When individuals are online, they are assigned an Internet Protocol (IP) address by their Internet service provider (e.g., Earthlink, AOL, Qwest, Comcast, their school) or cell phone service provider (e.g., Sprint, AT&T, Verizon). This IP address is unique and is bound to a person’s current online session—whether it is via a computer, cell phone, or other portable electronic device. It is continually associated with the data transactions (sending [uploading] and receiving [downloading], interacting, communicating) that are made between one’s device and the rest of the World Wide Web and between one’s social networking site, email, instant message, and chat software and the existing population of Internet users. All data transactions are stamped with one’s IP address and the exact date and time (to the millisecond) that it occurred, and they are kept in log files on computers owned by Internet service providers, cell phone service providers, and content providers (Facebook, Google, Hotmail, Yahoo!, etc.).
When attempting to discover the aggressor behind the keyboard, it is vital to know the IP address bound to the malicious message or piece of content. Once that is discovered, the relevant provider can assist school police (or local, state, or federal law enforcement) in identifying the online session in question, which points to the Internet service provider or cell phone service provider through whom the online connection was made, then to the person connected to that specific account (by way of the billing information), and finally to the family member who was logged in at the time the cyberbullying took place.
From School Climate 2.0: Preventing Cyberbullying and Sexting One Classroom at a Time