Security Experts:

Connect with us

Hi, what are you looking for?


Tracking & Law Enforcement

EFF Warns Police, Courts About Unreliability of IP Addresses

A report published this week by the Electronic Frontier Foundation (EFF) warns about the misuse of IP addresses by police and courts, and makes recommendations on how such information can be used efficiently.

A report published this week by the Electronic Frontier Foundation (EFF) warns about the misuse of IP addresses by police and courts, and makes recommendations on how such information can be used efficiently.

An increasing number of incidents shows that law enforcement often considers IP addresses a clear indicator of a person’s location or identity. For instance, several privacy activists maintaining Tor exit nodes in their homes have been raided by law enforcement investigating child pornography and other crimes. Internet mapping services that provide a default location when only limited information is available has also caused problems for innocent individuals.

Another issue is that police often overstate the reliability of IP address information when trying to obtain a warrant or subpoena. According to the EFF, law enforcement also often uses inaccurate metaphors to explain IP addresses, such as comparing them to physical mailing addresses and license plates.

Some judges have begun to realize that an IP address is not enough to determine someone’s guilt. In one such case, a federal court in Oregon dismissed a direct copyright infringement complaint against an individual who allegedly pirated a movie.

However, there is more work to be done and the report published by the EFF aims to teach law enforcement and courts on how to reliably use IP information when investigating crimes. The organization pointed out that improper use of such data is especially risky when trying to determine someone’s identity or physical location.

The EFF has advised police to treat IP information the same as tips received from anonymous informants. When it gets information from an anonymous informant, law enforcement must also demonstrate probable cause in order to obtain a warrant. Digital rights advocates believe the same skepticism must also be applied by courts and police when provided with IP addresses.

“Law enforcement must be required to investigate further, including identifying other electronic or physical evidence that corroborates their theory that evidence of the crime is likely to be found at the physical location that is associated with a particular IP address,” the EFF said in its whitepaper. “And courts must be informed of the technological limitations of the evidence so that they can independently ensure that IP address information is reliable before authorizing law enforcement intrusion into individual privacy.”

For a more reliable use of IP information, police and judges should ensure that the link between an IP and a location is based on data from an Internet services provider – rather than a mapping service that could be pointing to a default location – and physical surveillance of the property.

As for tying an IP to an identity, law enforcement and courts should make sure that the IP is not associated with a home or organization where several people use the same Internet connection, and that the IP is not associated with servers used to operate the Tor anonymity network.

Related Reading: Hacking Suspect Arrested in Florida

Related Reading: Two Men Arrested in U.S. for Hacking Emails of Top Officials

Related Reading: Alleged Operators of DDoS Service Arrested in Israel

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe


Russian Vladislav Klyushin made tens of millions of dollars by hacking into U.S. computer networks to steal insider information.


A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...