That means the person paying the bill for the Internet service may end up as the target of the civil proceeding rather than the offender, adding another worrying factor into the lawsuits, Schaefer said.
On its Web site, Logistep said it can compile a history of illegal files shared by someone, even if encryption or proxy servers are used to mask the sharing.
The row comes amid growing concerns over how personal data is collected and retained in Europe.
On Monday, a top European data protection official, Peter Schaar, said at a European Parliament hearing that an IP address should be considered personal information since it can be used to identify people.
Schaar is chairman of the Article 29 Data Protection Working Party which is looking at personal data and privacy issues, such as what kind of data search engines retain. A report is scheduled for release by April.