The Office of the Privacy Commissioner of Canada publishes new research that shows how much information can be gathered from an IP address. They perform a number of standard lookups such as WHOIS to build a profile of a given IP address and more importantly the person behind that IP address: you are not as anonymous as you’d like to be.
Somewhat more interesting is the walkthrough of the The Petraeus incident, which shows in detail how ISPs, Google and the like manage their logs and provide them on a court order.
- An individual received a number of “anonymous” harassing e-mails and asked the FBI to investigate. Copies of the e-mails were made available to the FBI;
- Although the messages were sent from an anonymizing service, the IP addresses from which they were sent were available in the e-mail headers;
- From knowledge of the source IP address(es), the FBI was able to identify the organization to which the IP address(es) had been allocated (typically a telecommunications service provider(s);
- Upon receipt of administrative subpoenas11, which are issued by law enforcement authorities without judicial oversight, thetelecommunications service provider(s) then provided subscriber information about the IP addresses used to access the originating email account, as well as any other e-mail accounts that were accessed from the same IP address(es). It has been reported that Google gave the FBI information about every IP address used when accessing that account12
- The ISP associated the IP addresses with various locations, including hotels;;
- Knowing the physical locations from which the e-mails were sent, the FBI was able to obtain lists of people who were at those locations when the messages were sent through the use of administrative subpoenas13
- One name kept appearing in guest lists during the times the messages were sent, so this individual was considered the most likely suspect; and;
- It was at this point that the FBI sought and obtained a warrant to get access to the contents of the anonymous email account.
The FBI was able to obtain the following information without having to obtain a warrant:
- The IP address(es) from which the harassing e-mails were sent;
- The names of the telecommunications service providers to whom those address(es) were assigned;The subscriber information associated with the e-mail account used to send the e-mails, along with information about other e-mail accounts that were accessed from the same IP address(es);
- The organizations – in this case hotels – to whom the telecommunications service provider had assigned the IP address(es); and
- Lists of guests who were registered at those hotels at the time the emails were sent.
Report cached here