What is an IP address and how is it used to track devices and people?
source: own elaboration
Everyone who uses the Internet has heard about the IP address and knows that he has one. Only few of us, however, have an idea about what really lies behind this parameter and to what information about its owner it can lead to. In the text below we will try to explore the subject of IP addresses and see how they are used to track people and devices.
What are IP addresses and what are their types?
The IP address (the abbreviation of the English term Internet Protocol) is the number given to a physical or virtual device (network interface), their group or the entire computer network in the IP protocol (i.e. a set of rules and instructions that are automatically executed by devices to establish communication and data exchange). It is used to identify specific devices that are part of the network, and its task is to facilitate communication between them.
From 1977, the fourth version is used to issue IP addresses. In IPv4, the IP address consists of 32-bit integers, written as a series of 4 numbers, usually represented in the decimal system and separated by periods. The initial numbers specify the network address, and the final numbers specify the computer or their set. It also happens that the hexadecimal or binary system is used. However, due to the rapidly depleting possibilities of the combinations available in IPv4, new versions have already been created - IPv5 and IPv6. IPv5 (Internet Stream Protocol), called ST for short, has not gained much popularity, while IPv6 - Internet Protocol version 6 has become a worthy successor of IPv4. In this case, IP addresses are no longer 32, but 128-bit numbers integers, and the address is usually written as eight 16-bit blocks represented in hexadecimal and separated by a colon.
We can distinguish several different types of IP addresses. First of all, the IP address can be fixed or dynamic (variable). In the second case, an IP is assigned to the computer again each time it connects to the Internet, or IP is broadcast again after a certain period of time (e.g. 24 hours). While a permanent IP address never changes. In addition, IP addresses can be divided into private and public. A public IP address means that it is public, and therefore visible to all devices on the network, and communication is unlimited. The private IP address, on the other hand, ensures much greater anonymity and security, limiting the possibility of interaction with other devices on the network. Access to some services and websites may, however, be difficult in this case. You can also set a dedicated IP address for your device that is assigned exclusively to the user. This solution can significantly facilitate obtaining an SSL certificate and positively affect the positioning of a given page in search engines. Regardless of whether a given IP address is permanent, variable, public, private or dedicated - in each of these cases, determining who the device belongs to is similar.
How are IP addresses used to track devices and people?
Contrary to appearances, tracking someone by their IP address is not so simple. Although the IP address geolocation service, i.e. determining the geographical location based on the IP address of the device, is offered free of charge by many websites, but it does not provide much information. The basis of geolocation are global databases, including address databases, and the process itself consists in compiling the geographical coordinates of a given IP address with the information contained therein and determining certain data on the location of the device - continent, country, province, city, and sometimes also street and number. Of course, it will be authoritative only if the given IP addresses are not encrypted or falsified in any way. Geolocation is useful for creating statistics, specifying routes and addresses, adding location markers (geotagging) or tracking the position of a given device. Website owners also use them to determine what language a given internet user speaks. However, geolocation won’t be useful when trying to determine who owns the equipment with a given IP address.
If we want to determine the name of the person to whom the device belongs, the procedure will be much more complicated. First of all, the IP address is most often stored in the server logs, database of a given website or application, so only the service provider, i.e. the administrator, has access to it. Even if we obtain a given IP address, identifying it will also require knowledge of the exact date and time of its activity on the given website. Such data will be needed by the internet provider so that he can check the identity of the given internet user based on his logs. Only matching this data allows you to determine who the owner of the IP address is. Of course, not everyone has access to such solutions. In Poland, only state services (such as the police and the prosecutor's office) have the right to request the network administrator to provide data with an IP address. At their request, the website administrator is required to provide the user's IP address and the date and time of a given activity, and the internet provider to identify on this basis who the owner is. Therefore, private individuals and companies cannot ask for this type of data, they must first contact the relevant authorities and justify their request. The basis for determining the identity of the Internet user based on the IP address can only be the investigation of criminal liability, the civil procedure does not provide for this type of solution.
In practice, if someone who uses a given IP address threatens your online business - for example, by click spamming your ads, filling out contact forms with incorrect data, leaving inappropriate content on websites or unjustifiably giving negative ratings and commentary - there is not much you can do to establish his identity. This type of offense will not usually be a sufficient reason to initiate a criminal law procedure, and without this you won't get the necessary support from the relevant state services. However, this does not mean that you are completely vulnerable in this situation. Companies specialized in detecting online frauds (such as TrafficWatchdog) identify suspicious IP addresses and automatically block their activity in the future. They also operate at a much more advanced level - their algorithms are able to combine a given IP address with many other information and based on them create an online fingerprint of the user. This means that in many cases they will be able to recognize the Internet user even if he will use other equipment or an IP address.
