FCC Fines Marriott For Jamming Customers' WiFi Hotspots To Push Them Onto Hotel's $1,000 Per Device WiFi

from the sleazy-sleazy dept

Hotel WiFi sucks. If you do any traveling, you're aware of this. Though, from what I've seen, the higher end the hotel, the worse the WiFi is and the more insane its prices are. Cheap discount hotels often offer free WiFi, and it's generally pretty reliable. High end hotels? I've seen prices of $30 per day or higher, and it's dreadfully low bandwidth. These days, when traveling, I often pick hotels based on reviews of the WiFi quality, because nothing can be more frustrating than a crappy internet connection when it's needed. But, even worse than the WiFi in your room, if you're using the WiFi for a business meeting or event -- the hotels love to price gouge. And, it appears that's exactly what the Marriott-operated Gaylord Opryland Hotel and Convention Center in Nashville did. Except, the company went one step further. Thanks to things like tethering on phones and MiFi devices that allow you to set up your own WiFi hotspot using wireless broadband, Marriott realized that some smart business folks were getting around its (absolutely insane) $1,000 per device WiFi charges, and just using MiFi's. So, Marriott then broke FCC regulations and started jamming the devices to force business folks to pay its extortionate fees.

In response, the FCC has now cracked down and Marriott has agreed to pay a $600,000 fine for the practice, while also promising to continue to make sure it doesn't make use of jammers and to update the FCC on "compliance" every three months for the next three years. The FCC found out about all of this because a customer sent in a complaint -- though its unclear if the customer just figured it out by themselves, or if some employee at Opryland stupidly admitted to the hotel's practices.

Update: Oh, and I missed the best part, as pointed out in the comments. Marriott is still claiming that what it did was legal... and for the benefit of consumers. Uh huh:
"Marriott has a strong interest in ensuring that when our guests use our Wi-Fi service, they will be protected from rogue wireless hot spots that can cause degraded service, insidious cyber-attacks and identity theft," the statement said. "Like many other institutions and companies in a wide variety of industries, including hospitals and universities, the Gaylord Opryland protected its Wi-Fi network by using FCC-authorized equipment provided by well-known, reputable manufacturers.

"We believe that the Opryland's actions were lawful. We will continue to encourage the FCC to pursue a rulemaking in order to eliminate the ongoing confusion resulting from today's action and to assess the merits of its underlying policy."


Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: fcc, fines, jammer, mifi, opryland hotel, wifi
Companies: marriott


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Whatever (profile), 3 Oct 2014 @ 2:28pm

    A couple of things. The price was "up to $1000" and not an absolutely $1000 for every use. Generally, that would be an 'old style' convention / booth space rate, similar to charging $400-$1000 to hook up power and a couple of thousand more for a 10 by 10 space. I can remember setting up convention spaces in various cities in the US and finding that their internet charges were insane. In at least one case, they would force you to deal with their prefered supplier, who would set up a T1 line (speedy as it was at the time), and you would be required to pay setup, removal, and a full month's service, even if you needed it only for a day.

    In very general terms, $250 a day for wi-fi seems high, but in convention space terms, it seems pretty much par for the course. Most hotels with WiFi intentionally make sure that the service is NOT available in their convention spaces, and charge for connectivity - installing a wireless modem in your conference room, as an example.

    Marriott certainly went over the top here, I guess just pure profiteering wasn't enough for them.

    link to this | view in thread ]

  2. icon
    Paul Renault (profile), 3 Oct 2014 @ 2:31pm

    I suppose rich people have too much money to think for themselves, eh?

    If the expensive (or even cheap) hotel I was staying at is charging anything, I feel insulted, as it demonstrates that they think I'm a fool.

    And actually, I would be a fool if I paid (really?) $1K/day for WiFi... Jeepers, for a thousand dollars you could buy a no-contract cell phone, a no-contract/burner SIM card, and use the phone as a WiFi hot-spot. Bonus: you don't have to worry about whether the hotel set up the security well (usually they don't).

    link to this | view in thread ]

  3. identicon
    Christenson, 3 Oct 2014 @ 2:36pm

    Whistleblowing?

    You call an employee who admitted to the hotel's practices stupid...but maybe the employee was whistleblowing, or simply doing a frustrated customer a favor? (Our wifi is down, but I'll get it fixed the next time you are here...)

