Leaving Your WiFi Open Decreases Your Fourth Amendment Rights To Privacy?
from the wait-a-second... dept
We've had numerous discussions on this site about both the legality and ethics of open WiFi networks. And yet, the issue still comes up now and again -- but who knew it was a Constitutional issue? Thomas O'Toole shares the news of a ruling in Oregon, that suggests a user who left his WiFi open gave up certain 4th Amendment rights to privacy. Though, actually, the details of the case suggest it's not so much the open WiFi that's the issue, but the fact that the guy also left illegal material in shared Limewire and iTunes folders. It was just that police were able to confirm that by connecting to his open WiFi. But the court does make a specific statement on the WiFi issue, noting:"as a result of the ease and frequency with which people use each others' wireless networks, I conclude that society recognizes a lower expectation of privacy in information broadcast via an unsecured wireless network router than in information transmitted through a hardwired network or password-protected network."While O'Toole doesn't think there's anything earth shattering about this, I'm not sure I agree. I think, in this case, the guy probably gave up rights to privacy by putting the content in shared folders that were available widely -- but I don't think that just because you're using an open WiFi network you've set yourself a "lower expectation of privacy." I would suspect that most users have no idea that it's less secure, and I wonder why the type of network used should really determine the level of 4th Amendment protections.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fourth amendment, open wifi, privacy, wifi
Reader Comments
Subscribe: RSS
View by: Time | Thread
UM does having an unlocked house door mean that?
NO
same thing with other stuff see how govt is getting scaredy pants about tech again hindering tech
SHAME ON USA
SHAME ON OBAMA
you are no better and in fact YOU WILL BE EQUAL to bush as of today and tomorrow YOU CAN TRY TO BE WORSE AND YOU MIGHT succeed
[ link to this | view in chronology ]
Re: UM does having an unlocked house door mean that?
If you grow Marijuana plants in your back yard and they can be seen from the street then the cops have probable cause to go onto your property.
You can't compare going onto private property with connecting to an open wireless network that is accessible in a public location.
If you want to run your network open but don't want people to join it then you need to lower your broadcast power so your signal doesn't go into a public place.
[ link to this | view in chronology ]
Re: Re: UM does having an unlocked house door mean that?
This guy basically put the sign in front of his house, opened the door, and left the drawer open. The cops would be able to just walk in and arrest him. If ether one of those two facts where changed (the drawer was locked/files weren't shared, or the sign wasn't there/WiFi WEP encrypted) a search without warrant is illegal. This is why the statement is there, to justify getting on his network. The shared folders justified the cops seeing what they needed.
So the moral of the story is; if you have an open WiFi and want to keep it that way, password protect your computer.
[ link to this | view in chronology ]
Re: Re: UM does having an unlocked house door mean that?
> seen from the street then the cops have probable cause to go
> onto your property.
Which they still can't do without a warrant. Probable cause is only the first step in process. After establishing probable cause, they have to go before a judge who decides whether it's valid or not, then issues a warrant accordingly. Only then can the cops enter the property.
[ link to this | view in chronology ]
Re: Re: Re: UM does having an unlocked house door mean that?
[ link to this | view in chronology ]
Re: Re: Re: UM does having an unlocked house door mean that?
Search warrants are issued when the police can show a valid justification to search areas unseen to the public.
[ link to this | view in chronology ]
Re: Re: Re: Re: UM does having an unlocked house door mean that?
Yes, it is.
> If the police can see a violation in clear view, they do not need
> a warrant.
Nope. That only gives them probable cause to present to a judge to *get* a warrant. The only exception is exigent circumstances where there's imminent risk that either evidence will be destroyed or physical harm will come to someone.
You need to stop taking your civics lessons from TV shows and movies.
> Thus probably cause.
That's not even the right term. I'm both a federal agent and an attorney. You're some guy who doesn't even know that the concept is called "probable cause", not "probably cause".
I know my job and if I went busting onto someone's property without a warrant just because I saw some pot plants in the back yard, I'd blow the case for the prosecution (because even a 1st-year law student could get all the evidence suppressed on 4th Amendment grounds) and open myself up to a Section 1983 civil suit for violation of constitutional rights under color of law.
[ link to this | view in chronology ]
Re: Re: Re: UM does having an unlocked house door mean that?
You are only partly right about Probably cause. If drugs were in plain sight, they do have every right to arrest you at that moment.
The need for a Warrant is only to search and/or access areas not in plain sight and for specific things.
