BERN, SWITZERLAND — A Swiss company that uncovers the identities of file-traders by tracking their IP addresses has been warned by a department of the Swiss government that its methods violate the country’s telecommunication laws.Logistep AG, which is incorporated in Switzerland but operates out of offices in Karlsruhe Germany, provides identifying information to intellectual-property attorneys worldwide. According to Switzerland’s Federal Data Protection and Information Commissioner, Logistep is behaving illegally by persuading prosecutors to file criminal cases in order to force internet service providers to identify anonymous persons suspected of copyright infringement. Logistep’s methodology involves a sort of “end run” around Swiss law, which considers IP addresses personal information that only can be breached in the course of criminal, not civil, trials.

Although the criminal cases usually are dropped before completion, Logistep uses the information it obtains as part of the criminal investigation process to file civil lawsuits seeking damages on behalf of copyright owners, according to Marc Shaefer, legal advisor for the FDPIC.

“Therefore, we told Logistep to stop their work until there is a legal basis which allows such an identification,” Shaefer told Computerworld, adding that Logistep would be operating within the law if waited to pursue civil penalties until after the corresponding criminal cases have been adjudicated.

If Logistep fails to heed the warning, the FDPIC is prepared to take the company to court, Shaefer said.

Logistep issued a statement saying it does not believe IP addresses — which identify the locations of computers on a network — are personal information because they are not always tied to individuals. For example, in the case of public and business computers, many people may use one IP address, the company noted. In addition, some ISPs assign dynamic IP addresses to their users, meaning an individual’s IP address may change with each login.

That’s exactly what worries Shaefer, who said such ambiguity may mean the wrong person could become the focus of a lawsuit.

In response, Logistep stated it has ways of uncovering the precise files shared illegally, even if encryption or proxy servers are used to mask illegal activities.

The Swiss dispute accentuates a growing row in Europe over whether IP addresses are personal data. Last week, Article 29 Data Protection Working Party Chairman Peter Schaar said IP addresses should be considered private. The Article 29 DPWP is Europe’s privacy regulating body. It has been investigating how search engines collect, store and use consumers’ data and is expected to release a full report about the matter by April.