In <email@example.com> firstname.lastname@example.org
(Robert Bonomi) writes:
( lots snipped )
>> [TELECOM Digest Editor's Note: But many IP addresses are not static,
>> but dynamic. What do they do then to find the person who 'stole' the
>> movie or the piece of music? PAT]
> *READ* what I wrote, above. They have the IP address _and_ the timestamp.
> The subpoena the ISP to *find*out* _who_ was using *that* IP address *at*
> *that*time*. The _ISP_ *does* have that information, from authentication
> logs, etc. _Now_ they have the person's name, to replace the "John Doe"
> on the lawsuit.
> [TELECOM Digest Editor's Note: But as someone else noted in a message,
> not all ISPs keep that information around very long. Once they have
> had a chance to do what they need with it, the information is dumped.
> And if someone called in on a dialup line and hacked a real user's
> name and password then they would have nothing to go on would they?
The bit of hacking a "real user", etc., is an annoyance but not the
major issue. Of far more concern is that, thanks (or no thanks) to
such massive (ab)use of the legal system by the RIAA (and others) many
ISPs, and many other groups that would have records, are trashing them
as soon as they're not absolutely necessary for system functioning.
This has potential to cripple valid and serious investigations.
With the emphasis that I'm speaking for myself and not for any group
I'm associated with, if the FBI came by and was looking for info to
help track a shipment of plutonimum, or to figure out where a car
bomber was connecting to the internet, I'd give them all the
assistance I could.
However, I most assuredly do NOT want to get into the midst of a
pissing match between the RIAA and music sharers. Or, for that matter,
divorce proceedings. Or thousands of other relatively minor incidents,
which, while important to the people involved, are of no social
The net result of the RIAA, etc., hassles is that a huge amount of
useful infomration that could be crucial in major cases is destroyed.
(Let me repeat here that it's not just the RIAA but they're the most
visible. It's also not just ISPs that see this concern. Taken to
extremes you'll find pizza stores dumping records so as not to get
dragged into investigations of adultery in divorce cases ...).
And I fear we're going to see exactly this scenario, one in which the
feds have a _valid_ and _crucial_ need to find out which internet
connection was used six weeks ago to, say, check out suppliers of
geiger counters, but all the records are long since destroyed.
Knowledge may be power, but communications is the key
[to foil spammers, my address has been double rot-13 encoded]