Two People Arrested In England For WiFi Theft
from the laws-with-holes dept
We've been following stories about people being arrested for "stealing WiFi" for some time now, and we're still unsure of exactly what the crime is. If a person is accessing an open WiFi network without physically trespassing, should that be illegal, or should it be the network owner's responsibility to secure their network? Furthermore, how are people supposed to know what networks are okay for them to access, given the way many public-access networks use cryptic SSIDs? Anyhow, despite these questions, people continue to get arrested for using other people's WiFi networks, though it's been a while since we've seen it happen in the US. A couple of people have been busted in Singapore, where there's a specific law that could get you three years in the pokey for unauthorized access of a WiFi network. Now, two people in England have been arrested for WiFi theft, or more specifically, "dishonestly obtaining electronic communications services with intent to avoid payment." To be fair, one of the people sounds like he wasn't up to much good, since it was his sitting in a car with cardboard covering the windows that attracted attention to him. While the police say that using somebody else's WiFi can get a sentence of up to five years in jail under the UK's Computer Misuse Act, this seems like an area where the law doesn't do a good job of dealing with technology, since it's virtually impossible for users to tell private, but unsecured networks from public ones that they're allowed to access. If people don't want strangers using their network, there a plenty of steps they can take to prevent them from doing so. That seems like a more reasonable response than threatening WiFi bandits with jail.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
A simple solution that will be ignored...
[ link to this | view in chronology ]
Re: A simple solution that will be ignored...
ps i'm writing this post from someone else's wireless in my appt building how ironic.
[ link to this | view in chronology ]
Re: Re: A simple solution that will be ignored...
Anyways, blocking SSID does absolutely nothing. It's the same thing as saying just setup MAC address filtering. It's been proven to be completely useless.
[ link to this | view in chronology ]
Not quite
Firstly, blocking SSID transmission and using MAC address filtering is enough to keep the casual snooper out. It is true that it does not deter the die-hard war-driver, but if someone is determined enough to get into your network and they know their stuff, in most cases they will.
Secondly, and more importantly, it shows some effort to keep people out. It is scary how many people have absolutely no protection of their wireless networks (blog entry).
For some who have older hardware that does not support WPA and who cannot use WEP (some Tivo/Hardware combinations, for instance, don't like WEP), these might be the only options that they have.
Personally I feel those who run totally insecure networks should have no recourse for anything that does not involve damages.
[ link to this | view in chronology ]
Re: A simple solution that will be ignored...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: Anonymous Coward's post
[ link to this | view in chronology ]
As for people needing to turn on WEP or WPA - not all wireless cards, PCs and/or OS's support WEP and/or WPA or it is so difficult and confusing to configure people don;t do it.
I'm fairly adept technology wise, yet I have an older HP laptop that only supports the older encryption, plus it has an odd quirk that won't let me upgrade to XP SP2's wireless update. Everytime I do try to configure it properly, it refuses or ignores my changes - always leaving me unconnected completely.
I have no choice but to leave my network open if I want to use that laptop on the network - which I intend to do until it stops running completely. I'm sure I'm not the only one who runs older quirky laptops...
[ link to this | view in chronology ]
Re:
Again, it's your responsibility to maintain your own equipment: No excuse.
[ link to this | view in chronology ]
Re:
As for the comment above about the manuf. making the user setup using encryption ... well that is just what we need someone else telling us what is good for us ... tried Windows Vista, yet ... I don't need any more nannies! gov't, MS, now Cisco ...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
i like your args... if the signal is in the air... and you didn't do anything (or enough) to keep me frm using/accessing it..it's mine baby!!!!!
a guy i know was getting grey market satellite devices for accessing cable tv... his logic.. i'm not committing any crime, i'm just getting the signal from the air.. i haven't touched the machines/property/etc... of the satellite company...
you guys are saying pretty much the same thing.
tell you what, when you guys run out, and leave your door/window open, let me know where you live. i might want to run in and use your fridge/telephone/tv/etc...
