An IP Address Does Not Point To a Person, Judge Rules

AffidavitDonda writes with this excerpt from Torrentfreak: "A possible landmark ruling in one of the mass-BitTorrent lawsuits in the US may spell the end of the 'pay-up-or-else-schemes' that have targeted over 100,000 Internet users in the last year. District Court Judge Harold Baker has denied a copyright holder the right to subpoena the ISPs of alleged copyright infringers, because an IP-address does not equal a person. Among other things, Judge Baker cited a recent child porn case where the US authorities raided the wrong people, because the real offenders were piggybacking on their Wi-Fi connections. Using this example, the judge claims that several of the defendants in VPR's case may have nothing to do with the alleged offense either. ... Baker concludes by saying that his Court is not supporting a 'fishing expedition' for subscribers' details if there is no evidence that it has jurisdiction over the defendants."

Wow.

[Moryath]

Pity this'll never survive through the appellate courts, since the MafiAA bought off all the appellate judges long ago.

Re:Wow.

[bluefoxlucid]

Aww man, now they'll find ANOTHER way to exploit the courts.

Re:Wow.

[spun]

Pity this'll never survive through the appellate courts, since the MafiAA bought off all the appellate judges long ago.

All 687 of them?

Re:Wow.

Pity this'll never survive through the appellate courts, since the MafiAA bought off all the appellate judges long ago.

All 687 of them?

They only need a handful, don't they?

Re:Wow.

Well, the payoff is contingent on recouping the lost sales in excess of the GDPs of all of the world's countries combined.

Re:Wow.

Pity this'll never survive through the appellate courts, since the MafiAA bought off all the appellate judges long ago.

All 687 of them?

You haven't been paying attention now have you? For every positive result in trying to stop the madness it gets appealed and stopped elsewhere.
It seems that every time there is a glimpse of hope that the random sweeps and Granny trolling to catch the "Evil Pirates" will stop, the MafiAA take it back to court to keep it tied up in red tape and appeals. While this happens they keep doing it. Nothing changes and no amount of common sense can stop it while they continue to throw money at the people in power that can stop this.

Re:Wow.

[spun]

If they only have a handful, they need the right handful, and a way of guaranteeing they appear before the right handful.

Re:Wow.

According to the article you linked: "There are currently 875 authorized Article III judgeships: nine on the Supreme Court, 179 on the courts of appeals, 9 on the court of international trade and 678 for the district courts."

So they only have to buy off 179 judges...much less expensive.

Re:Wow.

[tepples]

Or maybe just all the appellate judges in those circuits where the publishers of proprietary entertainment works choose to file these lawsuits.

Re:Wow.

[IP_Troll]

Pity this'll never survive through the appellate courts, since the MafiAA bought off all the appellate judges long ago.

That is pretty cynical, federal judges are appointed for life and get a pension after retirement. Could the MafiAA offer a bribe that is worth more than guaranteed income for life, plus a high likelihood of a professorship at a lawschool, or partnership at a big law firm, after retirement? Pretty unlikely.

Re:Wow.

[SETIGuy]

The appeals court will decide that we all get a static IP which will be tatooed to each person's forehead. Then an IP address will uniquely identify a person. Unfortunately it will be an IPv6 address so you won't be able to do anything with it.

Re:Wow.

[SETIGuy]

It's not like there are penalties for bribery anymore. It's free speech, dontcha know. Give his wife a job. Add a private jet flight to the conservative strategy session in Maui. Use of a private condo there. Add in a few meals and hookers, and you're done.

Re:Wow.

[Mordok-DestroyerOfWo]

In fact, forget about the jets, condos, and meals!

Re:Wow.

[dgatwood]

And the number of the beast shall be IPv666?

Re:Wow.

[wiedzmin]

lol. Someone mod this one "Funny"!

Re:Wow.

[sortius_nod]

I see you are not aware of lobbying....

Re:Wow.

[bill_mcgonigle]

And the number of the beast shall be IPv666?

That's ::029a to you.

Re:Wow.

[Anthony+Mouse]

It isn't the judges you bribe. It's the politicians who appoint them in the first place.

Re:Wow.

[TangoMargarine]

Subcutaneously-planted RFID MAC address chips? (xkcd)

Re:Wow.

[MoeDumb]

Never underestimate the capacity for human greed.

Re:Wow.

[spun]

What does that even mean, I am not aware of lobbying? Were we talking about changing the laws, or enforcing them? What does lobbying have to do with appeals courts?

Re:Wow.

[thej1nx]

Courts only interpret and enforce laws. Use lobbying to change the laws and control their interpretation, and you circumvent the courts/judges entirely. No need to even buy the Judges. If a law is passed that holds the owners of an IP address is indeed responsible for activities carried using it, it is game over.

1 Hurdle Down, A Few More to Go

[Huntr]

Obviously, this won't be settled until it reaches the Supreme Court, but it's a vital 1st step. Go Freedom!

Re:1 Hurdle Down, A Few More to Go

[rwven]

Yup. IMHO, bar none one of the most important court decisions in a good while now.

Re:1 Hurdle Down, A Few More to Go

[lawnboy5-O]

Amen brotha.

Re:1 Hurdle Down, A Few More to Go

[Lunix+Nutcase]

Obviously, this won't be settled until it reaches the Supreme Court

Or the more likely scenario is the circuit court will strike down this judge and the case will be refused hearing by the Supreme Court.

Re:1 Hurdle Down, A Few More to Go

Yeah, now lets go copyright infringe to our hearts content on bittorrent! Best decision evar!!!

Re:1 Hurdle Down, A Few More to Go

[YesDinosaursDidExist]

Its true - its a great ruling and a vital first step. But basing the ruling on someone piggybacking off of another persons router doesn't solve the main issue. What could be argued is that in fact (and we know its not true) an IP address does point to a person..but happened (because of open WIFI) to point to the WRONG person. What needs to be brought up is IP address leasing...and that a particular IP could belong to countless people over a pretty short period of time...only then will we put this issue to rest.

Re:1 Hurdle Down, A Few More to Go

[CrimsonAvenger]

Obviously, this won't be settled until it reaches the Supreme Court

Or the more likely scenario is the circuit court will strike down this judge and the case will be refused hearing by the Supreme Court.

It's quite rare for the Supremes to hear a case until contradictory rulings have been issued on the same subject by two separate Appellate Courts.

If this case is upheld in its own District, then you've pretty much got your contradictory Appellate Court rulings in place, which means that either the Supremes hear it and rule one way or the other, or the people in that particular Appellate Court District have got that ruling to fall back on forever....

Re:1 Hurdle Down, A Few More to Go

Get off my lawn!

Re:1 Hurdle Down, A Few More to Go

freedom to do what? Pirate movies.
How fucking pathetic.

Re:1 Hurdle Down, A Few More to Go

But I have to poop, and your lawn looks like a perfect place to do so.

Re:1 Hurdle Down, A Few More to Go

[Travelsonic]

You mean pathetic like your point-missing comment? IRO-NIC

Re:1 Hurdle Down, A Few More to Go

This isn't about "freedom", it's about justice.

Re:1 Hurdle Down, A Few More to Go

[gnasher719]

Its true - its a great ruling and a vital first step. But basing the ruling on someone piggybacking off of another persons router doesn't solve the main issue. What could be argued is that in fact (and we know its not true) an IP address does point to a person..but happened (because of open WIFI) to point to the WRONG person. What needs to be brought up is IP address leasing...and that a particular IP could belong to countless people over a pretty short period of time...only then will we put this issue to rest.

You are confusing two things here. The one thing is was this judge said: Just because someone's router's IP address was involved, that doesn't mean immediately that the person had anything to do with it, so the judge cannot allow what amounts to a fishing expedition against hundreds of people, of whom many will have nothing to do with the case. What you suggest is thinking about methods to avoid IP addresses ever pointing to the right person, so that copyright infringement can happen without fear of being caught. The correct thing would be static IP addresses, closed-down routers etc. so that an IP address never points to the wrong person and innocent people are never suspected. Why would you want to protect the guilty?

Actually, if one of the people in this case had intentionally set up their router to produce deniability, then I think collecting evidence against them should be allowed.

Re:1 Hurdle Down, A Few More to Go

[Coren22]

But aren't the Supremes busy? I thought that they stopped singing and went into retirement years ago...

Re:1 Hurdle Down, A Few More to Go

[swalve]

You are getting it backwards. The ruling correctly states that an IP address doesn't necessarily point to one person. But it doesn't say that an IP address isn't valid evidence. If a chain of evidence can be provided that shows that x.y.z.n belonged to the cable modem in John Doe's house for the time period in question, then we know that anything coming from that IP address came through John Doe's house. THEN there is evidence that John Doe can be investigated. ESPECIALLY if the suspect content came from multiple IP addresses that all belonged to John Doe's cable modem at varying times. "On Monday, he had .2 and the file was available on .2 that day. On Tuedsay, he had .3 and the same file was available on .3 that day. And so on."

It's just a logic puzzle, and some people aren't good at it. If there is evidence someone was in the same vicinity of a murder victim, that doesn't prove they are the murderer. It just proves their phone was there at that time. If someone's alibi says "fuck, man, I was in Ensenada that day", that evidence can be used to prove their alibi is false. Still doesn't prove them a murderer, but it narrows it down. Same with this. IP addresses merely rule someone in or out of a group. It is up to other evidence to complete the elements of the crime.

Re:1 Hurdle Down, A Few More to Go

[Znork]

IP addresses are fundamentally incapable of identifying a person. It doesn't matter if you make them static or close down routers; you're a malware away from a rewritten address anyway with traffic originating elsewhere anyway.

Trying to use IP addresses as identifiers simply leads to them becoming even more useless as such, as anyone who wants to
avoid having their address spread simply uses proxies, vpns or darknets.

And really, the best way to deal with copyright infringement is to abolish copyright.

What parallel universe have I fallen into...

[The+Optimizer]

...where Judges are applying an understanding of the technical issues, common sense, and considering the situation of ordinary citizens?

Re:What parallel universe have I fallen into...

I don't know know, but we must be neighbors. Holy moly to this news.

Re:What parallel universe have I fallen into...

[msauve]

Well, it was filed on April 29, so the judge may have made up his mind on April 27, Opposite Day.

Re:What parallel universe have I fallen into...

MAFIAA might not offered him enough money and he felt insulted :)

Re:What parallel universe have I fallen into...

[Gearoid_Murphy]

Apparently in this universe, sanity prevails, Glen Beck still has his own TV show though, so lets not get carried away :P

Re:What parallel universe have I fallen into...

[H0p313ss]

...where Judges are applying an understanding of the technical issues, common sense, and considering the situation of ordinary citizens?

The same world where bin Ladin is dead, democracy is sweeping the middle east like a sandstorm, Duke Nukem Forever will ship in June and the NDP are the official opposition in Canada.

2011 is pretty interesting so far.

Re:What parallel universe have I fallen into...

[Killjoy_NL]

yeah but his contract his up, so he will be gone from Fox fast enough.

Re:What parallel universe have I fallen into...

[xMrFishx]

Yeah I mean seriously, who'd have known DNF might actually come out...

Re:What parallel universe have I fallen into...

[TooMuchToDo]

Hold tight everyone! Space time is about to rip itself apart!

Re:What parallel universe have I fallen into...

[unperson]

... Duke Nukem Forever will ship in June ...

chickens = eggs.

Re:What parallel universe have I fallen into...

[lawnboy5-O]

"Nanu Nanu?"

Re:What parallel universe have I fallen into...

[powerlord]

...where Judges are applying an understanding of the technical issues, common sense, and considering the situation of ordinary citizens?

The same world where bin Ladin is dead, democracy is sweeping the middle east like a sandstorm, Duke Nukem Forever will ship in June and the NDP are the official opposition in Canada.

2011 is pretty interesting so far.

Its all just a trap to lull us into a false sense of happiness before 2012 brings worldwide destruction and devastation.

Re:What parallel universe have I fallen into...

