A new white paper from the Electronic Frontier Foundation argues that police rely too heavily on IP addresses when conducting criminal investigations.
The paper [PDF], written by EFF executive director Cindy Cohn along with legal fellow Aaron Mackey and senior staff technologist Seth Schoen, argues that the numerical addresses are neither accurate nor specific enough to serve as the grounds for police to conduct searches of suspected criminals.
"The digital revolution has given law enforcement more tools to help track and identify us than ever before. Yet as law enforcement increasingly relies on electronic evidence to investigate crimes, one of the most readily available tools, Internet Protocol addresses (IP addresses), have become increasingly misused and misunderstood by law enforcement and judges alike," the authors argue.
"Law enforcement too often overstates the reliability of IP address information in seeking warrants and other process (such as subpoenas), using metaphors that create a sense of certainty where it does not always exist."
Citing cases where individuals had been wrongly searched or arrested for crimes that were traced back to their IP address, the EFF noted that IP addresses become limited when trying to trace the activity of a specific user and machine.
The white paper notes that when users share their connection via an open Wi‑Fi network or run a Tor exit node, their IP addresses can be identified as the source of the illegal activity without specifying who precisely is committing the crime.
"EFF recognizes that many police already treat IP addresses as the starting point in their investigations and do more work before seeking a warrant. But for others in law enforcement, this is not always the case," the white paper notes.
"Police must therefore understand that IP addresses alone are not always reliable enough to pinpoint an exact location or individual because the technology was never built for those functions."
Rather than use IP addresses to justify searches and arrests, the EFF recommends that police and courts treat IP information as they would an anonymous tip. In such cases, the paper argues, police would use the IP address as a starting point and then seek additional evidence.
"As with informants, the IP address information that police provide in warrant applications requires explaining the context and corroboration, including: where the address information was obtained, how that was mapped to a physical location or a person, and whether there are other facts that bear on its reliability, such as the listing of the IP address on a Tor server list," the authors argue.
"Thus, these cases can provide a guide for police, prosecutors and courts in thinking about how to scrutinize IP address information contained in warrant applications." ®