So if the drugs were in your back yard and visible through the fense gate they could arrest you for that. NOW if you had a hundred pounds inside a storage shed with the door closed and locked and no windows. They would require the warrant to search that shed. IF they did not have the warrant and opened the shed without your permission then you would walk free and clear for the contents.
[ link to this | view in chronology ]
Re: Re: Re: Re: UM does having an unlocked house door mean that?
You're not even right about what it's called. It's *probable* cause, not "probably" cause.
> If drugs were in plain sight, they do have every right to arrest
> you at that moment.
Plain sight doctrine only applies when the police are already on the property with the permission of the owner. If the cops respond to a noise complaint at your house, for example, and they ask to come inside and ask you some question, and you allow it, the cops don't have the right to search your home without a warrant but they can seize and arrest based on any evidence that is in plain sight.
But if they're not even on the property, they can't enter it based on seeing some marijuana plants growing in the backyard without a warrant.
[ link to this | view in chronology ]
Re: Re: Re: UM does having an unlocked house door mean that?
[ link to this | view in chronology ]
Re: Re: Re: Re: UM does having an unlocked house door mean that?
Yes, it is true.
> Thats what probable cause means.
No, it's not. Read the 4th Amendment. Probable cause is only the *basis* for a warrant that allows search and seizure. The state can't search based on probable cause alone. A warrant must first be issued based on that probable cause.
> That they had cause based on the visual.
Yes, and when they present that to the judge and ask for a warrant, they'll most likely get one but until they do, they can't legally enter.
> The same as if you are playing loud music while sitting
> around in youre house getting high. The neighbor calls
> police. They arrive door is open on house , they nock on
> screen door or ring bell and no one hears. They now can enter
> youre home and you will be arrested when they walk in on you.
As a cop myself, you don't know how happy it makes me when I deal with suspects who think they know so much about the law but really know so little. What you wrote above is wrong on so many levels I don't even know where to start. You think cops can walk right into your home at will so long as they knock on the door first? Seriously? You really believe that?
Un-freaking-believable.
[ link to this | view in chronology ]
Re: UM does having an unlocked house door mean that?
[ link to this | view in chronology ]
Re: UM does having an unlocked house door mean that?
Wifi is a radio broadcast. If you don't want other people looking at it, encrypt it or make sure it doesn't leave your property. If it goes onto someone else's property, they have every right to tap into it. Same with any other radio broadcast.
[ link to this | view in chronology ]
Re: Re: UM does having an unlocked house door mean that?
[ link to this | view in chronology ]
Re: Re: UM does having an unlocked house door mean that?
I could maybe see that argument if someone were just receiving the signal, but when someone connects to the network they are also broadcasting back onto your property (the connection requires 2-way communication).
[ link to this | view in chronology ]
Re: Re: UM does having an unlocked house door mean that?
For example...
http://money.cnn.com/2005/07/07/technology/personaltech/wireless_arrest/
Yes, if you can receive the signal go ahead get Wireshark and listen away. But try to connect, even if its open, and you have broken the law.
In fact, sometimes its not even legal if you get permission because the person with the wireless AP is purchasing that Internet connection for their personal use and is not authorized to redistribute it.
[ link to this | view in chronology ]
Re: Re: Re: UM does having an unlocked house door mean that?
Which an open WiFi automatically gives out.
For example...
http://money.cnn.com/2005/07/07/technology/personaltech/wireless_arrest/
And if my memory serves me correctly, those charges were also quietly dropped because the prosecutors decided that there was no evidence that he actually broke any law.
In fact, sometimes its not even legal if you get permission because the person with the wireless AP is purchasing that Internet connection for their personal use and is not authorized to redistribute it.
That would be between them and their ISP. It would not make *your* actions illegal.
[ link to this | view in chronology ]
Re: UM does having an unlocked house door mean that?
With open wifi, if my computer tries to connect, and there isn't any security, your router will assign me an address on your network and let me connect.
[ link to this | view in chronology ]
@intellectual integrity: This case is really more like having your door open and kilo of cocaine on your table. If the cops drive by and see it they most certainly can arrest you for having it. These items were in folders shared through limewire AND iTunes (RTFA) to anyone on the intertubes and this was mentioned in the decision. In fact the point was made that he had to change settings to share everything in the manner in which he did. He purposefully made the materials available to the world. The open wifi connection is merely the manner in which they viewed the publicly shared material. I don't think there could be any expectation of privacy after reading the article. The open wifi isn't even really the issue here, despite Mike focusing on it for his op-ed, the core of the case was the this dude shared his stuff to the world, from multiple sources, and the wifi connection was just the vehicle that they verified it with. So it's more like giving away drugs to anyone that walks into your yard and then complaining that the cops walked into your yard, got drugs, and arrested you. The privacy issue was null and void when he shared those folders over the intertubes.