[Platinumrat]

2011 is pretty interesting so far.

And this is just another sign on the end of the world in 2012...

Re:What parallel universe have I fallen into...

[PoopMonkey]

You say that like it's a bad thing...

Re:What parallel universe have I fallen into...

who'd have known DNF might actually come out...

Duke Nukem Forever is gay?

Re:What parallel universe have I fallen into...

[syousef]

...where Judges are applying an understanding of the technical issues, common sense, and considering the situation of ordinary citizens?

The same world where bin Ladin is dead, democracy is sweeping the middle east like a sandstorm, Duke Nukem Forever will ship in June and the NDP are the official opposition in Canada.

2011 is pretty interesting so far.

Its all just a trap to lull us into a false sense of happiness before 2012 brings worldwide destruction and devastation.

Did you all miss the tsunamis, earthquakes, tornadoes and nuclear meltdowns? 2011 hasn't been all kittens and puppies.

Re:What parallel universe have I fallen into...

[powerlord]

...where Judges are applying an understanding of the technical issues, common sense, and considering the situation of ordinary citizens?

The same world where bin Ladin is dead, democracy is sweeping the middle east like a sandstorm, Duke Nukem Forever will ship in June and the NDP are the official opposition in Canada.

2011 is pretty interesting so far.

Its all just a trap to lull us into a false sense of happiness before 2012 brings worldwide destruction and devastation.

Did you all miss the tsunamis, earthquakes, tornadoes and nuclear meltdowns? 2011 hasn't been all kittens and puppies.

Sorry, it wasn't in my MyFaceTwit feed, so I didn't hear about them. ... did those things impact many people? Why didn't my parents mention it when they brought me dinner? I mean, why else would I be^H^H ... I mean ... HAVE THEM living with me.

Re:What parallel universe have I fallen into...

[TaoPhoenix]

When you take down the figurehead of the crusade to put us in Terror from our own government, this is what happens! You get the single biggest break in the file-lawsuit in years! /hoping

Re:What parallel universe have I fallen into...

[RobertM1968]

...where Judges are applying an understanding of the technical issues, common sense, and considering the situation of ordinary citizens?

I'm going with "The Twilight Zone" - I've seen some pretty weird, implausible or downright impossible crap on that show.

Re:What parallel universe have I fallen into...

[JonySuede]

yeah, that LHC thing worked out pretty well !

Re:What parallel universe have I fallen into...

[crossmr]

official opposition doesn't mean shit when there is a majority. They can stomp their feet all they want. Harper is preparing to sell us to American big business in 3...2...1....

Re:What parallel universe have I fallen into...

[Geldon]

Duke Nukem Forever will ship in June

What parallel universe did YOU fall into?

Re:What parallel universe have I fallen into...

[Ocker3]

No, just Really Really Super (he thanks you for asking)

Re:What parallel universe have I fallen into...

[JDAustin]

The same world where bin Ladin is dead, democracy is sweeping the middle east like a sandstorm, Duke Nukem Forever will ship in June and the NDP are the official opposition in Canada.

2011 is pretty interesting so far.

You seem to forget that democracy in the middle east (outside Iraq and Israel) boils down to one MAN, one vote, ONE TIME.

Re:What parallel universe have I fallen into...

Holy crap!

2012 might be the end of the world... All the unfinished, hoped for and long awaited... is here!

Re:What parallel universe have I fallen into...

[green1]

The selling happened a LONG time ago... now is time for the delivery...

Re:What parallel universe have I fallen into...

[macshit]

Canada has a government?!

Re:What parallel universe have I fallen into...

[H0p313ss]

Canada has a government?!

More like student council.

Re:What parallel universe have I fallen into...

Unless I missed something, civil disturbances != democracy. When they actually have elections where everyone can vote and the results are then used to create a government (and the elections are not just a one off), then we can say that democracy has swept through..

Re:What parallel universe have I fallen into...

Right on. I think we're merging with an alternate universe as we approach - in time - that huge-ass laser being fired. If it does manage to tear apart spacetime, there will be no set time of cascade because time itself will be subverted. By the time they actually do fire the laser I think our universes will be well within the third quartile of synthesis.

Re:What parallel universe have I fallen into...

[smellotron]

"Numa Numa"

FTFY

Re:What parallel universe have I fallen into...

[Killjoy_NL]

Wow, this got a troll score???

Re:What parallel universe have I fallen into...

TBH I think a lot of judges get a bad rap. I used to work doing legal IT support in the (british) court system, including a number of cases that were primarily IT-based. My colleague (now an expert witness) and I did forensic discovery work on the Drink Or Die/Operation Buccaneer "warez" case which some of you might remember from the early 2000's.

Doing so involved a lot of face time with the judges, none of which were very tech-savvy but whom were all highly intelligent and exceptional listeners. Often they'd ask us about various technical aspects from a geek standpoint in order to get a better understanding of the case, but they'd still ask seemingly inane questions ("what's a website?", "what's a hard drive?") to make sure that everyone in the court knew *exactly* what certain terminology meant, and especially what it meant in the context of the case. It's a form of obfuscating stupidity in order to ensure that there are no legal ambiguities, since if the judge, jury, prosecution and defence don't have an explicit legal and technical understanding of the terms then the whole case is inherently dodgy which serves as grounds for an appeal or even outright dismissal. Additionally, due to precedent, it's important to have a historical record of the terms, as what's common knowledge today might be forgotten or completely different in the future. Since much of US law is based on UK common law I suspect many of the same principles apply there too.

With that in mind, I'm still surprised it's taken this long for a court to categorically state that IP != person since even the judges I talked to were aware of the distinction. But then I dealt in criminal matters rather than civil, and evidence there usually had actual investigative police work behind it rather than a nuke-the-site-from-orbit approach. Still nice to see that even with the lower burden of proof the civil courts are obviously getting pissed off in being complicit in large-scale extortion ;)

Posting AC so as not to burn mod points.

Re:What parallel universe have I fallen into...

[cbiltcliffe]

Canada has a government?!

More like student council.

Heh. Just about as mature, too. :)

Re:What parallel universe have I fallen into...

LOL

Finally!!

[gr8_phk]

Finally a reason for people to get fixed IP addresses. IPv6 of course - preferably at least 256 per house. Most commercial interests don't want this, but if the **AA want if maybe it will actually happen :-)

Re:Finally!!

[nurb432]

Bingo, now you see one reason that v6 is bad. You get hacked and the courts just say ' we know it was you '....

Re:Finally!!

[SockPuppetOfTheWeek]

Won't do a bit to prevent anyone from "sharing" their IP a la open wireless or a Tor exit node.

Re:Finally!!

And that will solve the unsecured router problem... How?

Re:Finally!!

[TheTurtlesMoves]

You get a lot more that 256 address for your home network if IPv6 is done the way it is suppose to be done.

Note that having a IP==Computer also doesn't change the ruling from the Judges reasoning either, they did raid the right place, he did have that IP number when the offense was committed. Getting a new IP number every few hours from the ISP does *not* give you extra privacy and NAT does not give you any security.

And if you really want, there is the "get a random IPv6 address" option anyway.

Re:Finally!!

[stonewallred]

Not really.

I keep a dedicated cable modem hooked up, but there are several unsecured routers around my home and the city provides free wireless just a few blocks away if I chose to use a laptop.

Re:Finally!!

Only 256 per house? That sounds like a tiny amount. According to RFC6177 the current recommendation is that each house should be given more than a single /64 subnet so they can establish different subnets. A /48 used to be the recommended size, but /56 is being considered. Even if you get only a single /64 subnet for your house, that loney subnet still contains as many IP addresses as the entire ipv4 address space squared. The extra subnets are only really for practical routing reasons.

Re:Finally!!

[sjames]

The fact that it can be hacked and there exists a strong motive for a criminal to do so means it's still not adequate as a personal identifier.

Re:Finally!!

[mark-t]

256 would be inadequate without falling back on NAT. 2^16 *MAY* be sufficient... depending on how much connectivity a person's household appliances and consumer electronics might actually utilize. I would, however, tend to be partial to no less than 2^32 addresses per household.

Re:Finally!!

[Terrasque]

Actually, the recommended minimum subnet to allocate for ipv6 is /64 ..

And yes, that does mean you can host the whole internet on your next LAN. Several times.

To be exact, you'd have 18,446,744,073,709,551,616 adresses. (ref http://www.bind.com/?path=netmasks6 )

From http://en.wikipedia.org/wiki/Subnetwork#IPv6_subnetting

An RFC 4291 compliant subnet always uses IPv6 addresses with 64 bits for the host portion. It therefore has a /64 routing prefix (128â'64 = the 64 most-significant bits). Although it is technically possible to use smaller subnets, they are impractical for local area networks networks based on Ethernet technology, because 64 bits are required for stateless address auto configuration. The Internet Engineering Task Force recommends to use /64 subnets even for point-to-point links, which consists of only the two hosts.

Re:Finally!!

[hattig]

Awesome, each of my cats can have its own directly accessible IP webcam finally. And my gerbils. And the goldfish. And the mice in the walls. And the spiders. And the dust mites.

Re:Finally!!

Actually, it's a good thing. If you're using properly configured IPv6 with randomly-assigned addresses out of a /64, they're never going to get one specific IP address for a bunch of stuff (unless you're using a statically configured seedbox), so then they're left with the same argument. Whether it's an IPv6 /64 subnet or a single IPv4 address with NAT, you've got one "customer" that could be any number of people.

Re:Finally!!

IPv6 gives you a minimum of /64 per network. This is 2^64 addresses per end-user. IPv6 address space is 128 bit (2^128). This allows for 2^64 for routing to network, and 2^64 for the LAN part.

Re:Finally!!

[Travelsonic]

Let me see if I get this right: IP v X [like say, IPv6] -> 2 ^ X bits -> 2 ^ (2^X) possibilities? [like for IPv5 -> 2^5 [32] -> 2^32 =4294967296 possibilities]? Or is my arithmetic waaaaay off?

Re:Finally!!

[TangoMargarine]

You get a lot more that 256 address for your home network if IPv6 is done the way it is suppose to be done.

Why do I get the feeling that was what they said about IPv4....Why in the hell should any average household get 256 addresses?

Re:Finally!!

[Neil+Boekend]

Your data is off. IPv6 means it is the 6th version of IP. We are now using IPv4.
One of the differences is the amount of adresses. IPv6 has a 128 bit adress space. This means it has 3.40 x 10^38 adresses. We now have a 32 bit adress space: 4,294,967,296 adresses (but there are a lot of reserved adresses. 192.168.x.y can't be used for the internet for example. That's 256x256=65,536 adresses lost to the internet).
On the wiki page for IPv6 the other differences are explained.

Re:Finally!!

[TheTurtlesMoves]

The address space of IPv6 is truly massive. However it is not meant to be used the way IPv4 is used. Hell I am not sure you could and have practically sized routing tables. The idea is that the address is highly structured to ease routing and other things. Seriously, this time round they really added a lot of "space" to the address to really cover future expansion. Don't forget IPv4 has been good enough till 2010. By extrapolation IPv6 should be "more than enough for everyone".

Re:Finally!!

[TheTurtlesMoves]

Each cell in your body could have their own IP number... Cabling it up could be hard.

Re:Finally!!

[Nefarious+Wheel]

256 would be inadequate without falling back on NAT. 2^16 *MAY* be sufficient... depending on how much connectivity a person's household appliances and consumer electronics might actually utilize. I would, however, tend to be partial to no less than 2^32 addresses per household.

Not to mention the feral Furbies. IPV6-enabled Furbies - might just take over the world.

Be scared now.

Re:Finally!!

[TheRaven64]

Nonsense. With IPv6, the mapping that the ISP has is from subnet to customer - they can't do an address to person mapping. The router may possibly be able to do an address to MAC mapping, but only if it keeps logs, and in most implementations it won't be assigning these addresses, so there's no reason why it will. Current IPv6 implementations generate a new random IPv6 address every couple of hours, so two different IPs coming from the same house may be the same computer, or may be two different computers - no one off the network can tell (unless they use a higher-level tracking mechanism, like a cookie).

