The differences between MAC addresses and IP addresses remain an issue of confusion. After a recent discussion I observed that confused the two, I thought I would try to explain how each works.
A MAC (Machine Access Control) address is a unique number assigned to a network adapter. My laptop, for example, has two network adapters - one for a wired, ethernet connection and another for wireless. Thus, my laptop has two MAC addresses that are tied directly to the hardware. Reformatting my hard drive or changing how I connect to the Internet will not change the numbers. Further, no other adapter is supposed to have the same number.
Here's an example of a MAC address:
Data is sent across networks and the Internet in packets. These packets contain directing information to help get them to the right place. Once inside of your local network, that will include your MAC address. If you are sending a file, the packets will contain your MAC address only until it gets to your router. Thus, suppose a national database of MAC addresses existed to tie addresses to purchasers, it would do no good as that information would not be a part of the packet.
MAC addresses are generally considered permanent, but it is possible to change, spoof, or mask them.
An IP (Internet Protocol) address is a number assigned to each device on a network. Each computer, printer, cell phone, or other networkable device has one. But one thing is important here - the IP address your computer uses on your network is not one that can be determined outside of your network. That's because there are two addresses in play - one is your IP address for your specific device and the other is the IP address assigned to your network by your ISP (Internet Service Provider). The IP address from the ISP will change often (called a dynamic IP), though the ISP usually keeps records of the assignments. Sometimes, an ISP assigns a static IP to a customer that does not change.
The computer's IP address helps it to communicate with the router and other computers on the network. It's usually a generic address like 172.16.1.40. Separately, the IP address assigned to the router is the one that can be observed outside of the home network. Thus, it doesn't matter if it's my computer or my roomate's computer that is accessing a certain website. To the outside server, it looks the same.
There are many ways to attempt to hide one's IP address. Anonymizers like the Onion Router, Proxy Servers, and VPNs are examples of such methods.
For investigative purposes, the only bit of information that is generally useful is the IP address assigned by the ISP. That is what you can use to track a person's Internet activity remotely. Few home routers even have the capability of storing logs of activity for specific users within a network.
In some instances, a device on the network may be able to store the MAC addressing information. This is particularly the case with large networks. For example, many universities provide wireless access by having users register their MAC address. The school can then match the IP address of certain illegal activity to the MAC address and then find the student who registered it. That process isn't quite so easy, as Tufts University outlined here after a request for students who downloaded music illegally.