Security Experts:

EFF Warns Police, Courts About Unreliability of IP Addresses

A report published this week by the Electronic Frontier Foundation (EFF) warns about the misuse of IP addresses by police and courts, and makes recommendations on how such information can be used efficiently.

An increasing number of incidents shows that law enforcement often considers IP addresses a clear indicator of a person’s location or identity. For instance, several privacy activists maintaining Tor exit nodes in their homes have been raided by law enforcement investigating child pornography and other crimes. Internet mapping services that provide a default location when only limited information is available has also caused problems for innocent individuals.

Another issue is that police often overstate the reliability of IP address information when trying to obtain a warrant or subpoena. According to the EFF, law enforcement also often uses inaccurate metaphors to explain IP addresses, such as comparing them to physical mailing addresses and license plates.

Some judges have begun to realize that an IP address is not enough to determine someone’s guilt. In one such case, a federal court in Oregon dismissed a direct copyright infringement complaint against an individual who allegedly pirated a movie.

However, there is more work to be done and the report published by the EFF aims to teach law enforcement and courts on how to reliably use IP information when investigating crimes. The organization pointed out that improper use of such data is especially risky when trying to determine someone’s identity or physical location.

The EFF has advised police to treat IP information the same as tips received from anonymous informants. When it gets information from an anonymous informant, law enforcement must also demonstrate probable cause in order to obtain a warrant. Digital rights advocates believe the same skepticism must also be applied by courts and police when provided with IP addresses.

“Law enforcement must be required to investigate further, including identifying other electronic or physical evidence that corroborates their theory that evidence of the crime is likely to be found at the physical location that is associated with a particular IP address,” the EFF said in its whitepaper. “And courts must be informed of the technological limitations of the evidence so that they can independently ensure that IP address information is reliable before authorizing law enforcement intrusion into individual privacy.”

For a more reliable use of IP information, police and judges should ensure that the link between an IP and a location is based on data from an Internet services provider – rather than a mapping service that could be pointing to a default location – and physical surveillance of the property.

As for tying an IP to an identity, law enforcement and courts should make sure that the IP is not associated with a home or organization where several people use the same Internet connection, and that the IP is not associated with servers used to operate the Tor anonymity network.

Related Reading: Kernel.org Hacking Suspect Arrested in Florida

Related Reading: Two Men Arrested in U.S. for Hacking Emails of Top Officials

Related Reading: Alleged Operators of DDoS Service Arrested in Israel

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.