[ link to this | view in chronology ]
Re:
However, I agree with you that even if you accept that open wifi connections do not lower a users expectation of privacy, this case would be similarly decided. However, it is a scary precedent that a court might use to expand upon when a police officer sniffs a wifi connection without a warrant and says "well, it wasn't protected".
[ link to this | view in chronology ]
Re: Re:
I suggest you try it and come back with the results...
[ link to this | view in chronology ]
Re: Re: Re:
Well, the courts have frowned on such things as peepholes, hidden CCTV cameras, 2-way mirrors and the like. Or are you trying to argue that someone wearing eyeglasses or contact lenses isn't using their "naked eyes"? Seriously?
[ link to this | view in chronology ]
Re:
The key word is "reasonable". If mom doesn't know about setting up WiFi routers, then she can hire someone that does. It would not be reasonable for her to expect that she had properly secured her network knowing that she was ignorant of how to do so. Thus, she would have no *reasonable* expectation of privacy on it.
[ link to this | view in chronology ]
it is the electronic equivalent of leaving your curtains open at night and turning on a lot of bright lights inside your house. Don't be surprised when someone walking by can see what you are doing.
Another way to look at it as electronic "plain sight", sort of like a wide open garage, the passenger seat of a car in a traffic stop, or the like.
I wonder why the type of network used should really determine the level of 4th Amendment protections.
It isn't any different from those rights in real life. The police can work from what they can see in plain sight. If the guy had locked his network, sort of like putting something in the glove box instead of leaving it on the passenger seat of the car, or whatever, he would have no issue. As soon as law enforcement would have to break security or hack a key, it wouldn't be plain sight anymore.
I am surprised you are even asking, it's pretty obvious.
[ link to this | view in chronology ]
Re:
That is an idiotic comment. That's just like saying leaving your front gate open allows just anyone to kick in your door. There are other securities on your PC that block people from just connecting in. This is why Mike pointed out that he shared the files. That's like the garage metaphor you have.
I would guess that the comment was not to justify arresting him but more to justify connecting to his network and not allow this guy to get off on a technicality (even police hacking into a PC is considered illegal and is not admissible in court).
[ link to this | view in chronology ]
Re: Re:
After all, the police already use binoculars to watch people while on stakeouts (at least they do in the movies). They also use heat cameras to detect houses that are overheated and therefore potential cannabis farms. And so why not a computer to scan your unsecured network for illegal activity? In each case using technology to detect something that's freely emitted from your house unencrypted.
Leaving your front gate open doesn't allow someone to kick in your door, any more than having a road up to your front gate allows people to kick the gate in.
[ link to this | view in chronology ]
Re: Re:
His open WiFi is an open WiFi, period. If he makes thing available (sharing, open P2P network, whatever) that can be seen on that open WiFi without any passwords or any other security requirements, then it is open.
If you leave your gate open and lock your front door, you don't have any issues, and you have an expectation of privacy.
If you leave your gate open, leave your front door open, and stand there having a very loud discussion with someone about your next drug deal, you have little expectation of privacy.
The open WiFi is just that, an open invitation. If he wasn't sharing stuff, there would be no issue.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
If someone else were to say that, I might think that they were just ignorant. However, considering that it's TAM, I more inclined to think that he's just lying as usual.
[ link to this | view in chronology ]
Re: open garage door, open curtains
People walking by could look in, but they would have to take action first. Pulling aside the analogous curtains, or actually looking up my SSID and linking to my network.
Like the contents of my house or my garage, it is no one's concern what I am doing on the web. Even if my actions are illegal, unless the intruders are police with a warrant, they may not pull aside the curtains and look inside.
[ link to this | view in chronology ]
Re:
No it's not.
Open wifi allows access to the outbound connection to the internet and possibly connection to the lan which might allow access to unprotected file storage. It would take significant effort to gain access to what is displayed upon a screen connected to a computer which is connected to the lan.
[ link to this | view in chronology ]
Unsecured = Public
[ link to this | view in chronology ]
Re: Unsecured = Public
This would not be much different than a land owner providing an access road across their property. Certainly such a path can be publicly accessed, but having access to such a path does not allow the public to enter the person's yard and house. Just to keep adding to the "reasoning by analogy" pattern of various comments in this thread.
