You probably remember the famous court case last year in which Google was accused of wiretapping because its “street view” cars gathered fragments of Internet traffic from unencrypted wifi networks across the country.
This ruling seemed to indicate that anyone who “sniffed” or looked at unencrypted data on an open wifi network was committing the crime of wiretapping.
A federal judge in Illinois may have set a new precedent by ruling the exact opposite way in a recent court case. And if the ruling holds up on appeal, it may force all public wifi network owners to admit the obvious: unencrypted wifi networks are completely open to anyone who has the ability to intercept the network’s data.
As we’ve previously explained on this blog, legally, if you do not encrypt your Internet communications, including your email, IMs, and any websites you visit, you have no expectation of privacy. So in the U.S., anyone can listen to your unencrypted communications with impunity. Privacy laws in Europe are a bit tighter.
This applies to both wifi hotspots and also your home network. If you don’t encrypt your data, you are considered to be broadcasting it. Anyone who wants to can legally listen in, and there’s nothing you can do about it.
At Private WiFi, we actually asked our lawyers to look into the legality of wifi hacking. They found that “courts have found that unencrypted, publicly broadcast data, such as via wifi, does not carry ‘a reasonable expectation of privacy’ for the data transmitted.” If the transmission is “readily accessible to the general public,” meaning it is not encrypted, it is fair game.
Public Wifi Data = Radio Waves Legally Accessible by Anyone
This recent court case involves a company called Innovatio IP who is suing businesses that offer free wifi because they say these businesses are infringing on certain patents they own. As part of their case, Innovatio wants to use wifi data packets as evidence.
In order to do so, they had to get a ruling from the judge on whether or not it was legal to have these wifi data packets in the first place.
The judge in the court case ruled that it was, in fact, legal. The judge stated that wifi is electronic communication using radio waves. The judge in the Google case had said this wasn’t the case.
Then the judge wrote that public wifi is a clear exception to U.S. wiretapping laws. These laws contain an exception which says that wiretapping laws do not apply to “a system that is configured so that such electronic communication is readily accessible to the general public.”
This is the key point of the case, because the judge in the Google case had noted that intercepting wifi data on an open network was only available via sophisticated technology, and thus not readily accessible to the general public. The judge in the Innovatio case said that this simply wasn’t true.
It’s worth reading part of the judge’s ruling, because it sums up nicely what PRIVATE WiFi has been saying for years:
….Innovatio is intercepting Wi-Fi communications with a Riverbed AirPcap Nx packet capture adapter, which is available to the public for purchase for $698.00…A more basic packet capture adapter is available for only $198.00…The software necessary to analyze the data that the packet capture adapters collect is available for download for free.
With a packet capture adapter and the software, along with a basic laptop computer, any member of the general public within range of an unencrypted Wi-Fi network can begin intercepting communications sent on that network. Many Wi-Fi networks provided by commercial establishments (such as coffee shops and restaurants) are unencrypted, and open to such interference from anyone with the right equipment. In light of the ease of “sniffing” Wi-Fi networks, the court concludes that the communications sent on an unencrypted Wi-Fi network are readily available to the general public.
While all Internet security experts do not agree with the judge’s ruling, he may be doing all of us a favor in the long run.
The sooner we realize that what we do on unencrypted wifi networks can be seen by anyone with the right software, the sooner we will take steps to protect ourselves.