Re:Finally!!

[Travelsonic]

Cool, I get it. Thanks for clearing that up before I went on bad assumptions. Good thing I am undergrad in comp. sci and still learning.

Re:Finally!!

[swalve]

It is perfectly adequate as an identifier of the machine, not the person.

Re:Finally!!

[sjames]

It's not even a good identifier of the machine. Any machine can be configured to any IP address provided you can get the switch to send the packets your way. That's not all that hard to do, especially on a home network environment.

The Judge Has a Beard

THIS is the evil universe!

Re:The Judge Has a Beard

[Reverand+Dave]

Not really evil, his coin tosses just turn out to be opposite of the other universe. Also Zoidberg is blue.

So slashdotters

[tripleevenfall]

I agree that IP != person is a good ruling.

But this probably will close the door on the 99 cases out of 100 where an IP actually does equal a bad person who needs to be caught.

What do you propose we do to continue enforcement against these pieces of human waste? What if you can no longer get a warrant based on an IP?

Re:So slashdotters

You think copyright infringers are pieces are human waste?

Re:So slashdotters

What bad persons? *Really* bad persons launch all their bad stuff from hacked computers of ordinary people anyways. Or they're dumb not to do so.

Re:So slashdotters

[Moryath]

Wait, you mean the police might have to do actual police work rather than relying on shoddy "evidence" that doesn't point to the right place, raiding innocent people's houses, trampling all over civil liberties...

Gee. I must be insane to think we could agree that the cops should be required to do their due diligence...

Re:So slashdotters

What do you propose we do to continue enforcement against these pieces of human waste? What if you can no longer get a warrant based on an IP?

Uh, get more evidence? The IP could be used as a starting point, but shouldn't be used as the only reason to kick down doors.

Re:So slashdotters

It's better to let 10 guilty men free than to put one innocent man behind bars.

Re:So slashdotters

[NevarMore]

I'll bite. If you're doing something that bad, as in 'criminal trial' bad the police are involved. They can get warrants, do observation, and build a case on more than an IP. It won't stop them, if anything it forces them to build a stronger case that will lead to a guilty verdict or to the target never being indicted in the first place.

Re:So slashdotters

Gee wiz, they might actually have to do some real police work instead.

Re:So slashdotters

[kvvbassboy]

Get a warrant to seize hard drive,iInvestigate lifestyle patterns of the person, internet usage patterns from that IP. I still think that innocent until proven guilty should be main principle behind a ruling.

One thing is for sure, if someone wants to really hide behind a computer, he can. Unless the investigation team has influence beyond national borders.

Re:So slashdotters

"Better that ten guilty persons escape than that one innocent suffer" --William Blackstone

Re:So slashdotters

[tripleevenfall]

I'm thinking of this scenario:

Say the police have some sort of evidence that a person is sharing illegal material, such as a torrent containing child.. material. Previously the IP probably would have been enough to get a warrant to search the premises.

If that isn't probable cause anymore, how exactly are they supposed to catch this person?

Re:So slashdotters

[MightyMartian]

So let me get this straight. You're saying, because crap evidence can be used to nail child pornographers, the fact that it's crap evidence ought to be overlooked?

I don't think anyone is saying outright that an IP address can't be used to determine if someone at a specific geographical location is doing bad things. But rather than being some absolute identifier like RIAA and the MPAA have for so long claimed, it's more like blood tests in the pre-DNA days, a way of narrowing things down, but not in and of itself sufficient evidence to indicate wrongdoing.

Re:So slashdotters

[Pete+Venkman]

Wait for them to steal something that has actual value.

Re:So slashdotters

[SockPuppetOfTheWeek]

I'm pretty sure they could still get a warrant to track down the person who had used one IP (or a reasonably small number). Shot-gunning a few hundred thousand of them is out of the question.

IP always equals person, just not always the right person. But if you utilize some common sense it's still a worthwhile lead; at that step of the journey there's a better-than-average chance that even if it's the wrong guy he could be able to help you. If anything, this should make sure that law enforcement doesn't go doing stupid stuff like breaking down doors before they make sure that the IP = person was the right person. Suppose they do have an open wireless - chances are the person you're looking to connects to it pretty regularly. Triangulate and you have him. But don't just go knocking down the homeowner's door. Can judges award subpoenas with stipulations on how they're used, or is it up to the cops to show some common sense?

Re:So slashdotters

Then you have your numbers reversed. IP addresses are used to track down copyright infringers far, far, far more frequently than the "bad guys" you're referring to.

Re:So slashdotters

[OverlordQ]

Wait, you mean the police might have to do actual police work rather than relying on shoddy "evidence" that doesn't point to the right place, raiding innocent people's houses, trampling all over civil liberties...

Gee. I must be insane to think we could agree that the cops should be required to do their due diligence...

Good thing the only thing in the courts are criminal cases and nobody ever has to bring a civial suit.

Re:So slashdotters

[pixline]

Immoral perhaps, but no.

What's exactly immoral in helping musical lobbies struggle to maintain their golden ass(ets) instead of letting people choose to - actually - support their favourite artists directly (i.e.: merchandise, digital releases, live shows and so on) ?!? It works - ask Radiohead and Nine Inch Nails to name a few - and sure they won't miss their legacy major. It also have a nice side effect: more lawyers on child porn users instead of 10-years-old "copyright infringers" as it should be in a normal place.

Re:So slashdotters

[Moryath]

This was a sentiment of the founding fathers.

Sadly, none of the Retardicans/Ree Tardy fringe today are smart enough to even acknowledge that the Founding Fathers said it. They're too busy trampling all over our rights and reenacting Nazi Germany in the name of "Security" and "Freedom" and opposition to "Communism."

Re:So slashdotters

[Digicrat]

This ruling affects the ability of corporations/lawyers using subpoenas to identify individuals for civil suits when the only evidence is an IP address that they are equating to a John Doe. Cops requesting a subpoena for ISP details so that they have probable cause to get a search warrant which in turn *may* lead to hard evidence that will allow prosecution is a completely different manner and shouldn't (in theory) be affected by this precedent.

Disclaimer: IANAL

Re:So slashdotters

[NevarMore]

It wouldn't be probable cause for a warrantless search, but it would be enough for a bench warrant or enough to justify further actions. Perhaps something as complicated as stopping near the residence and checking to see if they have an open wireless AP.

Re:So slashdotters

Where do you get the idea they can't sue kids? They can and have.

Re:So slashdotters

[pixline]

World isn't ready for that: Voltaire died 200 years ago and people is still trying to deal with his works, let them have their time..

Re:So slashdotters

[Moryath]

You mean like "civil suits" where the MafiAA are using unlicensed, illegal "investigators"?

Re:So slashdotters

[dwillden]

It's better that 9999 guilty bad guys go free instead of 1 innocent be subject to a no-knock raid and arrest due to faulty information.

Re:So slashdotters

[billstewart]

(Should I feed the troll? Awww, c'mon, it'll be fun!)

An IPv4 address typically identifies a single household, not a single individual.

And while sometimes the activity that leads to a search warrant based on an IP address rates the term "pieces of human waste", it's usually not child pornography, it's usually just music or movie downloading, and maybe the person trying to have sex with the "13-year-old girl" in the chat room is actually the 13-year-old teenage boy in the household, not the 40-year-old adult who's paying for the IP address.

Getting a warrant for a guns-drawn SWAT raid should require an extremely high amount of certainty and a lot of information about the suspect, not just the simple "we've seen him dealing weed and don't want him flushing it" level. Even a warrant for a normal polite knock on the door by an officer with a search warrant or arrest warrant ought to require higher standards than police have been getting away with lately, and if the alleged "crime" is "copyright violation", that's something that ought to be dealt with by a process server, not a cop.

Re:So slashdotters

[unperson]

But this probably will close the door on the 99 cases out of 100 where an IP actually does equal a bad person who needs to be caught.

I'm not sure about the 99/100 figure. However, even if that's true, I'd argue that just because something is a 99% accurate indicator of crime, it doesn't justify a forfeiture of rights for the other 1%. Is having an IP address linked to an illegal activity justification to open an investigation? Sure. Enough to break in and confiscate property of an individual who has an open WAP living in a populated area? Probably not. Keep in mind people committing internet crimes are "crafty" and know that its important to hide their own identities (often, masking them as the identities of others)

Re:So slashdotters

[_Sprocket_]

I agree that IP != person is a good ruling.

But this probably will close the door on the 99 cases out of 100 where an IP actually does equal a bad person who needs to be caught.

Unless you have something to back up the "99 cases out of 100" figure, we'll just throw that out off-hand as a WAG to draw attention your point. The real point is what do we do to catch Bad People. Build a case on more than an IP address. A case is not built on a street address. Nor is a case based on a license plate number. And these are much more static in nature than IP addresses. While all this might be part of a the chain that leads to an arrest and consequently part of the case, it's going to take more than just that to identify and prosecute.

Re:So slashdotters

[Dare+nMc]

>What if you can no longer get a warrant based on an IP?

This is only saying a business can't subpoena private details of another private party on IP alone, I don't know how that would apply to a warrant. I assume the RIAA, could still use IP data to have a investigation opened by the police, and they could get a further search warrant that could allow a address given to the police... I would think a warrant for the address to be given to police would have a lower burden than for a private party. I hope it was learned to not use IP alone as a reason to grant a smash and grab raid warrant, but only to get contact information to continue the investigation perhaps by contacting the owner of equipment, to gather more evidence. They probably could have caught the actual perv, had they quietly contacted the home owner, and started logging that homeowners Wifi info... Once they smashed the innocent owners place in, shutting down the network, announcing to everyone within 100* the maximum wifi range they had "caught the perv". I suspect it was too late then to gather any more data on the actual perp.

Re:So slashdotters

[AffidavitDonda]

I don't think this ruling applies to normal police work.

from the order:

"the imprimatur of this court will not be used toadvance a “fishing expedition by means of a perversion of the purpose and intent” of classactions."

The police can still get the address of the suspect and than do some their job by observation to collect evidence. I think if they can proof, that the suspect is at home every time the IP was used for some criminal activity, this would be enough.

Re:So slashdotters

[tripleevenfall]

(Just to be clear, I agree with this ruling, I'm just worrying about unintended consequences)

Currently having an open wireless does not imply that it was always open, for one thing.

I don't see any path to PC for an LEA who doesn't have anything physically or anyone actually tipping them off. The vast majority of these people are not caught any other way.

I'm not saying I'm against this ruling, I'm saying that the law is out of date and needs to be updated to be able to handle this in a sane way. The wrong person's door getting kicked down is not good, but it's worse to remedy that at this cost.

Re:So slashdotters

[tripleevenfall]

-Sigh-

modded troll?

I was honestly not trolling. I just wanted to discuss was the unintended consequences might be of this ruling.

Why do people have to mod you "troll" just for asking the question? I honestly wanted the answer.

Re:So slashdotters

[sjames]

One fine day when the cops break your door down without warning, "drive stun" your crotch with a Taser and then destroy everything in your house (including the sheet rock, carpets, and floorboards) because as far as they're concerned, you are a "piece of human waste" and it's good enough for you, remember that you advocated that IP address=personal identity.

I wouldn't hold my breath waiting for compensation, an apology, or even a note to your neighbors that you're not actually a perv, because you'll get none of that without a years long bankrupting court battle.

Or, we could simply insist that they do actual followup police work to see if there's a GOOD reason to believe they have the right person first. They can look for things like financial transactions between the suspect and a known bad guy, or physical evidence of the crime taking place. If they find none of that, they should just move on. If they DO find it, then I'm sure a judge will be glad to sign the appropriate warrants.

Re:So slashdotters

You're going on the assumption the IP address is a reliable piece of evidence. We all know its not. Your example assumes the police are right. The point of a warrant is that it shows that you have enough evidence that shows you are on the right path and your suspicions are justified.

