Federal Judge Rules That Wifi Sniffing is Perfectly Legal

Facebooktwittergoogle_plusredditpinterestlinkedinmail

You probably remember the famous court case last year in which Google was accused of wiretapping because its “street view” cars gathered fragments of Internet traffic from unencrypted wifi networks across the country.

This ruling seemed to indicate that anyone who “sniffed” or looked at unencrypted data on an open wifi network was committing the crime of wiretapping.

A federal judge in Illinois may have set a new precedent by ruling the exact opposite way in a recent court case. And if the ruling holds up on appeal, it may force all public wifi network owners to admit the obvious: unencrypted wifi networks are completely open to anyone who has the ability to intercept the network’s data.

As we’ve previously explained on this blog, legally, if you do not encrypt your Internet communications, including your email, IMs, and any websites you visit, you have no expectation of privacy. So in the U.S., anyone can listen to your unencrypted communications with impunity. Privacy laws in Europe are a bit tighter.

This applies to both wifi hotspots and also your home network. If you don’t encrypt your data, you are considered to be broadcasting it. Anyone who wants to can legally listen in, and there’s nothing you can do about it.

At Private WiFi, we actually asked our lawyers to look into the legality of wifi hacking. They found that “courts have found that unencrypted, publicly broadcast data, such as via wifi, does not carry ‘a reasonable expectation of privacy’ for the data transmitted.” If the transmission is “readily accessible to the general public,” meaning it is not encrypted, it is fair game.

Public Wifi Data = Radio Waves Legally Accessible by Anyone

This recent court case involves a company called Innovatio IP who is suing businesses that offer free wifi because they say these businesses are infringing on certain patents they own. As part of their case, Innovatio wants to use wifi data packets as evidence.

In order to do so, they had to get a ruling from the judge on whether or not it was legal to have these wifi data packets in the first place.

The judge in the court case ruled that it was, in fact, legal. The judge stated that wifi is electronic communication using radio waves. The judge in the Google case had said this wasn’t the case.

Then the judge wrote that public wifi is a clear exception to U.S. wiretapping laws. These laws contain an exception which says that wiretapping laws do not apply to “a system that is configured so that such electronic communication is readily accessible to the general public.”

This is the key point of the case, because the judge in the Google case had noted that intercepting wifi data on an open network was only available via sophisticated technology, and thus not readily accessible to the general public. The judge in the Innovatio case said that this simply wasn’t true.

It’s worth reading part of the judge’s ruling, because it sums up nicely what PRIVATE WiFi has been saying for years:

….Innovatio is intercepting Wi-Fi communications with a Riverbed AirPcap Nx packet capture adapter, which is available to the public for purchase for $698.00…A more basic packet capture adapter is available for only $198.00…The software necessary to analyze the data that the packet capture adapters collect is available for download for free.

With a packet capture adapter and the software, along with a basic laptop computer, any member of the general public within range of an unencrypted Wi-Fi network can begin intercepting communications sent on that network. Many Wi-Fi networks provided by commercial establishments (such as coffee shops and restaurants) are unencrypted, and open to such interference from anyone with the right equipment. In light of the ease of “sniffing” Wi-Fi networks, the court concludes that the communications sent on an unencrypted Wi-Fi network are readily available to the general public.

While all Internet security experts do not agree with the judge’s ruling, he may be doing all of us a favor in the long run.

The sooner we realize that what we do on unencrypted wifi networks can be seen by anyone with the right software, the sooner we will take steps to protect ourselves.

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Kent Lawson

Kent Lawson is the CEO & Chairman of Private Communications Corporation and creator of its flagship software PRIVATE WiFi. He combined his extensive business and technical experience to develop PRIVATE WiFi in 2010. The software is an easy-to-use Virtual Private Network (VPN) that protects your sensitive personal information whenever you’re connected to a public WiFi network. Follow Kent on Twitter: @KentLawson.

3 Responses

  1. roosterscrow says:

    I just bought a raspberry pi, it cost $60. I’ve only had it for 4 hours, and I am already using it to sniff wifi using free software. It can be battery powered and become a portable sniffer if desired. It’s crazy that only $60 gets me a fully functional handheld computer capable of sniffing wifi after a couple of hours playing with it. I’m responsible and am not looking at the sent data, just identifying unique devices, stay duration, and signal strength to get anonymous stats on people visiting my store. It’s crazy to think that a less honest person could sniff on me with minimal investment, I guess I will be turning my wifi off!

    • Jared Howe says:

      Hi Roosterscrow, you bring up a very good point: WiFi sniffing is
      incredibly easy and nearly anyone can do it, not just experienced
      hackers. All you need is a relatively cheap piece of hardware and free
      software. It just goes to show how incredibly unsecured public WiFi
      networks really are. We would just like to remind you, though, that you
      don’t necessarily need to turn your WiFi off, you can simply protect
      yourself with a VPN like PRIVATE WiFi. Thanks for sharing your
      experience.

      • roosterscrow says:

        I’m picking up all traffic with the Rpi, including secured networks and packets transferred over a vpn. It’s true the encrypted packets aren’t readable so I don’t know what’s being sent, but I still know someone is sending, and I know how long they’ve been there, and if they’ve been there before. Trust me, I’m as paranoid as it gets, so I was pretty upset when this $60 device found my mac address and started logging my secure wifi polling. All it takes for that is having the wifi turned on, so while my data is secure, I still want to protect what little privacy I have left and will be turning wifi off.