> You can ask the ISP. They are supposed to store metadata.
What you say is true, but prosecutors/investigators have little incentive to jump through another hoop. If they are willing to prosecute someone with just circumstantial evidence of an IP address, they aren't really looking to find the perpetrator, only a fall guy.
It's not ridiculous. Some countries (and States, iirc) require that speeding and red light tickets have to be issued to the driver of the car, so traffic cameras capture both the licence plate and the driver's face.
Similarly, if I torrent pirated media in a Starbucks, should the store be charged?
Yes, but that's only partially the reason, or rather, in some cases.
In my state, that was specifically to cover "well, if you deny driving the vehicle..." situations, where people would say "Oh, it wasn't me, I lent my car to someone/my kids drove/whatever", and law enforcement replying "Who?" "Oh, I don't know. Sorry."
Now it's to increase the burden of proof. It's reasonable to assume that if you own a vehicle, you were driving it. It's furthermore reasonable to assume that you should be able to identify who was driving the vehicle, from the face, even if you do have multiple people driving.
If you then refuse to identify the person, or "I don't know", then it's tantamount (in the law's eyes) to saying you weren't taking due regard to the care of operation of your vehicle (after all, if you don't even know their name, how do you know they're licensed?).
To tie a request made over CGNAT to the ISP's customer you need both the IP address and the port number of the connection. In my experience, most software that logs IP addresses doesn't bother to log the port number. (Probably because it wasn't relevant before CGNAT came along.)
What you say is true, but prosecutors/investigators have little incentive to jump through another hoop. If they are willing to prosecute someone with just circumstantial evidence of an IP address, they aren't really looking to find the perpetrator, only a fall guy.