In those circumstances, yes you are correct. However, if the police were keen on catching someone downloading/distributing CP, consider the following scenario: A user connects to an unencrypted network and downloads CP. Eventually, authorities become aware of this activity and identify the IP provided by the ISP to trace the connection. Once enough evidence of this activity has been gathered, the ISP customer is arrested and any computing devices capable of downloading CP is siezed. Computer forensics eventually determine that the customer is innocent and the charges dropped. However, they still have evidence that CP was downloaded using that particular connection. Now if they wanted to investigate further, they would begin to monitor the activity on the customer's router/ISP assigned IP address, either by maintaining a list of the MAC addresses for all devices the customer is using and identifying any connections established by devices which aren't on this list, or by turning off DHCP and assigning static local IPs for the customer's devices and identifying any external connections which were being assigned a new static IP not on the customer's list. Now if the user downloading CP was smart (which they aren't of course), they wouldn't connect to the unencrypted network frequently, however they aren't going to turn down a free internet connection. At this point, authorities can identify the user's IP on the local network, the MAC address and latency of the connection to determine the user's distance from the router in order to work out a physical location (the same building for instance) and issue a warrant to search the machine of the suspect.