You do know that MACs are hardware IDs and don't get passed around and used by multiple users.

NAT is IP based where an public IP address is translated to a private IP address. Still the customer can be identified. Mac addresses are unique to each device so it's highly unlikely that the same mac would be assigned to multiple devices. Besides, only 1 would pull an IP address at 1 time since the arp table only allows 1 IP Address per Mac Address.

That customer was responsible for the use of that connection. The SLA they signed made that clear.

We were an ISP with about 50,000 users, most of those customers residential users. When we did get a complaint for a business user or a user with a router, we would send the notice out to the account holder since they were responsible for the connection. They would then do their own invstigation and we would provide a PC name (which was in the log file) to help them narrow down which device on their network was the culpri

How many users actually know how to spoof a MAC Address and also remember to change it back once their done? I can tell you, not many of our users knew what an IP Address was. And since there are about 16,777,216 possibilities of mac address, I'd say it would be highly unlikely that a user guessed the mac address of someone else on the network. I can count on one hand the number of times I wasn't able to back track a MAC to a specific user. Only because the MAC address no longer showed up in the arp table. If we couldn't find the user we did nothing with the complaint.

If the lease time of the IP Addresses is 24 hours, the DHCP server initiates a handshake at the 12 hour interval. If no device responds, the IP address is released back in to the pool. Since ISPs probably have a huge range of IP Addresses, it's unlikely that the IP address just released would be picked up by another device. I've seen instances where our PCs would be off line for upwards of a week and we'd still pull the exact same IP Address.

Regardless of if a dynamic IP address is used or not, if the lease time is long enough and good logs are kept, you can still find a user even if someone else has the IP address because only one MAC can be tied to an IP Address at a certain time. You query on that time frame to get your mac associated with said IP Address from the dhcp log file.

A mac address does equal a person if said mac address is tied to a PVC which is tied to a SLID or DSLAM position which is tied to a specific customer. Our network used different PVCs for each and every circuit and each of those PVCs resided on specific ports on specific pieces of equipment. Users assigned to these ports were then tracked in our billing system, So yes a Mac Address does equal a person. It showed us which persons connection was used at the time of the infringement and if that MAC Address was still in the router and they were still infringing, we'd cut their service and they'd eventually call in. I've never had a case where I backtracked a MAC Address to the wrong user.

When the ISP I worked for used to get "Notices of Infringement" from copyright holders, I was the one tasked with finding the user who was responsible for the infringement. We would get an IP Address and a timestamp along with the name of the copyrighted material. Since we kept log files for our DHCP server, I was able to tie an IP Address to a MAC Address at the time of the infringement. I was then able to look at the arp cache of our router and tie that MAC Address to a PVC. Once I got the PVC, I tied that back to a DSLAM or SLID which in every case was tied to a specific customer. In almost every case we identified the correct user. There were a few cases where we were unable to find the infringing Mac Address in the arp cache probably because the device was no longer in use.

The ISP I work for has a 4 strikes and you're out policy. You get warnings on your first two DMCA violations, a third violation gets you a suspension and a $100 reconnect fee and a fourth violation gets you disconnected for good. We don't look at any traffic but we do get complaints from the copyright holders of the material being shared illegally. We never single out P2P traffic and track the IPs back to the customers. We only act when we receive a notice from the copyright holder. We look at the date & time of the violation as well as the IP address and track it back to a customer. I think the ISPs should crack down of illegal filesharing if the person sharing the file isn't the copyright holder. If the ISPs do nothing to the users then the ISPs will get hit with a lawsuit.