What the police should do once they get the IP address is monitor the web traffic, figure out what websites the perv frequents. Setup a sting operation and nail him/her once they have enough HARD EVIDENCE. You know, police work.

Re:So slashdotters

[sjames]

Surveillance. Any contact with children? Does any of it look inappropriate? Look at financial transactions. Any payment to known pornographers or their agents?

Re:So slashdotters

[Riceballsan]

While I don't condone in the trading of such items, I do have to say the legal system fighting the images does more harm then good. The actual abusers of the stuff (IE the ones actually taking the pictures, harming children etc...) are rarely targeted, while ones who actually trade the images after the fact, whether intentionally or by accident (accidentally finding an image posted on a forum, then having it in your cache is considered possession) are persecuted way beyond necessity. Heck people are going to jail for the rest of their lives over drawn pictures, manga collections etc... Putting a stop to the moronic abuses of the law is something for me to oppose.

Re:So slashdotters

The wrong person's door getting kicked down is not good, but you'll accept it anyway?

Who the hell are you to decide whether or not its acceptable, as an innocent in a FREE society, to be treated in such a matter as this? Yes it makes it harder for the good guys to catch the bad guys but thats how it will ALWAYS be.

Law enforcement will always be at a disadvantage because criminals, by definition, have already decided they don't have to play by the rules. Courts, judges, and cops are restricted by things called laws--and for good reason. If cops and criminals don't have to abide by rules, whats the difference between the two?.

I like cops, and would like to differentiate them from the criminals. Rulings like this make it easier for me to hold law enforcement in high regard.

Re:So slashdotters

And why the hell haven't record companies even tried to leverage Bittorrent to their advantage?

This would be an interesting case study:

Major record company puts up a website with Bittorrent seeds of all of the music that they sell, with several ads littered across the entire site. They seed these Bittorrents at a higher download speed than anyone else out there is able to compete with and therefore win said market and get all of the associated ad revenue. See how much profit that rakes in--if successful, then they've found themselves a win-win for everyone. If it ended up being a failure (which, unfortunately, unless they make more than their speculative bullshit amount, they will probably say it's a failure no matter what), then fine. At least they showed people that they were willing to try working with them instead of just get sue happy.

Re:So slashdotters

[Sarten-X]

You got modded troll because you equated one kind of illegal activity with another, ignoring the arbitrary distinction that the Slashdot community holds between "good crimes" and "bad crimes". There is no "Illustrates hypocrisy" mod, so you got "Troll" instead.

Slashdotters in general have a particularly flexible idea of good and bad. Basically, if a single person does something, it's good. If a group of people work together to do something, it's great. If a group of people work together as a company to do something, it's bad. If a group of people elect some people to make decisions for them, those decisions are always terrible.

To Slashdotters, copyright infringement is a noble cause that should be promoted whenever possible. Child porn is funny, and great for trolling. The thought that some kid is being abused or some writer is begging on a street corner doesn't occur to them, and they don't like being reminded that it really happens.

In a typical Slashdotter's perfect world, the courts would look at all the parties involved (without seeing any of an individual person's information they might consider private), and decide that playing Robin Hood is perfectly fine, while following a strict code of rules covering every possible scenario and written in a 200-page book at a 6th-grade reading level. In the real world, justice is blind, and judges try to apply laws equally, accounting for complexities as best they can. Sometimes it works, and sometimes it doesn't. This annoys the community here greatly.

Re:So slashdotters

Nope. The real criminal across the street is also watching Mr. Sixpack go to/from his residence and only does his dirty business while Mr. Sixpack is home and unaware, except to wonder why his Netflix is hiccuping.

Proof is hard, and it should be, that's why it's called proof.

Re:So slashdotters

[networkBoy]

My printer's IP doesn't represent a person.
It either represents no-one, or everyone with rights to access it. Either way it disproves the hypothesis that IP == person.
-nB

Re:So slashdotters

[JonySuede]

How do you classify an automated bot net with your proposition (one person -> (exist-at-least one IP)) && (one ip -> (exist-at-least one person)) true ) ?

Re:So slashdotters

[Travelsonic]

Hmmm, gross generalization, mis-characterization? Or funny, and intended to be witty? [if the former, pleases for the love of god, basic set theory makes your generalizations false by design]

Re:So slashdotters

[Lost+Race]

"I'd rather let 100 guilty men go free, than chase after them." --Clancy Wiggum

Re:So slashdotters

[SETIGuy]

Yeah. I think we could catch lots of criminals by searching every house and apartment without a warrant. Let's start with yours. We wouldn't want those living turds to get away.

Re:So slashdotters

Democrats had the majority in the house and senate for years... so they must have also voted to:

Keep the PATRIOT act alive.
Keep GITMO open (recent events prove that to be a good thing)
Bail out evil corporations.

Your lopsided view of the facts is disturbing. And worse, you posted it in public how retarded YOU are.

Re:So slashdotters

[Sarten-X]

A bit of both. Its intent was as a caricature. Fortunately, I wrote a Slashdot comment, not a formal mathematical proof, so I'm not particularly worried about set theory's incompatibility with exaggeration.

There are certainly a lot of Slashdot users who are generally sane and reasonable folks. However, there are enough people with biases to form a critical mass of bad mods and metamods. One post with careless wording offends someone, and gets marked as a troll. There's enough others who see it as a troll that that knee-jerking mod can get good metamod results, and can go on to jump to conclusions about other posts. Other users see the troll label, assume the post is trolling, and then read with biased eyes. As a result of Slashdot's entirely-crowdsourced modding system, biases never really go away.

I chose one particular bias to pick on for my caricature. There's lots of others. If you'll allow me to pick on another, I'll take a look at your signature. I personally have nothing to hide, and will gladly give up my privacy for fairly small (even some ideological) reasons. Try to force other people to give up their privacy without a damned good reason, and I'll fight it to the bitter end. Now, if I were to post the first half of my opinion in a discussion without the second half, you'd apparently think I'm a "goddamned idiot". Would you mod under the assumption that I'm either stupid or trolling?

Similarly, I get annoyed by heavily-slanted posts about how governments and corporations are evil. Post something saying that you understand a company's position, make a few decent points I hadn't thought of, and I'm likely to give an "insightful" mod. That's a bias, too. I intentionally never excluded myself from the community I talked about.

Effectively everyone in the community is biased in some way. That's okay. The original post in this thread was modded "troll" apparently because of these biases. The modding system certainly can't be perfect, but with so many different opinions, the system as a whole ends up in a pretty reasonable center. Slashdot's moderation system is the worst, except for all the others.

Re:So slashdotters

[AffidavitDonda]

Maybe that's right. But police, once they have the address, has more option than blindly raiding the house. They could scan the network and see from where it's used and maybe even intercept the packages.

That would mean one more step for the police. And anyway, the main question was, if it's making police work impossible, what it doesn't, since police with evidence that a certain IP was clearly used for criminal activity would get the address and other data necessary to carry on their work.

Re:So slashdotters

Of course it does: your printer, so it represents you. If your printer is acting without your authorization, you have a fair case to say that you're the wrong person. But that was my original point anyway. You can always trace an IP back to a person.

Re:So slashdotters

Just means that someone's IP was used without their knowledge or consent. But surprisingly enough if you're not knocking down doors and shooting their pets, there's a fair chance that they'd actually be rather glad to find out about it and do whatever they can to help you find out who's doing it.

Re:So slashdotters

[TangoMargarine]

The "99 out of 100" was a bit trollish imho.

Re:So slashdotters

[JonJ]

Democrats had the majority in the house and senate for years...

Both the democrats and the republicans are right-wing nutjobs. USA does not have two radically different parties, but two very smiliar ones. I have no idea why they're imagining that this is democratic but hey, it's their country. There are practically no left-wingers in the USA, just different varieties of right-wingers.

And Bin Laden's dead too...

Could it be a collective dream we're all sharing?

Finally

[stewbacca]

I'm not one to trumpet common sense (because it usually isn't as common as we think), but I'm here to play you all a song on my trumpet.

Now if we can eliminate speeding tickets based on license plate numbers...

Re:Finally

[lawnboy5-O]

You are kidding right? In the great state of CO (and I am SURE others, and half my family are cops in NJ), they use an Optical Character Recognition scanner to run your plate number automatically through the on board networked laptop; e.g. which then "tells" the officer what your story is, put your positioning traffic on screen, speed, and other info - instantly - should you be deemed "up to no good". So if you are late on your registration, and caught my their car mounted camera's, you are beat, if they are not already preoccupied with some other sloth of society. Or, whatever other purposes they need to generate revenue.

Re:Finally

[_Sprocket_]

Now if we can eliminate speeding tickets based on license plate numbers...

Where do you live that speeding tickets are based on license plate numbers? Everywhere I've gotten a ticket involved a cop actually handing me a ticket or having a photograph of my plate and my face on the ticket (actually - this happened to some friends, not me. They borrowed someone's car. Got busted by a speed camera. Ticket came in the mail to the car's owner. Owner noted that the photographed driver wasn't him. Driver was actually on their way to the airport and has left the country. End of ticket).

Re:Finally

[quiksand]

Regardless of if a dynamic IP address is used or not, if the lease time is long enough and good logs are kept, you can still find a user even if someone else has the IP address because only one MAC can be tied to an IP Address at a certain time. You query on that time frame to get your mac associated with said IP Address from the dhcp log file.

Re:Finally

[quiksand]

If the lease time of the IP Addresses is 24 hours, the DHCP server initiates a handshake at the 12 hour interval. If no device responds, the IP address is released back in to the pool. Since ISPs probably have a huge range of IP Addresses, it's unlikely that the IP address just released would be picked up by another device. I've seen instances where our PCs would be off line for upwards of a week and we'd still pull the exact same IP Address.

Re:Finally

[fred+fleenblat]

since when is a MAC per-person either?
might be a NAT, might be a server, might be spoofed.

Re:Finally

[stewbacca]

Yeah, that's my point. OCR is great, but what if I wasn't the one driving the car?

Re:Finally

[stewbacca]

Germany, UK for sure (because I got a ticket from both of those places), and I think I've read that Maryland and DC have speed cameras, as well as several other Eastern states that take a picture of your license plate and then the owner of the vehicle is mailed the citation, regardless of who was driving.

We have red light cameras in Austin, TX, but since I'm not an asshole driver, I don't know what kind of proof they get with those (i.e. can you tell it's me driving?)

Re:Finally

[quiksand]

NAT is IP based where an public IP address is translated to a private IP address. Still the customer can be identified. Mac addresses are unique to each device so it's highly unlikely that the same mac would be assigned to multiple devices. Besides, only 1 would pull an IP address at 1 time since the arp table only allows 1 IP Address per Mac Address.

Re:Finally

[lawnboy5-O]

Or what about when OCR even fails - cause it does.... we are talking the same language regardless. Sacrificing freedom for personal safeties - its a big hangup of mine with the said government, and ticketing is out of control for all the wrong reasons.

Re:Finally

No, that has nothing to do with it. The ISP knows who that IP address is assigned to at any given time, all that says is that your broadband or whatever connection (cable, etc.) had that address during that time period. What it cannot say is that you were the person that was making the illegal downloads.

Re:Finally

[gmhowell]

since when is a MAC per-person either?
might be a NAT, might be a server, might be spoofed.

Look at the sibling comment to yours. quiksand has been making this argument all over this story.

Re:Finally

In most states the traffic ticket is issued to the owner of the vehicle and unless someone else admits it was them driving the owner of the car has to pay the fine.

Re:Finally

[demonlapin]

You simply rewrite the law to state that the owner is presumed to be in control of the vehicle at all times unless they can specifically identify the other person who was actually operating it. And that the owner is ultimately responsible for the payment of any fines. Then you make it a "civil" or "administrative" penalty, rather than a criminal one. Voila, no proof of face required.

