If I am out and about and connect to an open wireless network, how can I tell a public hotspot from an unsecured private wireless network? Since I am being sent an invitation to connect to a wireless access point isn’t that implied permission and therefore legal in either case?
This question was answered on July 14, 2005. Much of the information contained herein may have changed since posting.
This specific legal question is being brought to the forefront by the recent arrest of a Florida man that was holed up inside his SUV accessing an open connection in a St Petersburg residential neighborhood
While I have no basis for providing any legal advice, I can shed some light on the parts of the equation that impact your question.
The federal laws that generally govern this area (the Computer Fraud and Abuse Act of 1986 and the revised version known as the National Information Infrastructure Protection Act of 1996), were written well before open wireless access was a legal issue and the primary target of the legislation was the criminal computer hacker..
They were written to specifically address anyone who “intentionally accesses a computer without authorization or exceeds authorized access” with the prevailing concern being government agencies and financial institutions (the biggest targets during those periods).
The phrase “Whoever intentionally accesses a computer without authorization or exceeds authorized access” is followed by a series of statements that refers to intent, the security of the U.S government and many other specifics that do no apply specifically to the current issue of open wireless access.
Since no one to date has been prosecuted (stay tuned to the Florida case as it may be the first) the law is considered ambiguous and in need of an update to specifically cover the proliferation of wireless networks.
Wireless access points are by default designed to “broadcast” a signal and announce its availability to anyone within range (usually up to 300 feet) This “announcement” is not necessarily a “legal” invitation to connect and would likely be a weak argument if you are caught accessing a computer that was clearly not your property.
In a past phone conversation with a member of the Attorney General’s office, it was explained to me that searching for wireless networks (“wardriving”) is not illegal, but once you connect and make use of any of the resources (i.e the Internet connection) you are in violation of existing federal computer crime laws.
Wardriving is a derivative of “wardialing” which comes from the practice portrayed in the movie “War Games” In the movie, Matthew Broderick’s character sets up his computer to randomly call thousands of phone numbers in the hopes of stumbling onto another computer with a modem that was waiting to be accessed.
As far as differentiating a “hotspot” (a public access point) from a private wireless network you have to use good judgment If you are nowhere near a commercial entity, it is highly likely you would be accessing a private network.
Most businesses that setup hotspots do so to attract customers and make it obvious with marketing materials in and around their businesses
There are lots of websites that have large databases of public hotspots, so it isn’t difficult to find lots of legal places to connect Try Intel’s database at Intel.JiWire.com or if you have a handheld device you can download AvantGo so you can carry a list with you.
About the author
Posted by Ken Colburn of Data Doctors on July 14, 2005