    I can't believe our Mike is the only potential customer of that hotel that might be unhappy about the insane profiteering and broken connectivity that even the non-technical folks are increasingly taking for granted.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 3 Oct 2014 @ 2:40pm

    Re: I suppose rich people have too much money to think for themselves, eh?

    Rich people measure the quality of everything by the price that is charged to their companies expense account.

    link to this | view in thread ]

  5. icon
    That One Guy (profile), 3 Oct 2014 @ 2:41pm

    Re:

    Honestly, it really wouldn't matter what they were charging, whether $10, $100 or $1000, the second they started jamming the signals to force people to use their connection, they deserved to be slapped down hard for it.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 3 Oct 2014 @ 2:42pm

    "...they will be protected from rogue wireless hot spots that can cause degraded service, insidious cyber-attacks and identity theft,"

    link to this | view in thread ]

  7. identicon
    zip, 3 Oct 2014 @ 2:43pm

    I'd like to know what they were using to jam wifi, and if such tools are even legal to buy and sell.

    link to this | view in thread ]

  8. identicon
    Jake, 3 Oct 2014 @ 2:52pm

    What.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 3 Oct 2014 @ 2:56pm

    Re:

    Essentially all you need is a reprogrammed wifi router.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 3 Oct 2014 @ 3:13pm

    Re: "...they will be protected from rogue wireless hot spots that can cause degraded service, insidious cyber-attacks and identity theft,"

    Which customer?

    link to this | view in thread ]

  11. icon
    That One Guy (profile), 3 Oct 2014 @ 3:14pm

    Re: "...they will be protected from rogue wireless hot spots that can cause degraded service, insidious cyber-attacks and identity theft,"

    "Well you see we were robbing our customers blind, so they couldn't be robbed and taken advantage of by some other person or group, who may not have had our customer's best interests at heart.

    Just another friendly service we here at the Marriott Hotel provide.'

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 3 Oct 2014 @ 3:15pm

    "or if some employee at Opryland, aware of the wrongdoing that was going on, decided to report the hotel's practices."

    Fixed that for you. No need to assume that every employee at the hotel is a criminal. There might be one or two who are kind, law abiding citizens.

    link to this | view in thread ]

  13. icon
    MikeC (profile), 3 Oct 2014 @ 3:24pm

    Re: Re: "...they will be protected from rogue wireless hot spots that can cause degraded service, insidious cyber-attacks and identity theft,"

    I guess it's better the thief you know instead of any old thief....

    link to this | view in thread ]

  14. icon
    John85851 (profile), 3 Oct 2014 @ 3:27pm

    On the other hand

    On the other hand, how many scammers are offering their "free" wifi which can steal people's information?
    A convention is a great place to do this, especially if the scammers name their wifi "FreeMarriott" to confuse people into thinking it's the one owned by the hotel.

    So Marriott may seem heavy-handed by doing this, but what's their liability if someone got infected (especially using a *business* laptop) when the person connected to the fraudulent "FreeMarriott" wifi?

    link to this | view in thread ]

  15. icon
    MikeC (profile), 3 Oct 2014 @ 3:28pm

    Custormers Still Screwed - didn't see anything about refunds!

    So the FCC fined them 600K -- customers not seeing a dime of that in refunds for outrageous costs - am I right there.

    This really doesn't suprise me though... if the service they did deliver was fast .. then 1000$ to hook up your own wireless so you could hand it out to attendees would be ok... but if it's for one client device, that is insane.

    My firm has done numerous trade shows, normally we have to pay fee these days for decent internet connections (usually cable), 4-500$ for a week long show. It's all part of the space/booth fee.

    Not long ago though we had to bring in our own connections - usually IDSN or if we were lucky DSL. Local telco would wire us up a circuit for the duration of the show.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 3 Oct 2014 @ 3:29pm

    Re: Re: I suppose rich people have too much money to think for themselves, eh?

    I imagine the expense account angle is the key. If I am staying at Jerry's Motel in East Bumfark AR, I am paying for the night myself. Anything Jerry can do to make me want to stay there is in his best interest, so I get free or low-cost wifi in the same way I get a croissant and OJ for free off the dingy little cart in the corner of the lobby. But Hoity-Toity Hotel in downtown Pilly knows that most of its customers are on business and going to submit an expense report, which the company will just straight up pay without comment 95% of the time. So gouging for wifi is literally free money.