Re:Finally

[stewbacca]

Except you have to write the law first. They do have that in Europe, not so sure our small-minded municipal leaders can think that all the way through here in the US though.

Re:Finally

[rahvin112]

Yep anyone could have it. And the ISP keeps track of who had it. And they asked the ISP who had it. And the ISP told them who had it. You aren't stupid enough to think the ISP doesn't track which login has what IP are you?

Re:Finally

[Travelsonic]

Customer =/= user though, that's the whole point. >_

Re:Finally

In the UK

Most cameras face back of the vehicle (otherwise motorcycles get off scot free), and all the GATSO's are automated - no cop in sight

Re:Finally

If a real live cop pulls the guy over, he'll have the opportunity to figure out that the driver of the car is not actually you.

The problem lies with the systems where they read your plate and send you a ticket without a real human ever seeing the driver's face to verify that you were driving your vehicle at the time.

Re:Finally

[tehcyder]

Yeah, that's my point. OCR is great, but what if I wasn't the one driving the car?

Fucking prove it.
If there was a shooting, and your licensed gun was the murder weapon, wouldn't the police assume you had done it unless you could show otherwise?

Re:Finally

[tehcyder]

Germany, UK for sure (because I got a ticket from both of those places), and I think I've read that Maryland and DC have speed cameras, as well as several other Eastern states that take a picture of your license plate and then the owner of the vehicle is mailed the citation, regardless of who was driving.

Here in the UK, the registered keeper of a vehicle is liable for offences committed by/in it, unless they can prove that someone else was driving.

Re:Finally

[SockPuppetOfTheWeek]

The ISP keeps track of which subscriber had it. But nothing prevents the subscriber from letting his family, friends, or even strangers off the street use it. If he's running an open wireless network, that's exactly what he's doing. And if he's using WEP encryption, or WPA encryption with "password" as the password, it's entirely possible that he's still doing it without realizing it.

Re:Finally

[SockPuppetOfTheWeek]

Fucking prove it.

No, you.

If there was a shooting, and your licensed gun was the murder weapon, wouldn't the police assume you had done it unless you could show otherwise?

That would make you a suspect, but they would find it hard to convict you if that was the only piece of evidence they had.

Re:Finally

[stewbacca]

If there was a shooting, and your licensed gun was the murder weapon, wouldn't the police assume you had done it unless you could show otherwise?

I don't know what country you live in, but the burden of proof is not on my to prove my innocence. The police can assume all the want about who used my gun to shoot somebody, but they have to prove I was the one that did it, or prove that I was negligent in letting somebody else use my gun.

Not home yet kids

[hilldog]

In the case of a static IP address and a locked down router would that not be enough circumstantial evidence to convict? While I applaud this ruling still I think a jury or judge could be swayed by a good prosecutor pointing to those two factors. Ummthat and your 1200 titles movie collection on home burned DVD’s.

Re:Not home yet kids

[Wamoc]

In the case of a static IP address and a locked down router would that not be enough circumstantial evidence to convict?

A router can be locked down after someone else used the connection openly. The law would have to prove that the router was locked down at the time the infringement happened.

Re:Not home yet kids

It would also have to prove that it had not been broken into. Bring out a few cracking tools in court...

Commercial interests would love fixed IPv6 addrs

[billstewart]

There are several reasons ISPs would rather give you dynamic addresses - DHCP is easier than keeping track of address assignments, and it lets them charge you more if you care about static. (And most ISPs are planning 256 subnets per house, not just 256 host addresses.)

But the commercial interests who do advertising or who do geolocation or other tricks to sell to advertisers would *love* to have user information tracked by static IP addresses and ideally even per-device MAC addresses that can be encoded into IPv6 addrs, because that's better consumer data.

er this is a bit silly

[Idimmu+Xul]

Judge Baker cited a recent child porn case where the US authorities raided the wrong people, because the real offenders were piggybacking on their Wi-Fi connections.

Surely the police raided the right people, the owners of the wireless device that facilitated the downloading. How they handled them after that however is debatable, but how would the police have been expected to solve the crime with out doing that?

Car analogy! If my car is caught on a video camera running over children, shouldn't they be allowed to go to the DMV with my license details, get my address and interview me?

Re:er this is a bit silly

Yes, but they have to make at least an attempt to figure out if you were, indeed, the driver of your own vehicle at the time of the incident. They are not allowed to figure 'you are good for it' and slap the irons on you simply because your car was there.

Re:er this is a bit silly

Sure, but they probably shouldn't be able to break into your home and point automatic weapons at your head while they take everything inside.

Re:er this is a bit silly

[Java+Pimp]

Not really, unless you are saying we need to register our computers with the state and acquire a license before we take them out on the information super highway...

Re:er this is a bit silly

[Moryath]

Surely the police raided the right people, the owners of the wireless device that facilitated the downloading

Actually, it turned out the downloader had been downloading using half a dozen access points, and they eventually caught him by tracing back his login from where he had downloaded at a university through the U's secured wireless.

So the raid was not just worthless, it was a waste of time and involved the needless trampling and horrific treatment of innocent people.

In other words, whoever collected the "evidence" and authorized the raid were being a couple of lazy fuckasses, which we should never allow law enforcement to be, and which is why it's so important to enshrine into precedent that an IP address IS NOT A PERSON and should not be enough to authorize a raid.

Re:er this is a bit silly

Interview, sure. Raid, no.

I'm assuming of course that as a law abiding citizen, you have the lights on, and can be seen through the window preparing sammiches as it is monday night, kick off time.

Also, going to the Car analogy, the authorities would first turn to DMV to see who has the license to distribute an unlimited number of unregisted, untracked, identical, cloned for zero cost ford trucks, the only identifiers being that it was a car, and that the dealership/importer/distributor was X.

Re:er this is a bit silly

[Cloudgatherer]

If you re-read your post, you do not feel any cognitive dissonance at all here?

The police raided the owners of the wireless device. By your own analogous example, they would also raid you, using said video of your car as evidence that you committed hit and run (just as they would want to use IP addresses as stronger evidence than a license plate).

It is far more reasonable to interview or request access to the router/car (whichever example we are referring to here), but that is clearly not what is going on.

Re:er this is a bit silly

[Jahava]

Judge Baker cited a recent child porn case where the US authorities raided the wrong people, because the real offenders were piggybacking on their Wi-Fi connections.

Surely the police raided the right people, the owners of the wireless device that facilitated the downloading. How they handled them after that however is debatable, but how would the police have been expected to solve the crime with out doing that?

Car analogy! If my car is caught on a video camera running over children, shouldn't they be allowed to go to the DMV with my license details, get my address and interview me?

Then again, there is the question of severity. Violation of traffic laws can point to willing risk to other members of society (speeding, running lights) or, in your example, (analogous) murder. File sharing is, more or less, victimless*. I would put it more on par with police going to the DMV, then your house, because they caught you not wearing your seatbelt on camera, and I would think that, legal or no, such a reaction is well out of line.

* Yes, I am aware of the economic impact of a failure to sell a product. However, file sharing is so far removed from actual purposeful purchase, and industry profits and sales have never been higher. I would imagine that if there was a serious impact worthy of putting the act on par with public endangerment or bodily harm, there would be at least some compelling evidence of effects to back it up, and there really isn't.

Re:er this is a bit silly

Hello 2012.

Re:er this is a bit silly

Sure, they can interview you if you foolishly choose to speak to them (even if you are innocent, you should never, ever speak to the police). However, if the camera does not show you driving the car, then it is useless as evidence to convict you.

Re:er this is a bit silly

[Idimmu+Xul]

Yes, but they have to make at least an attempt to figure out if you were, indeed, the driver of your own vehicle at the time of the incident. They are not allowed to figure 'you are good for it' and slap the irons on you simply because your car was there.

Totally agreed, but that kind of rights violation is more related to how the police handle searching a premises and the whole 'innocent until proven guilty' line, which they seem to forget quite readily.

Re:er this is a bit silly

[Idimmu+Xul]

They'd still need to subpoena the ISP to determine the owner of the IP address in order to progress the case with an interview request.

I'd like to hope that good judgement would be used by the police to determine whether an interview request or a raid would be the next course of action, but I have a feeling they tend to go over the top to stop people destroying evidence?

Re:er this is a bit silly

Yes you can expect the police to show up at your door if they suspect a crime is being committed. Whether or not you did it, they will still ask you questions. The issue was that they used a SWAT team and it was completely unnecessary. I love how "civil libertarians" like to tie the hands of the police with bullshit like this.

Re:er this is a bit silly

[Em+Adespoton]

So... IP addresses are more like corporations?

Re:er this is a bit silly

[Idimmu+Xul]

Also, going to the Car analogy, the authorities would first turn to DMV to see who has the license to distribute an unlimited number of unregisted, untracked, identical, cloned for zero cost ford trucks, the only identifiers being that it was a car, and that the dealership/importer/distributor was X.

IP addresses aren't exactly unlimited, unregistered, untrackable or identical. If they were the IPv6 roll out would be going even slower than it is now ;)

Re:er this is a bit silly

I do personal computer repair aside from my normal IT admin 9-5. Fom tha experience I can, privacy aspects aside, say yes. You should need a damn license to get on the internet. I don't know how many times I've berated people for downloading every Smiley Face app, Bonzai Buddy, "Registry Cleaner" and vbscript ridden email they can find while refusing to use automatic updates because "it makes the Internet slow" on their AOL DIAL UP connection. FFS.

I feel better, I think I'll have a drink.

Re:er this is a bit silly

[rsborg]

Judge Baker cited a recent child porn case where the US authorities raided the wrong people, because the real offenders were piggybacking on their Wi-Fi connections.

Surely the police raided the right people, the owners of the wireless device that facilitated the downloading...

You'll note that the judge isn't blaming the police, but rather the plaintiffs here as they are seeking a "fishing expedition" which has already resulted in innocent folks getting violated. Raising the bar on the MAFIAA as to when they can seek a no-knock warrant is the best way to resolve these issues.

Re:er this is a bit silly

[evanbd]

Why are SWAT teams raiding houses and kicking in doors at all for suspects who aren't believed to be armed and dangerous? There are plenty of ways to make mistakes, and a knock on the door with warrant in hand would have been as effective if they'd been right, and drastically reduced the trauma to innocent people if they were wrong.

Re:er this is a bit silly

Car analogy! If my car is caught on a video camera running over children, shouldn't they be allowed to go to the DMV with my license details, get my address and interview me?

By that logic, if your car is STOLEN seen running over children and you don't report it STOLEN until after the children are run over, YOU are liable.

To go back to the OP, if your Wi-Fi is accessed/used without your permission and used for illegal activities, should YOU be held liable because YOU didn't report that your Wi-Fi was (for all intents and purposes) broken into?

Re:er this is a bit silly

You do realize he was citing a child pornography case?

Re:er this is a bit silly

Also adding to parent's response, WHY THE HELL DO THEY USE SWAT?!

I mean, as in other comments. Couldn't a normal officer deal with the arrest of the parties involved without having to go with MILITARY forces that are trained to deal with DIRECT acts of TERRORISM, HOSTAGES, and people with BIG GUNS, that's what she said, and TRAINING?

Re:er this is a bit silly

[maztuhblastah]

Car analogy! If my car is caught on a video camera running over children, shouldn't they be allowed to go to the DMV with my license details, get my address and interview me?

Yes.

They should not, however, be allowed to use the capture of the license plate as proof that you were driving the car...

... especially not if the car was found in a ditch 20 miles outside of town with the ignition lock popped from the steering column -- which is essentially the equivalent of trying a filesharer with an open AP on the basis of an IP match.

Re:er this is a bit silly

[cdrguru]

Today the assumption is pretty much EVERYONE is armed and dangerous.

Every day the police go to some random house where they are there for some non-violent reason and are met with either utter insanity or gunfire.

