They have indeed been extremely careless, or maybe intentionally reckless. (I assume they were running an open KMS server. Or was it something else?)
Of course what the legal profession 'conveniently forgets' is that the IP address alone cannot identify the actual user or the computer used.
Even Comcast can only identify the holder of the account, not the person or computing device used to commit the offence.
There is a independent ISP in this country (Andrews and Arnold) who have stated publically that when they receive an legal order from the Police or security services for them to identify a user (based on IP address) will issue a standard reply - "we cannot identify a user".
If they come back and ask for the account holder's details then the ISP will of course comply. But one gets the impression that most incorrectly worded requests are not pursued further, suggesting that many are simply 'fishing expeditions'.
Ah yes, that old paradox - you must be insane to commit a crime, but insanity means you cannot be held responsible for your actions. Can't fault the logic, but lawyers don't seem to appreciate logic... :rolleyes: