Author: Agatha M. Cole, Staff Editor, Cardozo Arts & Entertainment Law Journal
In August of 2005, a Florida investigator on the Internet Crimes Against Children (ICAC) taskforce—a national network of federal, state, and local law enforcement agencies dedicated to preventing online child pornography and other Internet crimes against children—received a video depicting the rape of a two-year old child. ICAC investigators traced the video to an IP address in Colorado associated with Comcast, one of the largest Internet service providers in that state. The only information needed to determine the location of the computer used to post this video was the record revealing which Comcast subscriber had been assigned to that particular address when the video was posted, just four months earlier. Unfortunately, by the time investigators requested the subscriber data, Comcast had already discarded the relevant IP address assignment records for that time period. The Comcast controversy is a solemn example of a situation where the availability of IP address data could have made all the difference. Instead, a dangerous child predator is still out on the loose, and the infant in the video could be the victim of ongoing sexual abuse. Making matters worse, it is not clear whether authorities receiving a similar lead today would fare any better than they did in this instance.
IP address records can provide critical information in a criminal investigation. In the law enforcement context, IP address data is often required to associate criminal activity on the Internet with a real-world access point. Law enforcement agencies claim that the Comcast incident is not an isolated occurrence, and that missing IP address records represent are a recurring obstacle for law enforcement when trying to determine the origination point of certain online activities in child sex exploitation investigations.
In the United States, federal law does not require ISPs to retain IP address information or any other data for law enforcement purposes. ISPs may freely set their own policies regarding when to discard IP address records. Some ISPs retain IP address records for extended periods as a matter of corporate policy, while other providers do not maintain such records or only retain them for a short period of time. In the absence of legally defined retention periods or industry wide standards, the length of time ISPs retain such records varies from one provider to the next.
(Click here to read the rest.)
The views expressed here are exclusively of the author and do not represent agreement or endorsement by the Cardozo Arts & Entertainment Law Journal, Benjamin N. Cardozo School of Law, or Yeshiva University.