When you walk up to the front door of a meth user you will discover a couple of things. The first is that if you aren't in the "meth scene" then you must be a narc. And you probably want to listen to their understanding of how the world works. You will notice that they seem a little ... well, nervous. And they are generally pretty paranoid, to the point of "knowing" the whole world is out to get them. A cop at the front door just confirms that belief and can lead to some pretty suicidal impulses. Aside from being a little on edge and having some bizarre theories the second thing is that a meth user is often a collector of stuff. Firearms. Ammo. Explosives. Fireworks. Just about anything, with extra points if it is dangerous to have around.

The other sort of people that don't like visitors much are the folks engaged in meth production. They know the cops are there to arrest them and kill them. Sometimes in that order, sometimes the other way around. Doesn't matter - the only logical response (in their minds) is to kill anyone that comes to the door that might be a cop. You hear all sorts of stories about cops knocking on doors because of loud music or awful smells coming from a house and being nearly killed.

Short answer is today just about any interaction with the police will involve them taking absolute control of the situation from the beginning and making sure there is nobody walking around that might be able to grab a gun and start shooting. This includes traffic stops where around 50 or so officers are killed each year, usually for doing something they have been trained not to do, like getting distracted from the people in the car.

Re:er this is a bit silly

[stretch0611]

If the police (or federal authorites) find child porn being transmitted to/from an IP address that is registered to your hardware, they should be allowed to find out who you are and subsequently interview you. In addition to interviewing you, they should be allow to further their investigation.

When they interview you, you have a right to get an attorney and/or decline to speak with them. This occurs before charges are filed against you.

A private company (or lawyers working for one) should not have the right to bypass all of this and file a lawsuit against you without a proper investigation.

As for the car analogy, My license plate is not used for only a few days just to go back into a pool of license plates which would be reissued to someone else later. In addition, a video with my car running over children would most likely also capture the make/model and color of my vehicle which would count as more evidence.

Even if the above proves that it is my car, it would still need to be proven that I drove the car. If I can show a reasonable doubt that I was not the driver, I should be found innocent. IP addresses are copied, open routers are used by other people, and password protected routers can be cracked.

Why should a file sharer have fewer rights than a child molester?

Re:er this is a bit silly

[Dare+nMc]

>Surely the police raided the right people,
The Police destroyed a live lead by going in without doing due diligence, luckily in this case, the person they were after wasn't scared off and kept up the same activities at different wireless AP's in the same area. A slightly smarter crock would have stopped/moved away because they went in guns first and proclaimed victory immediately, not sending in the nerds first to catch the correct person. Appears after they bungled this, then the Police got scientists to track the perp down the correct way, tracking actual illegal activity (but the only thing likely learned from this raid, was that the Police didn't have a clue, and needed better technicians.)

Re:er this is a bit silly

[rhizome]

You hear all sorts of stories about cops knocking on doors because of loud music or awful smells coming from a house and being nearly killed.

I don't hear these stories, and from my understanding this doesn't happen very often at all, almost to the point of "never." Care to link to some? With it happening "every day," you shouldn't have any trouble finding several just from this year so far, or one from each of the past few days.

But yes, regardless of reality, law enforcement does tend to assume everyone's armed and dangerous. Why this is so is anybody's guess.

Re:er this is a bit silly

[Bob9113]

> Surely the police raided the right people, the owners of the wireless device that facilitated the downloading.

So if somebody walks onto my property, grabs a shovel from my yard, and beats my neighbor to death with it, have I facilitated a murder?

The rest of your post seems reasonable enough. But the phrase "facilitated the downloading" sounds like you are faulting the owners of the open wi-fi node. Open wi-fi nodes are extremely pro-social, despite the fact that bad people exist who misuse shovels and information access.

Re:er this is a bit silly

[meglon]

While your point is valid for that specific event, what the RIAA has been doing is more along the lines of: a car that kind of looked like a car that might be his is all we need to extort everyone with a similar looking car. Your ip address doesn't equal a cars license plate; RIAA has wanted to make it out as it's static, can never change, and the computer it's hooked to can never change, and you are the only person that could ever, ever use that computer.

Re:er this is a bit silly

[Dare+nMc]

>They'd still need to subpoena the ISP
Correct, according to wikipedia, a search warrant has to detail what is to be searched for and how. In the RIAA case, the response was made clear to the judge The RIAA was to "go after" the named. Clearly (to the judge anyway) the direct result from the subpoena wasn't going to be actionable, so did the correct thing and denied it. It is not so clear in the porn case, but I assume a judge accepted the warrant to get the details from the ISP, if that warrant was to obtain more info to investigate, then that judge was correct (In my opinion) to further the investigation by having the ISP supply details (and to gather related data) for the police to further a investigation into a crime. The judge should have known enough info didn't yet exist to name a suspect yet and deny any arrest warrant based solely on IP address. At most, they could have allowed the police a warrant to seize the PC/router, based on the IP address, but not arrest a specific person. If the police decided upon seeing a computer in the house, this allowed them to go from search to arrest, then the Police deserve the blame not the judge.

Re:er this is a bit silly

Replacement car analogy that does match the input:

You're a homeowner with a long driveway. Somebody runs up your driveway trying to get away from a madman. The madman drives up your driveway and runs 'm down, then shoots 'em. Drives off again. Police come, arrest you for owning the driveway.

Re:er this is a bit silly

A car is not a person. A phone number is not a person. A house address is not a person. And yet, if I called you from my phone, invited you to my house, then when you got there ran you down with my car, I shouldn't expect a police raid unless the cops can prove I made the phone call, I was in the house at the time, and I was driving the car? All of which can't be done without seeking assistance from the telco, postal service or vehicle registration dept because that would breach my precious privacy?
Yeah, go fuck yourself. Just because YOU want to keep pirating or downloading kiddie porn doesn't mean your "OH NOES NOT IP ADDRESS!" argument makes any more sense.

Re:er this is a bit silly

Whats the point in having all that shiny military hardware and trained personal
if you can't show it off?

Re:er this is a bit silly

[rubycodez]

You live in a police state that is increasing its strength. Projection of power and intimidation are far more important that effectively dealing with any particular issue

Re:er this is a bit silly

Yeah it is not like downloaders see a policeman and automatically start flushing their computers down the toilet before cowboying up to plug a bunch of pigs.

It seems pretty clear that an IP address can give you probable cause to get a warrant for further investigation. But going in with SWAT teams or being anything other than entirely professional and respectful is just ridiculous and has to be stopped before someone is hurt. The problem with having so many paramilitary units is that law enforcement feels compelled to use them to justify their existence and further funding.

Barney Fife would be perfectly well equipped to handle any college student caught downloading copyrighted material.

Re:er this is a bit silly

I do tech support for a major ISP, and I think we NEED to have a license program for Internet access!!!

Re:er this is a bit silly

[houghi]

Why are SWAT teams raiding houses and kicking in doors at all for suspects who aren't believed to be armed and dangerous?

Because we let them.

Re:er this is a bit silly

Actually the IP address gets you the MAC address as both are contained in the same header but you must get physical access to the hardware to prove that. The cyber crimes division sent them to the physical location that was supposed to have that IP address so they could confirm the MAC address. That is to say check the actual NIC for it's assigned MAC which is burned to memory during manufacture. Kicking the door in is because a cyber crook worth his salt has a degausing ring and an incinerator in his house. along with of course a second NIC he uses when doing shady shiite. Cuz it wasn't me, it was in fact the one armed man.

Re:er this is a bit silly

Cuz it takes 20 seconds to turn on a degausing ring and drop your shady NIC in an incinerator. Leaving the cops to try and prove the melted plastic and blank computer with a different MAC address were used in the commission of the crime. Most people smart enough to commit a decent cyber crime are smart enough to know how to foil police.

Re:er this is a bit silly

muve muve muuuuve!!!! gow gow gow muve muuuve everybody down!!!! lol

Of course an IP address is not a person

[WillAffleckUW]

Everyone knows that only Corporations are People and the users who download data (aka consumers) are more correctly described as Serfs.

or Peasants.

choose one, but the US Supreme Court says only Corporations are People.

wishful thinking

[Lead+Butthead]

Obviously, this won't be settled until it reaches the Supreme Court, but it's a vital 1st step. Go Freedom!

Which by that time TSC will either refuse to hear the case or rule in favor of MAFIAA (remember the politicians that nominated and confirmed the justices are all bought and paid for) and we all be really really SCREWED.

Re:wishful thinking

[MoeDumb]

"ELOI, ELOI, LAMA SABACHTHANI!?" If that's a personal question maybe for being sacrilegeous?

An IP Address can be a person in some cases

[quiksand]

When the ISP I worked for used to get "Notices of Infringement" from copyright holders, I was the one tasked with finding the user who was responsible for the infringement. We would get an IP Address and a timestamp along with the name of the copyrighted material. Since we kept log files for our DHCP server, I was able to tie an IP Address to a MAC Address at the time of the infringement. I was then able to look at the arp cache of our router and tie that MAC Address to a PVC. Once I got the PVC, I tied that back to a DSLAM or SLID which in every case was tied to a specific customer. In almost every case we identified the correct user. There were a few cases where we were unable to find the infringing Mac Address in the arp cache probably because the device was no longer in use.

Re:An IP Address can be a person in some cases

[wmshub]

Ummm...no. You were able to tie an IP address to a MAC address. A MAC address does not equal a person. Especially in the case of a wifi router being the MAC address you found, you have no idea who might have actually been directing the offending internet traffic.

Re:An IP Address can be a person in some cases

[quiksand]

A mac address does equal a person if said mac address is tied to a PVC which is tied to a SLID or DSLAM position which is tied to a specific customer. Our network used different PVCs for each and every circuit and each of those PVCs resided on specific ports on specific pieces of equipment. Users assigned to these ports were then tracked in our billing system, So yes a Mac Address does equal a person. It showed us which persons connection was used at the time of the infringement and if that MAC Address was still in the router and they were still infringing, we'd cut their service and they'd eventually call in. I've never had a case where I backtracked a MAC Address to the wrong user.

Re:An IP Address can be a person in some cases

Still no.... MAC addresses can be easily modified. So what happens if someone uses this MAC address elsewhere? Thats right! It isn't tied to the same person anymore.

Re:An IP Address can be a person in some cases

[SuricouRaven]

No, it's easy enough to determine which customer address used the MAC. So usually (Not always, there are cases of mistaken records, glitches and boundry timeing issues), the ISP can match to a customer address. That doesn't mean an individual, just the household. Could be the billpayer, one of his family, a neighbour hacking the network, a friend of one of the family who brought their laptop around, a computer compromised by a hacker, and so on.

Re:An IP Address can be a person in some cases

[tippen]

And when the MAC address you chased down to a specific house/office is the MAC address of their router? Explain to me again how the MAC address == user?

Re:An IP Address can be a person in some cases

[quiksand]

How many users actually know how to spoof a MAC Address and also remember to change it back once their done? I can tell you, not many of our users knew what an IP Address was. And since there are about 16,777,216 possibilities of mac address, I'd say it would be highly unlikely that a user guessed the mac address of someone else on the network. I can count on one hand the number of times I wasn't able to back track a MAC to a specific user. Only because the MAC address no longer showed up in the arp table. If we couldn't find the user we did nothing with the complaint.

Re:An IP Address can be a person in some cases

[quiksand]

We were an ISP with about 50,000 users, most of those customers residential users. When we did get a complaint for a business user or a user with a router, we would send the notice out to the account holder since they were responsible for the connection. They would then do their own invstigation and we would provide a PC name (which was in the log file) to help them narrow down which device on their network was the culpri

Re:An IP Address can be a person in some cases

A mac address does equal a person if said mac address is tied to a PVC which is tied to a SLID or DSLAM position which is tied to a specific customer. Our network used different PVCs for each and every circuit and each of those PVCs resided on specific ports on specific pieces of equipment. Users assigned to these ports were then tracked in our billing system, So yes a Mac Address does equal a person. It showed us which persons connection was used at the time of the infringement and if that MAC Address was still in the router and they were still infringing, we'd cut their service and they'd eventually call in. I've never had a case where I backtracked a MAC Address to the wrong user.

