[Boundless]

> Since anyone can log in to any blog as a user, how can
> the true identity of a poster be known? There are no
> witnesses, no fingerprints, no handwriting, so no hard
> proof. We all know from scammers that passwords and
> ID's can be scammed.

There are IP traffic logs on the forum's servers, as
well as at the user's ISP and all the routers in between.
The ISP also has dial-in/login logs, perhaps even with
caller ID records. These can be subponea'd.

If the source IP addresses all come from the same small
ISP pool (or there's just one static IP), then the next
step is to subpoena the user's PC, and scour it for
evidence in the files, and more significantly, in the
web caches and deleted file blocks.

I'm no expert on computer forensics, so there may well
be even more sophisticated probes available.

There are a lot of kiddie porn collectors in jail
who thought they were anonymous on the net.

[Gondring]

Both sides also referred to a case in which the Appellate Division of the New Jersey Superior Court held that a corporation could not force the release of a poster's identity because it did not demonstrate that it was harmed by the comments.

That decision set up a four-part series of guidelines for future cases, among them a requirement that the plaintiff prove actual harm before an identity can be released. That decision was rejected by the Delaware Superior Court, but Finger said the justices could come up with a "modified" version of that decision.

Anyone know when that Superior Court decision occurred?