    I stayed at a small chain hotel out on the fringe of the city where my alma mater is located. The lady running the desk was almost indecently insistent with making sure I knew the (free) wifi password. Contrary-wise, when I stayed at a swanky hotel downtown in the same city, not only did they charge more for wifi than they charged for parking, but they were "perplexed" that despite their claims that I could get free wifi because of my cellphone carrier, their system did not recognize said condition. After saying that it should work, they helpfully offered to charge me the full rate for wifi instead (?!?!). At least the co-ed running the desk had the decency to blush when I gave her the hairy eyeball for that piece of BS.

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 3 Oct 2014 @ 3:33pm

    Re:

    There's a discussion about this happening right now on the NANOG mailing list, and the answer seems to be "no, it is not legal".

    If that's correct then it's worth noting that when Marriott does this they get fined chump change...but if a hacktivist did this (OMG anons anarchists political activists aiaiieiieeieyeee) they'd get their door kicked down, they're be beaten, they'd be tasered, they'd have every electronic device they own confiscated, they'd be charged with multiple felonies, they'd be perXXXprosecuted by vicious grandstanding federal assholes and have their lives destroyed.

    link to this | view in thread ]

  18. icon
    Zos (profile), 3 Oct 2014 @ 3:37pm

    Re: I suppose rich people have too much money to think for themselves, eh?

    yeah, good luck with that inside a convention hall. it's a concrete box saturated with signals. I can actually understand being charged a small amount for reliable data access in that situation. but any hotel that doesn't offer free wifi in guests rooms merits nothing but contempt. and he's right, the nicer the hotel the more shitty their internet policies usually.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 3 Oct 2014 @ 3:59pm

    Nothing New for Them

    I've heard that they are known for racking up the charges to corporate customers. The people attending a trade show never hear about it. If you are very careful and watch things like a hawk, you can have your event not go greatly over budget.

    Before wifi was widespread, you had to deal with the venue for trade show or in room network access. Lately wired in room is going away and the wifi is slow and capped at slow rates. I recently found (at a different hotel) the free lobby wifi was 5 time faster than the in room service. It makes a big difference when you have gigs of photos to upload to waiting editor.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 3 Oct 2014 @ 4:03pm

    Re:

    I am not sure which tool they were using, but it is very common in enterprise wireless solutions and is legal in many cases. If you read through the order on page 3 item 6 they use language that specifies that the hotel was using it on users that did not pose a risk to the security of the hotels network or its guests. In the corporate world if a company is concerned about the security of their networks they use this technology to keep people from setting up an unauthorized wifi access point within their airspace. I was just at a client this morning that we are recommending they enable that feature on their system as we were able to pop an access point on their network and man in the middle anyone who connected to it and capture the traffic passing through.

    link to this | view in thread ]

  21. identicon
    Brian Phoenix, 3 Oct 2014 @ 4:14pm

    Hotel Wifi

    The motel 6 in Phoenix charged $3 a day for lousy wifi. Super 8 next store had free wifi and I was able to use theirs.

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 3 Oct 2014 @ 4:52pm

    Gaylord Focker

    link to this | view in thread ]

  23. icon
    Uriel-238 (profile), 3 Oct 2014 @ 4:57pm

    Betcha Marriott made far more than $600,000

    This sounds very much like a wrist-slap to me.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 3 Oct 2014 @ 5:04pm

    Re:

    "The price was "up to $1000" and not an absolutely $1000 for every use."

    Oh, ok ... nevermind. Nothing to see here, move along.

    Apparently customers go elsewhere when dissatisfied.

    link to this | view in thread ]

  25. icon
    Whatever (profile), 3 Oct 2014 @ 5:21pm

    Re: Re:

    Here's the thing though... up to the point of jamming, they are within the industry norms, and the ONLY reason the FCC is involved is as a result of that. Merely blocking mifi devices from hosting multiple devices on their network wouldn't even be the issue.

    link to this | view in thread ]

  26. icon
    Whatever (profile), 3 Oct 2014 @ 5:24pm

    Re: Re: Re: I suppose rich people have too much money to think for themselves, eh?