Emphasis mine. Prove that the person who's name is on the account was the same person doing the downloading. The only thing you've managed to prove is that a connection setup under someone name was used in the commission of the alleged crime. You still have no proof, the same person who's name is on the account was the one committing the infringement.

Another example, if a car was used in the commission of a crime, the police can use the license plate to identify the owner and question him to determine if he committed the crime. They can't charge that person with the crime unless they can prove that same person was driving the car at the time of the crime.

Re:An IP Address can be a person in some cases

[quiksand]

That customer was responsible for the use of that connection. The SLA they signed made that clear.

Re:An IP Address can be a person in some cases

Explain how you are able to account for the location and activities of every single user in your log files. Just because a connection is in use, doesn't mean the person who's name is on the account is the one using it. The mac address is the equivalent of a car's VIN/license plate. It identifies a tool that can be used to commit a crime but it does not identify the person committing the crime.

Re:An IP Address can be a person in some cases

[quiksand]

You do know that MACs are hardware IDs and don't get passed around and used by multiple users.

Re:An IP Address can be a person in some cases

[SuricouRaven]

Of course I do. I also know that almost all households now have their own router, which the ISP doesn't control, and which has the only MAC the ISP is going to get to see. They can't trace the customer side of that router. It is not in their area of authority.

Re:An IP Address can be a person in some cases

[gmhowell]

If contracts were as clear as you pretend, we wouldn't need attorneys, lawyers, and most civil court proceedings.

Re:An IP Address can be a person in some cases

And since there are about 16,777,216 possibilities of mac address, I'd say it would be highly unlikely that a user guessed the mac address of someone else on the network.

First of all, MAC addresses are 48 bits long, not 24. Your math is wrong.

Second of all: There's no need to guess any MAC-addresses at all. What if your customer have a WiFi AP and someone else is connected to that AP? Would your "investigation" find the customer or the WiFi-user?

Re:An IP Address can be a person in some cases

[SETIGuy]

Most routers have a "change MAC address" setting. A college near here asks students for their ethernet and wifi MAC addresses when giving them network access, and it only gives DHCP addresses to MAC addresses is recognizes. So every student living in the dorms knows how to spoof a MAC address with their router, ipad, phone, or any other device they want to put on the network. And this ain't MIT, it's a small liberal arts college. So I'd guess anyone young enough to be interested in pirating music, software, or movies would know how to spoof a MAC address. Most of them wouldn't bother for something as common as downloading music.

Anyone doing something really illegal would probably have found out about how to misdirect the police from the other criminals they associate with. I'm surprised that kiddie porn freaks would ever get caught by an IP address trace.

Re:An IP Address can be a person in some cases

[SETIGuy]

So, someone breaks into my house, ties me up, and uses my computer to upload plans for a terrorist plot, then leaves. I go to jail for being a terrorist?

If not, what's the difference between that and someone breaking the Woefully-inadequate Encryption Protocol (WEP) on my wireless router?

Re:An IP Address can be a person in some cases

[Travelsonic]

You do know that multiple people can use one piece of hardware, right?

Re:An IP Address can be a person in some cases

[nolife]

Your contract with the customer has nothing to do with who was actually using the internet at the time. What do you really not understand about that?

Listen man, you can pinpoint that one specific customer of your services had that IP/MAC at that time, you have NO IDEA who was actually sitting at that computer(s) behind that mac address. What SLA do you have that states that only the persons name on the contract can use the computer, not their relatives, the baby sitter, the neighbor over their wireless (hacked or open AP), their kids friends, etc? This was a CRIMINAL case, not a contract violation. It really should not be that hard to comprehend.

Another car analogy... I can rent a car and be the only authorized driver by contract. If I lend it to someone and they commit a crime, the police still have to PROVE who was driving the car. Sure, the rental place can charge me for the damages to the car under that contract and I can sue the real driver to get my money back from him but do you see the difference?

Re:An IP Address can be a person in some cases

[tftp]

Prove that the person who's name is on the account was the same person doing the downloading.

This is not the question that ISP was asked - and obviously no ISP can, using technical means, answer that question.

Once the computer is identified then the investigation can proceed (as appropriate) to further narrow down the list of possible users. A 95 y/o grandma is probably not the one downloading rap, but a 14 y/o grandson might be.

Re:An IP Address can be a person in some cases

And you should know that even if the device is the same the Mac addresses on the are different.

Re:An IP Address can be a person in some cases

[stretch0611]

In linux, you can change your mac address with 3 simple lines:

ifconfig {device} down
ifconfig {device} hw ether 01:02:03:04:05:06
ifconfig {device} up

Where {device} is the device name (usually wlan0 or eth0) A simple google search will tell any user this information. When you reboot, your MAC address is reset back to the hardware default.

Plus, Setiguy already explained that it is even easier to change a router's MAC address.

Re:An IP Address can be a person in some cases

[Just+Some+Guy]

You do know that MACs are hardware IDs and don't get passed around and used by multiple users.

Dude, quit. You are obviously in the wrong line of work if your view of the fundamentals of your career is so obviously, demonstrably wrong.

Re:An IP Address can be a person in some cases

[houghi]

I have a script that does the wireless connection for me. If it doen't connect to my network, it will run macchanger -r wlan0

Re:An IP Address can be a person in some cases

[SockPuppetOfTheWeek]

You do know that MACs are easily-changed hardware IDs and do get passed around in every wireless packet that's transmitted and can be used by anyone who wants to grab one and use it?

Re:An IP Address can be a person in some cases

[mark-t]

The MAC address may not be the actual infringer, but it *does* directly map to a person who is supposed to be accountable for the activity that utilizes the services offered to that MAC address, and by virtue of the terms of usage agreement that the customer agreed to when they first subscribed to that ISP's service alone, they could reasonably be held civilly liable for any damages caused.

Don't like it? Either lock down your wireless router, or else move to a country where ISP's don't prohibit criminal activity on their subscribed lines.

Time to study up on your IPv6!

The only thing that is allocated to you at your home router in the IPv6 world is a PREFIX which is equivalent to a range of addresses A LOT bigger than 256. (probably would be a /56 allocation). Also, you have many options for doing the addressing internally with that prefix. Most network adapters will add the mac address to the prefix to get the IPv6 by default. But that is easily changed on your computer to instead add a random set of hex numbers to the prefix to get your address. Also, in IPv6 each physical adapter can have multiple IPv6 addresses. Windows 7 does this when you receive and IPv6 address on a public network, such as a coffee shop. This is done so as to NOT be able to track a person by mac address. So in some ways, IPv6 would obscure your computer like a needle in a much bigger haystack, much better than IPv4 does.

Re:Commercial interests would love fixed IPv6 addr

[tripleevenfall]

Can you imagine the personal information gathering and targeted advertising you could do with fixed IPs?

Imagine how much Google and Apple could compile... the targeted ads they could send you... the lists they could make available for sale to advertisers...

Finally

[DaMattster]

A ruling that makes sense from a judge that bothered to learn something about technology. These days, most basic broadband connections have dynamic IP addresses which means, hello, that they change. Any broadband subscriber could have had that address at a given time depending upon if a router or computer was rebooted.

house made of straw

[sharkmonger]

You might like the conclusion of the order, but unfortunately the judge failed to include legal support for his arguments (citing an msnbc article does not count). He also leaves no avenue for copyright holders to get the names of the account holders--he just speculates on possible defenses for the defendants, moans about the difficulty of defending a federal lawsuit, and then denies discovery. This is not the model ruling pirates have been waiting for--there is no way this order stands up on appeal.

Re:house made of straw

[TopSpin]

but unfortunately the judge failed

Stipulate for a moment that the ruling is rock solid, will stand up to every challenge and forever precludes IP addresses as evidence. Law enforcement will just adopt some other technique to relate network activity to households and/or individuals. Broadband services usually have an authentication phase between the modem and the service. If this isn't already sufficient it could be extended with a TPM chip and a key-pair. That requirement might appear with 'net neutrality debacle round II' and will be the one part that doesn't get obviated by congress.

All this ruling does is inform law enforcement that they need to go further to correlate network activity to defendants. The cops will rapidly adapt and nothing significant will change, because this isn't about the insightfulness of some district court judge. This ruling is just a small step in the tortuous process of nailing down exactly what is evidence in a court.

Customer responsibility

[Phaeilo]

I dislike these 'pay-up-or-else-schemes' as much as anybody else. But in shouldn't each ISP customer be accountable for what happens on their connection? If you decide to share the connection with your family/friends/neighbours it's your job to ensure that they don't abuse it. Otherwise anyone could set up an open wifi and deny any responsibilities for what happens on the connection...

Re:Customer responsibility

[cdrguru]

Why would you want anyone to be responsible?

Part of me would really like to see a court ruling that says "It happened on the Internet and everyone knows it could have been anyone." A ruling that would reinforce the idea that a lot of people have that the Internet is a consequences-free zone. You can do anything and get away with it because nobody knows exactly who you are. Holding some random account holder for the Internet connection responsible might be fair, but it isn't being done.

So then piracy becomes a non-issue for real. The fact that only a very, very few people involved in piracy are ever prosecuted tends to make people think the odds are in their favor, and for the most part, they are. So is downloading kiddy porn - if you don't show it to your friends, neighbors or sex partners nobody will ever know about it. So nothing is going to happen to you.

On the other hand, there is a small step from downloading movies and music for free to starting up some phishing operation to get a few more dollars in the old wallet. If you can't be prosecuted for file sharing then how can you be prosecuted for stealing on the Internet? So why not?

Chasing down the account holder by IP address makes great deal of sense. Then you grab computers and find out which one has the pirated materials on them and that leads to more troubles for the computer user/owner. Saying you can't start with an IP address means you can't start and that just means that phishing and every other sort of activity on the Internet is perfectly legal... because all you have is an IP address.

Re:Customer responsibility

[nolife]

It is your job to enforce the contract (agreement) with your ISP TOS. If you violate the TOS, they can cancel your account or whatever they decide to do for a breach of contract. That is soley an issue between you and your ISP. What happens illegally and involves criminal punishment has nothing to do with that, the police have to prove what person actually committed the crime. Not some random person who has his name on the ISP bill.

Using your logic of the IP, why doesn't the RIAA sue the ISP, after all, they own the IP address, why not sue the ISP's provider? Why do you think the IP trail should suddenly stop at someone called a "customer of the ISP whose name is on the bill"? Common carrier status should not end at the ISP billed customer name.

Ummmm

[Schmyz]

...doesnt point to a person yet... Just wait till they start coding your DNA to an IP address... (putting back on my tinfoil hat)

Still Wrong

This ruling will be appealed and overturned. Most Circuit Courts of Appeal, although not the Seventh, have recognized that there is enough of a link between an IP address and an internet subscriber to at least provide probable cause to suspect the subscriber of online activity. If the court could completely discard IP information, then there would be a complete lack of legal remedy for tortious and criminal online activity.

I recently wrote a law review article on this topic. I'd love to have the Slashdot community's reaction.

Balancing Expectations of Online Privacy: Why Internet Protocol (IP) Addresses Should be Protected as Personally Identifiable Information
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1621102

Re:Still Wrong

[SockPuppetOfTheWeek]

Most Circuit Courts of Appeal, although not the Seventh, have recognized that there is enough of a link between an IP address and an internet subscriber to at least provide probable cause to suspect the subscriber of online activity.

You can't successfully sue someone for probable cause to merely suspect. You have to get enough probable cause to reasonably be certain, and you can't shotgun a bunch of people with a lawsuit for mere suspicion. You have to find probable cause to believe that they did it on a case-by-case basis, which means you have to sue them all separately, at which point you'll be able to use reasonable measures to determine whether or not they were the person infringing. Which is exactly what they do not want to do, because they're lazy: they would much rather knowingly target a whole group including many innocent people and force them to have to prove their innocence on a case-by-case basis than they'd like to have to prove case-by-case that the guilty ones are guilty like they're supposed to have to do.

