> You'd need to also identify which device was infringing by getting a connection time/destination.
I still don't see where it says you have to do that. Your link doesn't seem to say anything about it.
I question the value of MAC address blocking in general. Anyone can change their MAC address and popular systems are even using MAC address randomization by default now.
And in a physically local context like this, couldn't you just tell the person they're not allowed to use your wireless anymore, or remove them from the property?
The issue is who has to identify the user. If all they gave you was your own IP address with no accurate timestamp or ports, you wouldn't even be able to get the effectively-useless MAC address, even with the connection records most people don't keep. If they gave you the user's legal name (e.g. because the user signed up for the file sharing service with it) then you wouldn't need any connection records.
The MAC is just an example. You need some way to block someone abusing your connection. It's the first point raised in the requirements for safe harbour. For this you need to be able to say "this is the same person/device as before".
> couldn't you just tell the person they're not allowed to use your wireless anymore
The context we started with is wifi open to the public. You've never met your users and you may never see them (directional antenna from a distance), so the legal name is not useful either.
The situation where you know the users is much simpler.
> The MAC is just an example. You need some way to block someone abusing your connection.
You're thinking like a sysadmin. Think like an organization.
Compare the situation where you have a public space where everyone is welcome except Bob, because when Bob was there in the past he caused trouble and was asked never to come back.
You don't have to post guards checking ID because Bob knows he's not invited and the laws against trespassing deter him from showing up.
> The context we started with is wifi open to the public. You've never met your users and you may never see them (directional antenna from a distance), so the legal name is not useful either.
Seeing isn't required for telling. If you have the legal name, why can't you send a certified letter telling them they're not allowed to use your network anymore, then if they continue you call the police?
I still don't see where it says you have to do that. Your link doesn't seem to say anything about it.
I question the value of MAC address blocking in general. Anyone can change their MAC address and popular systems are even using MAC address randomization by default now.
And in a physically local context like this, couldn't you just tell the person they're not allowed to use your wireless anymore, or remove them from the property?
The issue is who has to identify the user. If all they gave you was your own IP address with no accurate timestamp or ports, you wouldn't even be able to get the effectively-useless MAC address, even with the connection records most people don't keep. If they gave you the user's legal name (e.g. because the user signed up for the file sharing service with it) then you wouldn't need any connection records.