given your logic, you shouldn't object!!!!!
puuuhhhlleeeze!!
if you're reasonably technically competent, you know, if you didn't set up the router, someone else did. if it's not coming from some corp/biz location, it's probably by some user who forgot/didn't know how to setup the security aspects. so what i'm saying, is, if you're not sure, don't use the access...
but as long as you're willing to play by the rules, i'm willing to play the game with you!
peace
[ link to this | view in chronology ]
Re:
Um, no. That's why smart people lock their doors (if they're not living in one of the few areas left where that's not necessary) and . . . wait for it . . . password protect their wireless routers. BTW, if someone leaves their door open and unlocked and you wander into their house, you can't get it for "breaking and entering" since you didn't break in.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: PPV SAT vs FREE WIFI.... NOT THE SAME!!!
The problem I have with his, "i'm just getting the signal from the air" statement is that in order to make use of that signal, you would need to decrypt/unscramble it.
The Satellite companies would normally encrypt the signals they were using - and every few months (or before a big PPV event) they would send down new keys to authorized receivers and then scramble the signal, only letting those authorised, to used it.
Back on-topic though, if the wifi signal was open, it should be just fine - but if the wifi signal is encrypted, it should be criminal to bypass that security.
[ link to this | view in chronology ]
Re:
By the way, I call BS on your claim of knowing "a guy" using satellite devices to get cable TV. Satellites don't have cables going up to them. Now go "puuuhhhlleeeze!!" yourself.
[ link to this | view in chronology ]
Re:
That's different. That's purposely breaking a lock (the encryption) that was put in place. That's not so with open WiFi (hence the open).
you guys are saying pretty much the same thing.
No. No we're not.
tell you what, when you guys run out, and leave your door/window open, let me know where you live. i might want to run in and use your fridge/telephone/tv/etc.
Sam, you seem to have trouble understanding the differences between what we actually say and some ridiculous scenarios we haven't said at all.
What you're describing is actually trespassing. First, you're asking them to leave the doors open. We're not saying that anyone needs to leave the door open. Second, your example involves actually going on someone's property. In this case, it's completely different. The person has *broadcast* the open unencrypted signal beyond their property line. At that point, it's fair game.
Have you ever walked by someone's house and seen their TV through the window. Is that illegal?
Have you ever walked by someone's house and used the light from their house or street light to read something while in the street?
Both situations are much more analogous. Radio waves or light waves from the house have gone beyond the property. There's nothing wrong with using them.
So, please, try to understand what we say before making bad assumptions.
[ link to this | view in chronology ]
Public Air Waves
If someone keys the mic on a CB and speaks, the signal is broadcast out and anyone within range can pick it up. Also, since they are on the same channel, they can then key their mic and speak back. All in public.
So, if that is legal, why isn't it legal to receive a wireless internet signal, and broadcast back? If it was private, it would be secured in such a way as to prevent that.
[ link to this | view in chronology ]
Re: Public Air Waves
[ link to this | view in chronology ]
Wireless Security by Default
On the other hand, if they did that the stupid people would whine about how it's too hard to set up their router. Bleh. OK, put a big switch on the router. Label it "secure" and "open". Set it to "secure" by default. If they move the switch to "open", then they have no one to blame but themselves if their wireless gets used by the neighbor's 12-year-old kid.
[ link to this | view in chronology ]
It *is* a crime in Canada
[ link to this | view in chronology ]
Re: It *is* a crime in Canada
By the way, I looked up C.47 s3.26 in the Consolidated Statutes of Canada. That came back as the Trust Indentures clause of the Insurance Companies Act. You're not making stuff up are you?
[ link to this | view in chronology ]
Go ahead and send them to prison for screwing up along with the satellite stealing lowlifes and rapists. And go to hell while you're at it.
Oh you don't want to send them to prison? You just want them to be smart? Hahahha might as well wish for wings.