Re:Still Wrong

That's certainly what should happen, but it is not the current state of the law. There have been dozens of lawsuits in which hundreds of people were sued based initially on nothing more than copyright infringement occurring from an IP address. As I detail in my article, courts are fairly willing to allow plaintiffs to unmask online actors based on their IP addresses, conduct discovery to determine if they are the correct defendants, and then proceed with lawsuits if they are. The problem I have with this is that most courts provide absolutely no consideration for the online actors' privacy interests. The obvious risk is that discovery will be conducted to reveal a completely innocent party, who gets dragged in the mud for months or years or is intimidated into settling for something they did not do.

In criminal cases, you have no reasonable expectation of privacy in your IP address information. Period. The government can subpoena ISPs for whatever information they have on file with very little shown to the court. Basically they have to state that the information would likely be helpful to an ongoing criminal investigation. Easy.

In civil cases, most plaintiffs have to go to the court, show that they have a claim ("my copyright is being infringed"), and state that a subpoena to the ISP would likely reveal the proper defendants. The ISP may notify its users but it is not legally obligated to do so. Then, the plaintiff can take action against those individuals, but they still have to prove the infringement.

Re:Commercial interests would love fixed IPv6 addr

advertisers would *love* to have user information tracked by static IP addresses and ideally even per-device MAC addresses that can be encoded into IPv6 addrs

But they already do have majority of that information. When you get your "dynamic" IP address, it is not really dynamic. It is quite static to the area you live in. Secondly, MAC address have no value. Thirdly, MAC addresses are NOT required to be part of IPv6 address - Windows 7 picks a random number, AFAIK.

On the other hand, static IP addresses allow users to actually participate in the internet as a network of peers. Skype, SIP, and ability to access your data remotely are all possible if you have static IP. Dynamic IP wrecks havoc on these protocol, irrespective of the counter measures deployed.

Static network assignments, like IPv6 /64, is the antithesis of provider-consumer model. Currently we have a broken internet, and there are people that fight any improvement simply because it means "change" and transfer of power to the end user.. It's almost like the media conglomerate is trying to spread misinformation..

Re:Commercial interests would love fixed IPv6 addr

[StripedCow]

I just found an interesting blog post on this topic: http://www.christopher-parsons.com/blog/technology/ipv6-and-the-future-of-privacy/

To get you interested here's a snippet:

Fortunately, the good engineers that develop Internet Protocols were aware of the potentially devastating consequences that static IP addresses for each device would have on anonymity online and, as a result, privacy. The Internet Protocol next generation (IPng) working group crafted a solution that involved creating;

        pseudorandom interface identifiers and temporary addresses using an algorithm The temporary address would not derive from a completely random generation process, which might result in two computers generating the same number, but instead would produce a temporary pseudo-random sequence dependent on both the globally unique serial number and a random component. The number would be globally unique because it would derive from the interface identifier and from the history of previously generated addresses, but would be difficult for an external node to reverse engineer to determine the source computer. [3]

In layman’s terms, this means that the engineers responsible for IPv6 were mindful of the surveillance capacities of the new Internet Protocol, and built privacy into a system that would otherwise lend itself to surveillance and authoritarian tendencies. The catch, however, is that is requires the parties responsible for assigning IP addresses to participate in the pseudo-anonymization process itself: it’s possible for ISPs to forcibly assign particular address to each and every device on their network.

Re:Right Handful

[TaoPhoenix]

Don't all those IP cases go through East Texas? So what's the appellate court for that?

I am a not a number. I am a free man.

[bugi]

Obvious reference:

http://en.wikipedia.org/wiki/Number_Six_(The_Prisoner)#I_am_not_a_number.2C_I_am_a_free_man

why don't they seize everything at a Starbucks

So you are saying that every time police needs to follow a clue, it is perfectly acceptable to break down the door, throw everyone to the floor with guns to their head and take everything electronic inside.

For some reason, if the download point had been an open wifi at Starbucks or some other ISP, they don't follow that procedure, but if it's at someone's house, then it's ok.

They went in force and with guns and SWAT for someone not suspected of violent crimes, suspected of downloading something over the internet. I don't get that logic.

Re:why don't they seize everything at a Starbucks

They could have sat outside in the Flowers By Irene truck and picked him up on his way to get the newspaper or on his drive to work. Sadly, I think a lot non large city SWAT teams sit around with itchy trigger fingers because the other 99.9 percent of their time on the clock is administrative and physical training. They look forward to every chance they get to bust some doors down and their management loves for them to get involved in any way they can so he/she can justify the budget for them.

Privacy

Ok I'm new here, but I hail the decision. I'm not Ok with people downloading Child porn, however don't be fooled by the conclusions and needs of law enforcement always using the most extreme use of the internet as an excuse. The IP address is not nor has ever been a person identifier and can easily be spoofed. In any event even if it was a true identifier of the end use, it does not identify who, all it serves is at most what, when and where, and if you know how your already in the wrong spot.

Further it does not matter how much security you have on the router, how much encryption, it's all easily and readily hacked. maybe that is beyond some, however it is not beyond someone with the motivation to learn how, with Google, who may be using the internet for downloading the kiddie porn.

Lazy Law Enforcement virtually right clicking and hitting properties then raiding a house should be and needs to be banned, put down the donut and do some police work for jeepers sake. Far to many people have gone to jail or been subjected to these false accusations because Law Enforcement is stupid or lazy or both.

Now for my analogy, if someone uses my newspaper to club someone to death, am I guilty of Murder, because I subscribed to the Murder weapon. Law Enforcement including Jury's would and in fact say's "yes" far to often.

I'm not giving up my right to privacy so the Police don't have to put down their donut, do some old fashioned Police work, it's not that hard.

Re:Right Handful

[SETIGuy]

Those circuits (both state and federal) are very popular for corporations of all sorts. The federal is the 5th Circuit.

Re:Commercial interests would love fixed IPv6 addr

So get like... Fifty thousand addresses and change it every day?

Open wifi = good

Surely this ruling should help convince people that keeping an open wifi connection is a good thing.

Sure, it sucks for the people who were raided, but the more failed raids there are, the less reason there will be to undertake those raids.

I've made this argument too!

Several times in fact. You have to PROVE it was ME using the computer and network in question.

They Bribed Clarance Thomas...

[rsilvergun]

it's a well known fact Chief Justice Clarance Thomas received what can only be called bribes. If they can get away with bribing Supreme Court Justices what are the odds they won't do the same to a regular run of the mill judge?

Re:They Bribed Clarance Thomas...

[JosKarith]

Just read the Wikipedia entry on him - it states that he's strongly opposed to and form of Affirmative Action. Kind of hypocritical considering he was obviously selected to replace a retiring African-American judge to keep a quota.

Re:They Bribed Clarance Thomas...

[intheshelter]

Anita stop the madness!!

Re:They Bribed Clarance Thomas...

If you could actually look past his skin color for half a moment, you might observe that he's actually a brilliant individual. Whereas if the American voters had looked past the skin color of our current president he'd never have been voted into office. But people such as yourself can rarely see anything beyond their skin color and it would never occur to you that someone might actually be qualified without needing affirmative action, or that it might be a bad idea to give affirmative action to someone so obviously unqualified as Obama was.

Re:They Bribed Clarance Thomas...

[Coren22]

It is good to see that Judges who are African-American (I hate that word...) can even see that Affirmative Action is racism. I had to explain this to a black coworker recently, and I don't think he understood even then. He thought it was perfectly fine that with less experience and training he was more likely to get a job then me, because I am a white male.

Re:They Bribed Clarance Thomas...

[swalve]

Affirmative action was a temporary solution to a problem that really had no other solution. The society had some built-in biases against minorities, and this was a way to tip the balance a little. For the longest time, and I'm sure to this day, there existed a bias for the white guy. If a hiring or admissions decision was a coin-flip, it went to the white guy. So, AA said it should go to the black guy for a while. I think we are getting close to a time when this is no longer necessary, however. Fairness is starting to grow in our society, and people in decision-making positions are less likely to have biases.

But you are correct in that AA had an unfortunate side-effect. Many implementations began to define quotas, and people started to get the idea that AA shouldn't just tip the coin-flip cases, but that it should reward group membership over competence.

However, clearly some racism exists when people STILL have to refer to Justice Thomas by his race. His opinion of AA has no more value because he is a black guy than anyone else's. Maybe when people can stop with the tokenism, we can stop AA.

Re:They Bribed Clarance Thomas...

[Jane+Q.+Public]

I think you have that backward. A long as discrimination is sanctioned by the government (e.g., Affirmative Action), tokenism will never go away, because it can't.

Re:Commercial interests would love fixed IPv6 addr

Gee whiz fun fact, there are so many possible IPV6 addresses that you can just make up a new one whenever you want and throw out the old one.

In fact I believe windows does this by default.

an ipv6 for everyone?

[Sait-kun]

Just you wait in a few years everyone will get his won ipv6 address on his birth certificate.

Re:Right Handful

You spelt 'curcus' wrong.

US Judge defending private interests

FTFY

Won't last

[darjen]

Once in a while, a glimmer of sanity appears in our court system. Then it goes away, not to be seen again for years and years.

Re:Commercial interests would love fixed IPv6 addr

[gr8_phk]

Can you imagine the personal information gathering and targeted advertising you could do with fixed IPs?

Can you imagine the improved privacy offered when something like your FaceBook profile becomes an App running on your local wall-wart server that can only be accessed friends you choose (i.e. whitelist by IP)? How about the ability to make video phone calls directly to someones IP address without the need for any intermediary to make the connection? email server at home with no ISP storing and mining data or serving it to others? All of the real personal data becomes private. The only thing left is your surfing of public sites and downloading which can be tracked by IP. The really personal stuff gets to stay private.

Re:Commercial interests would love fixed IPv6 addr

[Punchinello]

Can you imagine the personal information gathering and targeted advertising you could do with fixed IPs?

Imagine how much Google and Apple could compile... the targeted ads they could send you... the lists they could make available for sale to advertisers...

This would be fantastic. I prefer ads to be targeted to my interests. I find it to be much more useful than random ads for things I do not care about.

Re:Right Handful

[tehcyder]

You spelt 'curcus' wrong.

Lucky you corrected him then!

Re:Commercial interests would love fixed IPv6 addr

[swalve]

I'm not sure what you are saying. The ISP should provide the /64 subnet to you, or you should have your own /64 subnet that you carry around irrespective of ISP? If it's the latter, good luck with the routing tables.

IPv6 Address Privacy Mode is Limited

[billstewart]

Windows does this, but only within the same /64 subnet - the network bits (typically /56 or /48) and the subnet bits (any more bits to get to /64) stay the same. IPv6 address privacy hides which computer on the subnet you're using (and because it's hiding the MAC address, also hides what manufacturer of Ethernet chip you have), but it's still giving away a lot of information, especially if you've got different subnets for wired and wireless networks (typical.) You could get fancy and modify DD-WRT to switch off the subnets you're using a bit, but they'll still be on your house's IPv6 network number.

The big win that you get from IPv6 address privacy is with laptops that you use at different locations - otherwise you'd be trackable as you move from home to Starbucks to work to the pub to that dodgy nightclub to your friend's party. (Of course, if you keep checking in with Foursquare and tweeting geotagged pictures, there's nothing IPv6 can do to help you, but it's not their problem.)

All Cases

[b4upoo]

A duty of proof exists in all cases. Short cuts for the convenience of any portion of society are not reasonable. This includes proof of who downloaded an item and should even apply to things like parking tickets where it is not know exactly who parked the car or failed to feed the meter.

Re:Commercial interests would love fixed IPv6 addr

with ipv6 you can also have a new address at any time... a kind of global, serverless dhcp.

Broken Analogy

Assuming you're making a sarcastic comment, a better analogy is more like giving you a speeding ticket because your neighbor stole your car a couple months ago and took it for a joy ride without your permission, to which he frequently does.