It isn't too tough to share your Internet connection without sharing your network or the computers in your network. But I don't think most people understand what is involved to do so.
[ link to this | view in chronology ]
Re: Unsecured = Public
When I got cable internet with them, and ensuing wireless for other comps in the house, those wireless connections were unsecured by DEFAULT. The tech made no mention of such things, I was not knowledgeable or aware of such things, I left it to them to take care of such things (I presumed security was part of the installation), I depend on them to inform me of such things.
Two years later I had to call them about a wireless adapter issue, and only then did the guy on the phone mention that my wireless connection was not secured. He guided me through the process of locking it down.
I've noticed there are several households in my neighborhood that have had unsecured wireless for years. I'm fairly certain they simply do not know to ask or wonder or do anything about it. There are many, many more people like that than there are people who are aware of needing or able to lock their wireless down.
To me, that is the salient point in Mike's article: the judge's statement is too presumptive about people's knowledge of wireless security (even though it may be case specific here) to be declaring their 4th amendement rights are lessened if they don't lock it up somehow.
[ link to this | view in chronology ]
Re: Re: Unsecured = Public
If they came out and installed it, then they certainly should have and if anything bad happened because of their gross negligence then I think they should be held accountable for it.
I've noticed there are several households in my neighborhood that have had unsecured wireless for years. I'm fairly certain they simply do not know to ask or wonder or do anything about it.
My WiFi is open on purpose. But then again, I know how to secure the rest of my system.
[ link to this | view in chronology ]
Re: Re: Unsecured = Public
Not at all. If people don't know how to set up their routers, they can hire someone who does. Otherwise, failure to do so indicates that they don't care and thus have no *reasonable* expectation that it is properly secured.
[ link to this | view in chronology ]
The judge does say "..lower expectation of privacy" not NO expectation of privacy.
[ link to this | view in chronology ]
Me Ponders...
What about all other non-encrypted traffic - http, etc.
I think one could make a good argument that privacy on non-protected traffic is limited ???
Just thinking out loud.
As an aside, when did not understanding how something works or the law for that matter become a reasonable excuse? Just because someone doesn't understand the public nature of an open wi-fi, a smtp e-mail or http sessions, does that mean that they should have more privacy due to their ignorance than a sysadmin type (although that may be a bad assumption that all sysadmins understand the fundementals of their trade)? They whole freedom without responsibility has always really bugged me.
Freedom
[ link to this | view in chronology ]
I dunno
I dunno, its just an open broadcast, I think he has a good point.
[ link to this | view in chronology ]
Re: I dunno
But shouldn't some distinction be made since the police have to actively log into the network, even if it IS open?
[ link to this | view in chronology ]
Re: Re: I dunno
The police also have to actively look at their radar gun to detect speeders. And the radar gun has to actively zap (to use the technical term) your car to read the speed.
Besides, laptops can be pretty good at automatically logging into unsecured wifi. And sometimes secured wifi ... obligatory xkcd
[ link to this | view in chronology ]
Re: Re: Re: I dunno
[ link to this | view in chronology ]
Re: Re: Re: Re: I dunno
[ link to this | view in chronology ]
This case is consistent with prior Fourth Amendment precedent. If you have a loud conversation in a crowded restaurant and anyone can hear you, you've waived your expectation of privacy. Same things goes for electronic communications and information that leave open for others to see.
Fourth Amendment law for the Internet is being largely established in child pornography cases like this one. As you would expect, this is leading to some decisions that find the Fourth Amendment to be quite narrow for online communications. Like it or not, this decision was consistent with the previous case law and reached the right conclusion.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
By your logic
We should believe that the desire for privacy is an indication of guilt.
[ link to this | view in chronology ]
Re: By your logic
We should believe that the desire for privacy is an indication of guilt ... says the guy posting as Anonymous Coward!
Something to hide? :)
[ link to this | view in chronology ]
By my logic
[ link to this | view in chronology ]
Wifi
> you've set yourself a "lower expectation of privacy."
I usually agree with most of your positions on various issues but not on this one. Using an open network is the very definition of lowered privacy expectation.
> I would suspect that most users have no idea that it's less secure
Not really relevant. Most people have no idea they have a lower expectation of privacy in their trash if it's set out on the curb (as opposed to remaining in their driveway) but that's how the courts have ruled.
