The court appears to grasp this distinction, but, unfortunately, doesn't follow it to the correct conclusion. In a footnote, the court points out that capturing URLs of webpages visited "might be more constitutionally problematic" because "[a] URL, unlike an IP address, identifies the particular document within a website that a person views and thus reveals much more information about the person's Internet activity. However, an IP address can point to a particular website and can also be used to identify "much more information about the person's Internet activity." For instance, it can be combined with information about the size of a file downloaded from a particular IP to identify a particular page on a website.

On top of this casual, erroneous reasoning, the court oddly says almost nothing about how the surveillance actually occurred. Indeed, at one point the opinion says, "the government applied for and received court permission to install a pen register analogue on [defendant's] computer." Ordinarily, pen register surveillance takes place on the provider's system, not on the target's computer; so this statement, along with the fact that keylogging software was used, raised questions about whether the court approved physical entry or some kind of remote surveillance like the FBI's "Magic Lantern." EFF has confirmed with defense counsel that the surveillance in fact occurred at the provider's system, but these ambiguities only underscore the need for review of the opinion.