Eric Gauthier wrote:
Heya,
In the US, folks are fighting the RIAA claiming that an IP address isn't enough to identify a person.
In Europe, folks are fighting the Google claiming that an IP address is enough to identify a person.
I guess it depends on which side of the pond you are on.
They are both right. If you have a dynamic IP such as most college students have, it is here-today-gone-tomorrow.
Our University uses dynamic addressing but we are able to identify likely users in response to the RIAA stuff. There is a hidden step in here, at least for our University, in the IP-to-Person mapping. Our network essentially tracks the IP-to-MAC relationship and the MAC-to-Owner relationship. For us, its not the IP that identifies a person, but the combination of IP plus Timestamp, which can be used to walk our database and produce a system owner.
There are a couple of ways that can break down. "Hey, dude, lemme borrow your laptop for a minute." Or "ifconfig eth0 ether aa:bb:cc:dd:ee:ff"
I'm guessing that Google et. al. have a similar multi-factor token set (IP, time, cookie, etc) which allows them to map back to a "person".
Which, for similar reasons, does not, in any absolutely reliable way, identify a *person* at the keyboard. -- Jeff McAdams "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin