Skip to navigation
Analysis
Number data

Can you really be traced from your IP address?

Posted on 28 Mar 2011 at 10:40

Davey Winder investigates if rights holder and the police can reliably trace suspects via their IP addresses

Identifying individuals using nothing more than their IP address has become a key part of anti-piracy and criminal investigations. But just how reliable is such IP address evidence?

British courts have recently begun to cast doubt over its validity. The use of IP addresses to tie individuals to illegal downloads was a tactic employed by ACS Law, which sent letters demanding up to £500 compensation on behalf of copyright holders whose intellectual property was said to have been stolen.

At a hearing where 27 of these cases came to court, Judge Birss QC suggested that ACS Law had "materially overstated the untested merits" of using IP addresses in this way, and questioned if the process of simply identifying an IP address could establish a copyright infringement by anyone related to it. "Even if it is proof of infringement by somebody," Judge Birss said, "the fact that someone may have infringed does not mean the particular named defendant has done so."

What is an IP address?

Everything that is connected to the internet will have an internet protocol (IP) address, a numerical label that acts much like any address, in that it enables the correct delivery of something – in this case, data. It is what allows you to connect to the right web page when typing a URL into your browser (the numerical IP address is translated to and from the alphabetical URL by the Domain Name System, or DNS for short) and for email to reach you when someone hits send.

The public IP address you are allocated by your ISP may be permanent (static) or temporary (dynamic), the latter being picked from a pool of available addresses owned by the ISP for the duration of your session. Businesses tend to have a static IP so that they can easily set up servers and remote connections; home users are more likely to have a dynamic IP. Every bit of connected kit behind your router will have a private IP address, but it's the public one that the router uses when making that internet connection that leaves an online footprint.

The ACS Law case would suggest that IP tracing is something of a double-edged sword: obtaining the required legal order to force an ISP to identify a customer from an IP address isn’t difficult, but proving beyond reasonable doubt that it was the same customer breaking the law certainly is.

Tracking accuracy

Identifying end users via IP addresses is based on the assumption that every address can be accurately traced back to an individual. That’s not necessarily the case, however.

"In general, the accuracy of IP address tracing varies depending on the type of user behind the IP address,” Tom Colvin, chief technology officer with security vendor Conseal. “Whilst big businesses can be traceable right back to their datacenters, standard family broadband connections are often hard to locate, even to county-level accuracy.

“The reason is that there are a number of sources of IP address information, the accuracy of which deteriorates with the number of hops from the backbone. There are some huge IP-to-location databases (for example Quova or MaxMind) which provide great results for backbones and carriers, but not for end users – one of the reasons being that ISPs can assign IP addresses randomly."

1 2
Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here
User comments

Also...

Surely to identify an individual you will need their local IP, since most users have a modem and a router, the ISP assigned the IP of the modem, which can or cannot be traced as per article, but within the network, i.e. router - it is virtually impossible to put the blame on any one person since IP to outside world is one for all. also unless setting are changed on the router you local IP may vary every time you connect to it.

By mobilegnet on 28 Mar 2011

IPv6

The bug question. Is it fool-proof that when IPv6 is fully implemented and everyone has a static IP addresses that a user can be traced?

I guess the problem is then proving that the user actually did it. This is where security comes in and who's responsibility it is to make sure your Wi-FI router isn't open or hacked...

By treadmill on 28 Mar 2011

All of this is completely pointless, as IP-identifying techniques doesn't prove without a shadow of a doubt that a particular person was sat downloading on that particular connection. For example, how can it tell that it is me or someone else who lives at my house? Clue: it can't.

By Cecil_EPU on 28 Mar 2011

the idea of static IPv6 addresses need rethought

This is one thing that I'm not to keen on about IPv6.

At least with IPv4, NAT and a Dynamic IP you had a certain degree of privacy through obfuscation. With IPv6 and every device having a static IP this reeks of a Orwellian Big Brother future.

By broccauley on 28 Mar 2011

IP cant even link to a dsl account holder

IAside from all the other flaws in using IP addresses to trace P2P users. Your article misses out some of the most common flaws.

The fact that an IP can hang around as a potential source on most networks long after the user has loged out and even that is no guarentee the file was ever available on that address. Add to that the fact that certain trackers now throw up fake user IPs intentionally to create false positives as a security countermeasure.

But I wa shocked to find after reading a cambridge uni technical report (www.cl.cam.ac.uk/techreports/UCAM-CL-TR-653.pdf ) that an IP address of a ADSL user can only reliably trace back to the DSLAM in the exchange and not to the subscriber. Read section 3.2.2 of report listed above

By DonDilly on 28 Mar 2011

Regarding static IPv6

The issue of IPv6 addresses being somewhat static or at least relating to the user's MAC address has already been considered greatly and solved. There are well known and supported IPv6 privacy extensions that randomise the host portion of the address and at do this at intervals. This should give you even more privacy than previously on IPv4.

By Eising on 28 Mar 2011

Would an IP address ever be enough?

If I was to share a file via P2P which one of these monitoring services identfied and then logged my IP address unless they actually download the file have I committed an offence? Downloading 5% of a movie file is pretty useless as you've not actually got any data that could be viewed as the movie.

By stuscott1978 on 28 Mar 2011

actual

in reality yes..if they wanted to find you returning the squared differences would im afraid be sufficient....
what have you done wrong that would require this ...i wonder ?!

By promark on 29 Mar 2011

and what does this mean for mobile broadband?

how can one be traced if using a dongle?

I can't see any way for tracing the user if using this method. they are virtually giving dongles away for free - without documenting who has what. One could argue ip-mac association, but this info is only valuable when one registers their dongle.

I eagerly await your comments.

By pentest7 on 23 Apr 2011

and what does this mean for mobile broadband?

how can one be traced if using a dongle?

I can't see any way for tracing the user if using this method. they are virtually giving dongles away for free - without documenting who has what. One could argue ip-mac association, but this info is only valuable when one registers their dongle.

I eagerly await your comments.

By pentest7 on 23 Apr 2011

Arrest the owner of that stolen car

for his car has committed many a crime today.

By bet1001 on 26 Aug 2013

Leave a comment

You need to Login or Register to comment.

(optional)

For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on pictures@dennis.co.uk

advertisement

Most Commented Features
Latest News StoriesSubscribe to our RSS Feeds
Latest Blog Posts Subscribe to our RSS Feeds

advertisement

Sponsored Links
 
SEARCH
Loading
WEB ID
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2010
 
 

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.