10 July, 2013

Retrospective - IP Addresses and Identification of Copyright Infringers

One of the more controversial aspects of the Internet is often thought of being the anonymity it offers to users. With nothing to particularly identify you as an individual, unless you provide specific information pertaining to who you are, the Internet often brings out both the good and bad in people; "Surely I can download this album or tell this person off, seeing as no one will know I did it?" There are methods of identifying someone, but as they stand today they are ineffective in pin-pointing exactly who did what, only giving an indication as to who might have been the infringer. The more predominant of those is the use of Internet Protocol addresses, or as they're more commonly known as; IP addresses.

"No Dale, you don't need to wear a balaclava on the Internet"
An IP address when put into simple terms is an indicator of a network and a device connected to that network. This is represented in a numerical fashion, such as 123.456.78.9. The numbers themselves represent the host network used and the location of that network. This information can be used to locate a person who has for example infringed copyright or done other things online which are deemed illegal. The problem with this method of identification is that it does not exactly tell us who has committed the infringement, but merely the location of the act. This essentially means that if Child A downloads music using his home Internet connection, shared by his Parents and Child B, the authorities will not be necessarily able to tell who in that household has committed that offense. This rough information can potentially be used in more questionable litigation processes, but has been used successfully in the prosecution and identification of individual in such proceedings.

"Sshh, I'm hunting infringers"
A case which dealt with the usability of IP addresses as a method of identification happened in early 2012 in the United States. K-Beech v John Does dealt with anonymous users (80 in total) who downloaded several videos of a not-so-family-friendly variety using BitTorrent technology, a work which was owned by K-Beech Ltd. In their application K-Beech alleged that the John Does had infringed their copyright by making an illegal copy of the work. These users were only identified through their IP addresses, and the court in its judgment deliberated whether it could be an accepted form of identification in such cases. Judge Brown made an interesting analogy in the matter: "An IP address provides only the location at which one of any number of computer devices may be deployed, much like a telephone number can be used for any number of telephones... it is no more likely that the subscriber to an IP address carried out a particular computer function – here the purported illegal downloading of a single pornographic film – than to say an individual who pays the telephone bill made a specific telephone call." This brings to light the point made above as to the ambiguity to who committed the given infringement in an Internet network. Judge Brown further expanded that with the ever-growing popularity of wireless connections the accuracy is fading even more, due to the even wider access to any given network by a larger number of individuals. In evidence to this the court drew on a previous judgment where it was noted that in 30% of cases the names which were given as the identified users were incorrect as to the infringing person.

What is important in the final observations of the case is the acceptance by the judiciary that an IP address can no longer effectively identify a user committing an infringement. Along with this proxy servers (a method where all network use is routed through a third-party server somewhere else, even on the other side of the globe) have even further blurred the line of actual user and who can be identified based on IP addresses alone. Judge Brown perfectly summarized this point in his conclusion relating to this point:
"In sum, although the complaints state that IP addresses are assigned to “devices” and thus by discovering the individual associated with that IP address will reveal “defendants’ true identity,” this is unlikely to be the case. Most, if not all, of the IP addresses will actually reflect a wireless router or other networking device, meaning that while the ISPs will provide the name of its subscriber, the alleged infringer could be the subscriber, a member of his or her family, an employee, invitee, neighbor or interloper."
Since the case there have been other instances where the courts have further affirmed this point and can be seen as to have closed this avenue of identification for good, at least in the US. What can be said is that this is a positive development, since the ambiguity of the true user can lead to problems for people who have absolutely nothing to do with the matter. Of course one has to emphasize individual responsibility and the need for measures to prevent such uses, but with evidentiary standards being much higher in criminal proceedings for example, it would seem odd that such an inaccurate method of identification could have been accepted.