[ link to this | view in chronology ]
Bear in mind that most ISPs in the UK have no such thing as unlimited bandwidth and those that claim they do actually have stringent fair use policies. They then rape you in the arse if you go beyond your bandwidth limit.
BT, who I used to be with, used to charge £1 (~$2) per GB although I believe it's more like £0.25 now.
But still having some cunt leech off you could be very costly.
[ link to this | view in chronology ]
Open wifi in a neighborhood doesn't mean public. If it comes from a private residence, which is easy to tell when there is not a single place that says "free hotspot" outside for a mile radius (since wireless doesn't transmit that far, anyway), don't try and get away with saying "I didn't know", because that should mean more time behind bars for lying to a officer of the law. If you don't like the rules, I'm sorry, but I could really care less what most of the people that write articles for this website think, because I haven't seen a single competant thought come from anyone writing here except when talking about the RIAA or MPAA.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
I run a free open hotspot from my home. Why should anyone go to jail for using it?
So who died and made you king? I've got news for you, your rules are not "the rules".
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Well buh-bye then...
We can blame the hardware companies for not making their hardware secure out-the-box. Of course, if they did, the number of tech support calls would skyrocket and this would be reflected in the price of said hardware...
We can blame the big bad wardrivers, and arrest some local teenager who was checking his e-mail, or an out-of-town sales-rep who was using Google Maps to get directions to his next sales call.
Or we can say "caveat emptor", and require operators of wireless networks to do their homework. It ain't exactly hard. One solution would me to treat wireless networks like ham radio and require operators to be licensed. Do you really want that? I don't.
As I said elsewhere, I think that it is wrong for people to be arrested for using an insecure network unless they cause measurable damages. And don't give me any drivel about "theft of services" unless it it is measurable and significant. The nearest analogy that I can think of is like watching TV through someone's window from a public street. It ain't illegal; that's why we have curtains. Do the same thing with wireless Internet and suddenly your a felon.
If you are technologically behind enough to not be able to set up a router with security, does that mean you shouldn't be able to use it?
Certainly not... but do you really expect the government to subsidize the ignorance of people who don't understand technology and are unwilling to ask for help?
Try leaving your front door open and going about your business. When you get burgled, make an insurance claim, but make sure that you tell them about the open door, and see if they pay up. They probably won't, and the explanation will likely include the words "due diligence".
[ link to this | view in chronology ]
Who is the criminal
[ link to this | view in chronology ]
Granted, many have done their share of stealing as well; "file sharing" is a prime example. But if I were to get caught doing that, claiming ignorance is no excuse.
Don't do the crime if you can't do the time baby.
[ link to this | view in chronology ]
Re:Re: It *is* a crime in Canada
http://laws.justice.gc.ca/en/showdoc/cs/C-46/bo-ga:l_IX-gb:s_322//en#anchorbo-ga:l_IX-gb:s_322
Look for 326 (no period)
[ link to this | view in chronology ]
Re: Re:Re: It *is* a crime in Canada
But using the link you provided I read So, fraud, malice or lack of right must be involved. That's a different story from just using an open hotspot.
It's also interesting how they define telecomunication in your selected reference:
So, reading (reception of writing) a sign (visual) would constitute "telecommunications" according to this. Now, to follow your argument would mean that you can also go to jail in Canada for reading a sign without permission. I find that hard to believe. I think there must be more to the law than just this one little short section you selectively referenced.
[ link to this | view in chronology ]
Changes are happening
Anyway The fact is that some companies are sending there routers out with some sort of protection recently. I just upgraded to Verizon FIOS and the wireless router that came with it already had a random admin password along with a WEP key already set up and printed on the side of it. So its starting to happen and wouldnt doubt it if Linksys and D-LInk start to do this soon as well.
[ link to this | view in chronology ]
PC Licence?
My point, and I do have one: if you're going to talk about making people responsible for inadvertently breaking a law, then maybe we should consider requiring PC licenses like we do drivers' licenses. Make people pass a test whereby they prove they know what the laws are and how not to break them (or at least to know what they're breaking when they break it, like drivers, so they can answer when asked, "do you know why I pulled you over?"). No?