    This isn't about in room wifi, it's about convention center wifi.

    The room wifi wouldn't be very expensive at all.

    link to this | view in thread ]

  27. identicon
    Shakakahn, 3 Oct 2014 @ 5:26pm

    My outrage around this was somewhat subdued by this reasonable post: http://blog.erratasec.com/2014/10/two-minutes-of-hate-marriot-deauthing.html

    Food for thought.

    link to this | view in thread ]

  28. icon
    DB (profile), 3 Oct 2014 @ 5:37pm

    It might be a feature on certain WiFi access points, but that doesn't mean that jamming is legal.

    The FCC is asserting that deliberate interference with radio communication, "jamming", is not allowed. Period. Full stop. You can use the bands without a license, subject to ERP (power) limits. You can even heavily use the bands. But you can't do something to deliberately block someone else from using the spectrum, even if you handwave and say that it's pretty much like just using the band.

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 3 Oct 2014 @ 5:42pm

    Re: Re:

    "[...] and is legal in many cases."

    No. You are wrong. I strongly suggest that you acquaint yourself with the relevant Federal law -- in particular, the Communications Act of 1934. I strongly suggest that you cease advising clients to enable such features until you have properly educated yourself on the relevant statutes and FCC regulations, as what you're currently telling them to do is a violation of US federal law.

    link to this | view in thread ]

  30. identicon
    Anonymous Coward, 3 Oct 2014 @ 6:06pm

    Re: Hotel Wifi

    The moral of the story: 8 > 6.

    :-P

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 3 Oct 2014 @ 6:12pm

    Re: Re: Re:

    " Specifically, such employees had used this capability to prevent users from connecting to the
    Internet via their own personal Wi-Fi networks when these users did not pose a threat to the security of the
    Gaylord Opryland network or its guests.
    "

    I suggest you go into any Hospital or business that is covered by PCI and uses WIFI that does not deauth unauthorized wifi hotspots and convince them that they are better off not protecting their networks by tossing aside security best practices and NIST guidance and see what that get. I am confident the FCC specifically stated the lack of a security threat due to the fact that many security standards require the deauthorization of unauthorized traffic. I will continue to recommend clients de-auth traffic within their networks without losing sleep. I agree that the law may read that way but there is way too much on the line from a security standpoint to go against best practices within a regulated data environment to worry about the FCC in that scenario. Other government agencies would consider the lack of that security negligence.

    link to this | view in thread ]

  32. identicon
    Scott, 3 Oct 2014 @ 6:18pm

    Re:

    All high end wireless systems have the ability to "jam" wifi. It's not really a jammer, it simply spoofs a rogue devices mac and sends endless disconnect signals, preventing potential clients from connecting to the wifi. It's generally called rogue access point containment, or something similar, and is completely legal and neccesary. It's what prevents me from setting up my own "marriot-guest" wireless then capturing your credit card or banking info.

    link to this | view in thread ]

  33. identicon
    Scott, 3 Oct 2014 @ 6:28pm

    Re:

    Sure, when you put it that way, it sounds like illegal interference. If you described it as "our system sends out messages requesting that clients disconnect from the access point, which they are able to ignore", it sounds like it's not illegal interference. That is, by the way, exactly what it is doing.
    In the context that the law was written, it's reasonable to assume that they're talking about radio interference, which this is not. If I walk down the street asking people to hang up their phones, that doesn't make me a human cell phone jammer.

    link to this | view in thread ]

  34. icon
    Uriel-238 (profile), 3 Oct 2014 @ 8:33pm

    Oh...the "Everybody else is doing it" defense.

    Sounds legit.

    They're all scumbags, and by using each other as examples to legitimize themselves, they're being even scumbaggier.

    Case in point: Data-caps in wireless telecommunications.

    link to this | view in thread ]

  35. identicon
    dj fischer, 3 Oct 2014 @ 9:42pm

    When I am on the road . . .

    . . . I VPN into my home computer where it is connected via fiber (FIOS) so that the abysmal hotel connection just has
    to feed me screens of the fast connection. It's faster than doing it directly to the 'net through the hotel connection.

    I am doing that right now.

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 4 Oct 2014 @ 1:07am

    I can't believe there's people in this thread advocating that jamming and denial of service attacks are legal. They're not.

