Malibu Media — online porn producer and copyright troll — has filed more copyright lawsuits than most of the other trolls combined, most of them against anonymous “Doe” defendants whose identities are currently nothing but IP addresses for their Internet service. Malibu and others have tried to use geolocation tools to more precisely identify these alleged porn pirates, but two judges recently told Malibu that this simply isn’t good enough.

As happens frequently in these cases, Malibu asked the court for early discovery to try to compel the Internet service provider — Time Warner Cable in both of the instances here — to identify the user attached to that IP address. Many courts will simply sign off on such a request and let the ISP decide whether or not it wants to challenge the subpoena. But two federal judges in California have joined the ranks of those who believe that Malibu and others need to provide more information in order to sue the accounts associated with these IP addresses.

In order for the court to grant a motion for early discovery to identify a Doe defendant, the judge must consider three factors: That the information provided about Doe is sufficiently specific to convince the court that the defendant is a real person who could be sued in federal court; that the plaintiff has identified all previous steps taken to attempt to locate and serve process on the Doe defendant; and that the plaintiff satisfies the Court that its suit against could withstand a motion to dismiss.

Regarding that first requirement, Malibu argued that it had used “proven IP address geolocation technology which has consistently worked in similar cases to ensure that the Defendant’s acts of copyright infringement occurred using an [IP address] traced to a physical address located within this District.”

But on Feb. 17, one District Court judge disagreed [PDF], writing that “The allegation that the IP address at issue likely resolves to a physical address in this District is not supported in any of the declarations filed in connection with the instant motion.”

The judge acknowledged that Malibu had been specific about the methods and software used for geolocation of the defendant, but that the plaintiff “provides no evidentiary support for its assertions.”

In a separate but similar case in before a different District Court judge, Malibu presented the same argument for its need to get the user’s account information from Time Warner Cable, but again the court said that having an IP address and a possible physical location wasn’t enough.

“Plaintiff fails to offer any evidence to support its allegation that the infringing IP address was actually traced to a location within this judicial district,” explained the judge [PDF]. “Nothing in the declarations Plaintiff submitted with its Ex Parte Motion explains what steps Plaintiff took to trace the IP address to a physical point of origin within this Court’s jurisdiction.”

While Malibu provided the court with a chart listing “Time Warner Cable” as the ISP associated with that IP address and “San Diego, CA” as the location, the judge criticized the plaintiff for not explaining “how the ‘physical location’ was determined and whether the location indicated on the chart refers to the ISP or to the Defendant.”

Though your IP address might be enough for your broadband provider to identify you, it alone is not necessarily an accurate indicator of location. The folks at TorrentFreak plugged in one of the Doe defendant’s IP addresses into three different geolocation tools — including one used by Malibu — and got three different location results. And not just a few blocks from each other. Punching in the coordinates of the three results puts the IP address in three different towns, upwards of more than 20 miles apart from each other.

In some parts of the country, such a distance could mean the alleged pirate is being sued in the incorrect federal court district.

I tried out one of those tools on my own IP address and got coordinates for a commercial building nearly a mile away from my house.

And this is all assuming that the IP address actually belongs to the pirate. As a judge noted in a 2015 case involving allegations of piracy for a documentary on boxer Manny Pacquiao, an IP address could be shared among all people using the same network, meaning there’s no way to show that it’s the account owner — and not a family member, roommate, guest, or someone squatting on their connection — responsible for the piracy.

“Even if this IP address is located within a residence, geolocation software cannot identify who have access to that residence’s computer and who would actually be using it to infringe Plaintiff’s copyright,” wrote the judge in that case.

[via Fight Copyright Trolls]