Then by default we will have ignorance in the user base and as a result we will have people on other people's networks. Arresting them seems rather draconian.
[ link to this | view in chronology ]
WEP anyone?
I find it ignorent that people think the law is the solution to this problem when in reality it is far more simple, teach people the importance of adding encryption to their networks and instructions on how to do it. Seeing as manufacturers could achieve this with "IMPORTANT always secure your network" or something on the box i dont see why arrests are neccacary.
[ link to this | view in chronology ]
Been there, Done that
[ link to this | view in chronology ]
Sometimes you don't know
[ link to this | view in chronology ]
Stupid People
There, I've said it. I feel better now.
[ link to this | view in chronology ]
Eat More Taco's...
[ link to this | view in chronology ]
Fools
But these people were intentionally going around and using something that other people were paying for without permission! That's illegal whether the internet's involved or not!
Someone who lives near me has their router unsecured, and i can connect to it, but the signal is so weak it's not worth it! At my uncles house however, his router is unsecured (he lives in a tiny village), and I frequently use his internet from my laptop! He doesn't give me express permission every time, but he never complains! Arrest me now? Damn...
[ link to this | view in chronology ]
Stupid People=Victim Role
They were stupid enough not to secure the router, either they didn't know how or didn't want to. They weren't smart enough to hire someone else to do it for them, or better yet to teach them about how to secure it themselves. Now they want to cry about how someone took advantage of them.
It's like leaving money spread out on your front lawn and expecting everyone in the world to be nice enough to leave it there. People aren't that nice, and if these open WiFi owners don't get that then they are in for a learning experience.
[ link to this | view in chronology ]
Is it still stealing?
[ link to this | view in chronology ]
Re: Is it still stealing?
Encouraging people to steal from you? For shame! Didn't you know that inciting someone to commit a crime is a crime?
. . .
Wow. I almost got though that with a straight face. :-)
[ link to this | view in chronology ]
It isn't stealing...
[ link to this | view in chronology ]
Don't have to use Encryption
t be able to get around while protecting the person who has the wireless router. You don't have to use WPA or WEP. You can turn on a mac address filter which most routers have. You can turn off the broadcast of the SSID so that you have to know what it is to get connected. IF someone attempts or succeeds at connecting to a network that is protected in those two manners then they aren't up to any good. I sell these things on a regular basis from a computer store. People can pay for them to be set up and at fairly reasonable prices considering how much it would cost to hire a free-lance professional. OR they can just read the instruction manual. IF they can't handle that they should have a wireless router.
[ link to this | view in chronology ]
Re: Don't have to use Encryption
[ link to this | view in chronology ]
Re: Re: Don't have to use Encryption
That's bad advise. It's like telling people that they don't really need to lock their doors at night, just turning off the porch light is good enough. Those things won't secure a wireless network.
If you have the MAC address filter turned on, and configured so that only you can get in, then other authentication should be moot. It would be like having an iris scanner on your front door. You could just walk in without needing a key, but anyone else would be locked out.
[ link to this | view in chronology ]
It should be the same as trespass
Trespass is only a crime if the person, once reasonably informed they are trespassing refuses to leave.
So I can walk across a lawn, only to find it's someones garden, and it isn't a crime. He tells me to get off his lawn and I comply.
Likewise Wifi 'theft', there's not way to tell the difference between an open connection thats deliberate or an accidental one. So it shouldn't be a crime until the person is informed that it isn't an open connection.
[ link to this | view in chronology ]
Re: It should be the same as trespass
> there's not way to tell the difference between an open connection thats deliberate or an accidental one.
Well, no technical, guaranteed foolproof way, but it's often pretty obvious. If you're in Starbucks and the guy nextdoor has set up an unsecured network call STARB1, then it's an easy mistake, and I don't think you'd end up with a conviction for that one. If you're parked in a residential area and you log on to GEEBNET, realistically you're on much safer ground assuming that it's a private network that I didn't know how to secure, rather than some public-spirited yet strangely unadvertised free access point.