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 4 Oct 2014 @ 2:35am

    Re: Re: Re: Re:

    So your pathetic, feeble excuse for breaking federal law is your lack of baseline security competence?

    Everyone who actually knows what they're doing -- which clearly excludes ignorant morons like you -- is perfectly capable of locking down environments without resorting to the kind of crude, ineffective tactics you're recommending. You're a disgrace to the profession of IT security. Get out.

    link to this | view in thread ]

  38. icon
    ltlw0lf (profile), 4 Oct 2014 @ 4:00am

    Re: Re:

    If you described it as "our system sends out messages requesting that clients disconnect from the access point, which they are able to ignore"

    This isn't something that you can easily, technically, ignore.

    Ignoring DEAUTH packets is a violation of the RFC, and generally causes bad thingsTM to happen. How do you manage entering and leaving a WIFI cell without DEAUTH? How do you handle an access-point going off-line, switching channels, etc. And how do you handle trade-offs between access points. If your solution is to just ignore it, you are potentially performing a denial-of-service against your own connection, or causing harm to the WIFI network you are connected to.

    There isn't any way to ignore DEAUTH packets using standard available drivers right now, though you could modify firmware/drivers to accomplish this. There is work being done on implementing real management frame authentication capabilities through 802.11w, though I am not aware of any equipment that currently provides this capability.

    If I walk down the street asking people to hang up their phones, that doesn't make me a human cell phone jammer.

    If you walk down the street asking people to hang up the phone, they still have a choice to ignore you, punch you in the face, etc. You aren't jamming their phone connection. With deauth packets, you are jamming their connection, and the FCC rightly doesn't like the jamming of public airwaves.

    What would be really interesting, in a situation similar to this one, is what would have happened on the Hotel side if the people being jammed just turned around and jammed the hotel right back. Would the hotel be screaming for the cops to intervene when their WIFI network was taken down?

    link to this | view in thread ]

  39. icon
    ltlw0lf (profile), 4 Oct 2014 @ 4:21am

    Re: On the other hand

    On the other hand, how many scammers are offering their "free" wifi which can steal people's information?

    Why should Marriott or anyone else care what is being done on anything other than their own WIFI? If someone sets up a "FreeMarriott" access point on their property, they can ask that person to leave, but they don't have any legitimate reason to care if someone sets up "FreeMarriott" in their personal vehicle sitting on a public street broadcasting next to the hotel (except maybe for use of Trademark.) What is worse, is that scammers don't need to create something called FreeMarriott to scam, all they really need to do is break into Marriott's poorly locked down computers or sit on their WIFI and sniff the unencrypted traffic and they are done.

    If the hotel really wants to prevent this from happening, provide the user with a WPA2-PSK key to use to connect to the hotel wifi, or even set up RADIUS, create an account for the person checking in, and give them their own key to connect to the WIFI using WPA2-Enterprise, and call it a day.

    There is no legitimate reason to use DEAUTH jamming; none. Not even for protecting your own WIFI. It is only used by heavy handed monopolists and petty bureaucrats.

    link to this | view in thread ]

  40. identicon
    jd, 4 Oct 2014 @ 4:35am

    Re:

    There are Wi-Fi blocking devices commonly used by businesses to prevent employees from using devices on company property. I don't think it would be difficult for someone to make one at home.

    I'm not excusing what Marriot did in anyway...

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 4 Oct 2014 @ 4:52am

    Re:

    Basically, the FCC owns the airwaves, all frequencies, so any kind of radio transmitter device needs FCC approval of some sort. Generally speaking, high-wattage transmissions need a specific operating license, while manufacturers of low-wattage units can get blanket permission from the FCC to manufacture, distribute, and sell the device to end-users who don't need to register them.

    Jamming the airwaves is absolutely legal, as long as the FCC grants its specific approval, and the jammers stay within the authorized parameters set by the FCC license. But whether the FCC actually grants such approval is another question.

    At least that was way the system worked with 'analog' radio, presumably digital would not be too much different.

    link to this | view in thread ]

  42. icon
    ltlw0lf (profile), 4 Oct 2014 @ 5:36am

    Re: Re:

    Jamming the airwaves is absolutely legal, as long as the FCC grants its specific approval, and the jammers stay within the authorized parameters set by the FCC license.