The standard isn't based on one's personal expectation of privacy. It's based on a reasonable expectation of privacy that society is willing to recognize. In this case the judge ruled-- rightly so-- that society doesn't recognize a privacy interest in someone using a publicly accessible network.
[ link to this | view in chronology ]
If the guys actions are accurately portrayed in the article,
I'd be willing to bet that clown's PC is overloaded with viruses and other such crap as well.
[ link to this | view in chronology ]
Maybe.
On the other hand if it had a simple encrypted line it would be sufficient to claim privacy expectations because you did take steps to secure it even if it is ineffective.
Now if you open that encrypted channel and put a open door in it which anyone can find it then you can't really expect privacy.
So I do agree the type of network is not important, if it has encrypted channels is the relevant part and the judge apparently agrees as he specifically use the words "unsecured wireless network router".
What I do disagree though is the "lax security" what constitute lax security?
That should be clarified.
How are judges deciding what is reasonable or not?
Most people don't understand what a router is, ask anyone outside IT and they will tell you it is a box that connects them to the internet. They don't know it is a computer, they don't know it can be infected, hacked etc.
So what is the minimum expectation for reasonable?
Me thinks is the very act of using a encrypted channel which most view as putting a password including the judge.
The test should be, do I need to do anything to get access to that data?
If it is open and there was no steps to secure it there are no expectations of privacy, but if there was an attempt to secure it even a weak one then there should be privacy concerns.
If you encrypt something and link to a public node and exchange information with it there is no privacy
That all said I agree that the judge should not have defined the medium in which the data was being transported as less or more private he should have focused on the barriers to get to the data and the hint that because wireless is so easily used by others should have no bearing on the decision it implies that if someone do try to secure his communications and is unsuccessful he had no expectations of privacy and that is disturbing.
[ link to this | view in chronology ]
Re: Maybe.
Then, if they care, they should hire someone who does.
[ link to this | view in chronology ]
Land analogies.
The data is there be served by the owners server and it is being used by other people there are simple solutions for it that would require others to go through hoops to get to that data.
deeplinking should not be infringement in any way if the guy don't do nothing to secure his data.
[ link to this | view in chronology ]
Aggregators
Don't like people linking to you?
Just code that verifies the referrer it will block imidiatly anyone outside your website
[ link to this | view in chronology ]
I can remove my front door completely and it still does not give people the right to just walk into my house anytime they desire.
[ link to this | view in chronology ]
"reasonable" privacy
Instead of the woman being arrested for trespassing, the man was arrested because she could see him naked, making coffee.
One would think that if you stumble downstairs after getting out of bed in the morning to make coffee, you should not have to be concerned that you could go to jail if someone peeps in your window and sees you are not wearing clothes.
A reasonable right to privacy is not as simple as it sounds. If someone can see you (even if they are viewing you from your own property, without your permission) the standards for being in public can apply.
An unsecured wi-fi signal that can be picked up by neighbors or even from the public road in front of your home are can't be expected to be more private. Suppose you have naked photos on your PC and a teenager finds them via your open network. You have now given pornography to a child the same as if you had printed the pictures and left them in a box sitting on the sidewalk.
Should the contents of that box be considered private?
[ link to this | view in chronology ]
It's not doors, it's windows
The courts have ruled, many times, that if you have your curtains open so people can see in, you have willingly given up some measure of your right of privacy.
I believe the open wi-fi may be more akin to this. If you drive by, you can see in my windows. If you drive by, you can see my shared folders. I don't see a dramatic shift in fourth amendment rights here.
[ link to this | view in chronology ]
Re: It's not doors, it's windows
But what if you're too dumb to close the curtains or you just don't care if they're open?
[ link to this | view in chronology ]
Weird
This person had a shared wireless connection (ie: pubic, both in permissions and medium), and data in shared folders (ie: public, by permissions).
Law enforcement did not trespass but accepted an extended invitation for data access. As far as I can tell, there is no privacy issue because there was no private data.
I'm not sure the intent of the constitution is to protect stupid and/or ignorant people.
Tough luck. But if you're going to traffic in illegal goods, you might want to do it in a back alley, rather than in the middle of a busy street.
[ link to this | view in chronology ]
Re: Weird
The courts have ruled that a reasonable expectation of privacy plays into whether or not a search and seizure is reasonable.
[ link to this | view in chronology ]
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=949575
[ link to this | view in chronology ]
[ link to this | view in chronology ]
sd l sjdf ls lfs f
[ link to this | view in chronology ]