It's only "virtually impossible for users to tell private, but unsecured networks from public ones that they're allowed to access" in some cases, definitely not all. There's room for a judge/jury to make a call, and that's how it should be.
In this instance, it sounds like "dishonestly obtaining electronic communications services with intent to avoid payment" is exactly what they were doing.
Putting the onus on people to secure their networks seems very optimistic in terms of the general tech-savviness of Joe Public. It's rather more fair to assume that a geezer in a blacked-out car with a foil-covered Pringles tube is sufficiently clued-up to know what he's doing.
Maybe jail is harsh for wardriving, but blaming the victim is not the answer either. And this crime could very easily have a victim.
[ link to this | view in chronology ]
Re: Re: It should be the same as trespass
[ link to this | view in chronology ]
Re: Re: Re: It should be the same as trespass
No, but I can often make quite a good guess on the basis of whether I'm somewhere that advertises free wi-fi or sitting outside someone's house.
[ link to this | view in chronology ]
Re: Re: Re: Re: It should be the same as trespass
Some cities have free access over a wide area.. Its impossible in a large city these days to make a safe guess as to which open networks are intentionally open or not, so the end-user should be given the benefit of the doubt. Sounds like some laws need to be developed, and systems improved to make all this clearer for consumers?
[ link to this | view in chronology ]
Re: Re: It should be the same as trespass
No, it isn't. Laws should be clear enough that people know whether or not an action would break them before hand.
[ link to this | view in chronology ]
Wi-fi theft
http://news.bbc.co.uk/1/hi/england/hereford/worcs/6565079.stm
[ link to this | view in chronology ]
Guilt by default
No, I don't think so. I shouldn't have to worry about whether I'm committing a crime whenever I use an open Wifi connection.
There's nothing inherently evil in accessing the Internet via an Open WiFi connection. It's just the 'fear of the unknown' we see with new things.
I should not have to rely on convincing a judge of my innocence or even a policeman, imagine if every act of trespass resulted in a court case or a police visit. You'd be terrified to cross any field or patch of scrub land for fear of being arrested.
He was prosecuted under "dishonestly obtaining electronic communications services with intent to avoid payment"
http://www.opsi.gov.uk/ACTS/acts2003/30021--c.htm
Section b of that has the problem:
"does so with intent to avoid payment of a charge applicable to the provision of that service,"
And how does he tell the difference between a free open WiFi, and one that requires some payment or condition (e.g. free only to starbucks customers, etc.).
It's unreasonable to expect that, and so the law should be amended to make it reasonable.
[ link to this | view in chronology ]
Brett:
The problem you have here is that people with Open WiFi extend an invitation through the granting of a DHCP lease. Get that through your head.
To once again use the house analogy: If someone asks to come into your house, and you have an automated butler sitting there, and you come off the street and say "can I come in" and he says "YES" then there is IS "colour of right". Whose fault is it in that case?
If they have MAC address filtering or authentication or WEP/WPA/WPA2 or VPN to a gateway and you bypass that in any way, then I'd say you don't have any rights. If the WAP is set up not to grant DHCP leases to just anyone, then that's still a mechanism to keep unwanted people out and you could be construed as bypassing it. Until any of that happens, the "colour of right" is clearly in the favor of the guest.
And while we're at it, let's read Section 327 says that it's a crime to possess tools to do this. By your logic, any one who has a WiFi card in their computer is guilty of a crime.
Shucks...guess your argument doesn't work in that case, does it? Again - the point here is why criminalize the mere act of accessing an open WAP? Granted, it does not excuse illegal use such as to send harassing e-mails or downloading illegal pornography, but that is a separate and non-conjoined issue.
[ link to this | view in chronology ]
Re: Brett:
[ link to this | view in chronology ]
Bad analogies
Note to you thieves: even if I leave my door open -- you walk in and start poking around you are guilty of illegal entry and probably burglary (most juridictions don't specify that you take anything to be guilty). You should know better than wander in a residence, regardless of the security of the residence.
