used; the primary evidence would be the actual computer used by the suspect.”
ISPs are legally obliged to reveal who’s behind an IP address. “Account holder information relating to whom was assigned an internet protocol address is protected within the Regulation of Investigatory Powers Act,” said DC David Wright.
The information held is considered to be communications data and is therefore able to be requested using this legislation, and a court order wouldn’t normally be necessary. “An application that fulfils the requirements of RIPA and is lawfully processed will in almost all cases result in account holder information being supplied,” DC Wright confirmed.
Ways to Change Your IP Address
Hiding Behind Proxies
Locating end users becomes decidedly trickier – if not impossible – when they’re hiding behind one or more proxy servers, which are designed to re-route traffic and obscure the source as well as the destination.
“Connections through a series of anonymous proxies are transient and change rapidly,” said Rolf von Roessing, international vice president of the Information Systems Audit and Control Association (ISACA). “They are not logged, and any user can operate a TOR server or relay and take it off the network at any time.”
As von Roessing points out, while ISPs might be legally required to disclose connectivity data and IP logs if these are available, most tend to delete those logs after a few days anyway. By the time you’ve traced an IP through a series of anonymous proxies back to the originating ISP, the data could have already been deleted.
So, not only is IP address evidence potentially unreliable, but if the perpetrators are smart enough, there’s little or no hope of tracing them in the first place.
Using a VPN
Similar to a proxy, a virtual private network, VPN, also reroutes internet traffic on a device or network, depending on how it’s set up through another network that often has more firewalls and anti-virus/anti-malware software in place. Because of all of the hacks and leaking of information that has taken place in recent years, VPNs are quite popular these days, and not just for companies.
There are many VPNs to choose from, but you’ll want one that doesn’t log activity, otherwise, there’s no point. Like any other internet service, a VPN provider can also be hacked. So, having a VPN that doesn’t log activity will help prevent unnecessary exposure of private information.
IP Addresses and What to Keep in Mind
Even if the process requires a little know-how and effort, you can be tracked with an IP address. If you don’t like the thought of others tracking you online, then you’ll want to utilize a proxy or VPN.
Feel free to share your thoughts on being tracked with IP addresses and using anonymization software in the comments below.
Related Posts
How to Find a MAC Address from an IP Address
How to Change your IP Address on Any Device [It’s Not Hard]
The Best Chrome Extensions for Changing Your IP Address
How to Create a Temporary Email Address
How to Create Multiple YouTube Channels Under One Email Address
How to Filter by IP Address in Wireshark
How to Find an Address from a Phone Number
How to Change a Genshin Impact Email Address and Password
How To Create an iCloud Email Address
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
