A wealthy investor in CA had $10 million worth of paintings stolen from his mansion. The FBI figured that the thieves discovered that the paintings were in the house by searching the web using the artist's name. So the FBI "checked the Internet" (the words the article used) to see who had searched using the artist's name. The FBI was able to identify the thieves based on this method and the thieves were arrested.
Seems to me the only way this could happen is:
(1) Search provider (e.g.: Google) maintains database of search terms, IPs & time of search
(2) ISP maintains database of users, IPs, and time of search
(3) FBI matches time of search and IP from item #1 with IP and time from item #2
Edited by Orange Blossom, 17 January 2013 - 02:17 PM.
Moved to general chat. ~ OB