If you decide to make your router available to any and all -- then they are not comitting a crime, but YOUR ISP may take a dim view of it and cut your connection since you are usually violating the TOS.
I secure my wireless using the available tools and I lock my doors. Both are ineffective against overwhelming force, and that is completely irrelevant. What is relevant is the idea even if I don't do those things, I am still protected against people helping themselves without explicit permission.
PS for all you arrogant chipheads -- before you sneer at non-techies as "stupid", you should try your hand at whatever is the center of THEIR lives. You will also need to include your own grandparents and (most likey) parents as "stupid" so what does that make you?
[ link to this | view in chronology ]
My 2 Cents
Proper hardening would include all WiFi features:
1. Use the strongest encyption available
2. Turn on MAC filtering (Access Control)
3. Turn off broadcast SSID after your configured
[ link to this | view in chronology ]
Aa)Somone help me!!!
Please write back, and help me :(
[ link to this | view in chronology ]
its harsh
But then I'm currently downloading at 100kbs from sum1's connection, but hey, its free. But then people can also access my network if they want (doesn't have an internet connection) just 60GB+ of pirate goodies!
I live in scouseland, and I'd only leave my door open if I wanted to get robbed.
[ link to this | view in chronology ]
Re: its harsh
So, if you DID leave your door open, and got robbed, you would say that the robber did nothing wrong, because you should have locked your door, and by not doing so, you gave him permission to steal your stuff? After all "hey, it's free", for the thief.
Just like the bandwidth you were stealing when you posted.
[ link to this | view in chronology ]
Re-routed to Highway Patrol
[ link to this | view in chronology ]
RE: SOMEONE HELP ME
[ link to this | view in chronology ]
!!
[ link to this | view in chronology ]
Have you all really lost sight of the Issue?
But what about the Big Deal? How do they know? All the arguments about invasion of privacy really pale out when you ask yourself how they can figure out what antenna is receiving the signal. Or Why they are looking in the first place? And if so; do they know what I watch on t.v. everyday? And if so; why are they interested. I smell a big fuckin rat and if we, as in the population of countries that claim not to take shit like that, that rat's movin in and gettin real comfy.
Also, that unlocked house analogy is ridiculous. If any of tthese guys had infiltrated a hard drive it would be trespassing; by the book, done and done. An unsecured wireless signal is floating in the the air. My computer comes with a wireless modem. Case closed. Bullshit law.
Take that Springer!
[ link to this | view in chronology ]
Re: Have you all really lost sight of the Issue?
With a wireless router, and a laptop, they can tell you're using it because you actually have to request access, at which point the modem and laptop swap information, including some that identifies the laptop.
If you're thinking about TV ratings like Neilsen's, they are actually survey books, filled out by participating families, from which overall usage is estimated. They CANNOT track your TV usage if you're watching broadcast TV with an antenna.
As far as why they want to know, they want to know the demographics of the watchers, so that they can prgram advertising at the times it creates the biggest impact. Watch wheel of fortune, and the ads will actually let you know what age groups watch that show.
Also, as I said in my other post, the wireless signal doesn't float in the air like TV. A carrier signal does, but to get internet, you must 1) connect, 2) request the specific page you want from the router.
[ link to this | view in chronology ]
Why it's different than a TV signal or loud stereo.
To connect to the internet through WIFI, you have to send a signal to the modem requesting to be connected. Then you must send a request to the modem to ask for the web page or other information you want. It's not already floating out there. You have to send the signal to request that it be sent.
One is passive, the other active. It's akin to the difference between watching your neighbor's TV through an open window, and buying a universal remote to switch the neighbor's TV to a channel of your choosing.
[ link to this | view in chronology ]
Lava Bar at Hot Rocks
[ link to this | view in chronology ]
Come in....
[ link to this | view in chronology ]