Can you really be traced from your IP address?

28 Mar 2011
Number data

Davey Winder investigates if rights holder and the police can reliably trace suspects via their IP addresses

Identifying individuals using nothing more than their IP address has become a key part of anti-piracy and criminal investigations. But just how reliable is such IP address evidence?

British courts have recently begun to cast doubt over its validity. The use of IP addresses to tie individuals to illegal downloads was a tactic employed by ACS Law, which sent letters demanding up to £500 compensation on behalf of copyright holders whose intellectual property was said to have been stolen.

At a hearing where 27 of these cases came to court, Judge Birss QC suggested that ACS Law had "materially overstated the untested merits" of using IP addresses in this way, and questioned if the process of simply identifying an IP address could establish a copyright infringement by anyone related to it. "Even if it is proof of infringement by somebody," Judge Birss said, "the fact that someone may have infringed does not mean the particular named defendant has done so."

What is an IP address?

Everything that is connected to the internet will have an internet protocol (IP) address, a numerical label that acts much like any address, in that it enables the correct delivery of something – in this case, data. It is what allows you to connect to the right web page when typing a URL into your browser (the numerical IP address is translated to and from the alphabetical URL by the Domain Name System, or DNS for short) and for email to reach you when someone hits send.

The public IP address you are allocated by your ISP may be permanent (static) or temporary (dynamic), the latter being picked from a pool of available addresses owned by the ISP for the duration of your session. Businesses tend to have a static IP so that they can easily set up servers and remote connections; home users are more likely to have a dynamic IP. Every bit of connected kit behind your router will have a private IP address, but it's the public one that the router uses when making that internet connection that leaves an online footprint.

The ACS Law case would suggest that IP tracing is something of a double-edged sword: obtaining the required legal order to force an ISP to identify a customer from an IP address isn’t difficult, but proving beyond reasonable doubt that it was the same customer breaking the law certainly is.

Tracking accuracy

Identifying end users via IP addresses is based on the assumption that every address can be accurately traced back to an individual. That’s not necessarily the case, however.

"In general, the accuracy of IP address tracing varies depending on the type of user behind the IP address,” Tom Colvin, chief technology officer with security vendor Conseal. “Whilst big businesses can be traceable right back to their datacenters, standard family broadband connections are often hard to locate, even to county-level accuracy.

“The reason is that there are a number of sources of IP address information, the accuracy of which deteriorates with the number of hops from the backbone. There are some huge IP-to-location databases (for example Quova or MaxMind) which provide great results for backbones and carriers, but not for end users – one of the reasons being that ISPs can assign IP addresses randomly."

Read more

Analysis