    I'll just leave this right here.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 4 Oct 2014 @ 7:36am

    Re: Re: Re: Re: Re:

    No, "my feeble excuse" is NIST and ISO standards the recommend/require in some cases deauthorization of unauthorized 802.11 traffic. And you are obviously clueless.

    link to this | view in thread ]

  44. icon
    MikeC (profile), 4 Oct 2014 @ 8:14am

    Re: Re: Re:

    You both are wrong and right ... you can block traffic within your airspace as long as you don't block other folks traffic nearby. Specifically from CISCO:
    =====================================================
    As containment renders any standard 802.11 network completely ineffective, containment
    measures should taken in your airspace. Extreme caution should be taken to ensure that
    containment is not being performed on a legitimate network nearby and, action should only be
    taken as a last resort. Unauthorized containment is prosecutable by law (subject to the FCC’s
    Communications Act of 1934, Section 333, ‘Willful or Malicious Interference’).
    ===================================================

    However PCI standards require you take this into account:
    --------------------------------------
    PCI Compliance
    Understanding and remediating against wireless threats is also a requirement under the Payment
    Card Industry Data Security Standard (PCI DSS), a standard required for retailers to follow when
    processing credit card data over WLAN networks. Examples of WIPS requirements under PCI DSS
    include:
    Section 9.1.3 Physical Security: Restrict physical access to known wireless devices.
    Section 10.5.4 Wireless Logs: Archive wireless access centrally using a WIPS for 1 year.
    Section 11.1 Quarterly Wireless Scan: Scan all sites with card dataholder environments (CDE)
    whether or not they have known WLAN APs in the CDE. Sampling of sites is not allowed. A WIPS
    is recommended for large organizations since it is not possible to manually scan or conduct a
    walk-around wireless security audit of all sites on a quarterly basis
    Section 11.4 Monitor Alerts: Enable automatic WIPS alerts to instantly notify personnel of rogue
    devices and unauthorized wireless connections into the CDE.
    Section 12.9 Eliminate Threats: Prepare an incident response plan to monitor and respond to
    alerts from the WIPS. Enable automatic containment mechanism on WIPS to block rogues and
    unauthorized wireless connections.
    ------------------------------------------------

    So you both have points.

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 4 Oct 2014 @ 8:54am

    Re: Re: Re: Re:

    If you read the language used in the consent decree it is clear the FCC was careful to not say "Deauthenticating Wifi access points is illegal under any circumstance"
    The Bureau investigated the complaint in order to assess Marriott’s compliance with Section 333
    of the Act. In the course of its investigation, the Bureau discovered that one or more Marriott employees
    had used the containment capability discussed in paragraph 5 in a manner that the Bureau believes violates
    Section 333. Specifically, such employees had used this capability to prevent users from connecting to the
    Internet via their own personal Wi-Fi networks when these users did not pose a threat to the security of the
    Gaylord Opryland network or its guests

    If the FCC truly wanted to make WLAN Deauthentication illegal they would not imply there are manners that do not violate section 333. They also would not be just going after Marriot they would be fining Cisco, Motorola, Aruba, ETC that market the technology in the US as they have with companies marketing cell jammers.

    link to this | view in thread ]

  46. identicon
    Anonymous Coward, 4 Oct 2014 @ 11:43am

    Re: Re: Re:

    Which is kinda part of the point of the OP, that the industry norm is to offer terrible wifi at inflated prices.

    link to this | view in thread ]

  47. identicon
    Anonymous Coward, 4 Oct 2014 @ 11:44am

    Re: Re: Re: Re:

    Just because it's legal doesn't make it good for consumers and it doesn't mean we can't complain about it.

    link to this | view in thread ]

  48. identicon
    Anonymous Coward, 4 Oct 2014 @ 11:51am

    Re: Re: Re: Re: I suppose rich people have too much money to think for themselves, eh?

    The person in the OP is complaining about the time(s) when s/he was charged for Wifi.

    link to this | view in thread ]

  49. This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 4 Oct 2014 @ 11:52am

    Re: Re: Re:

    "they are within the industry norms"

    In addition to complaining about the jamming we are here to complain about the industry norm. If you don't like it you can get lost and find another website to troll or you can start your own blog.

    link to this | view in thread ]

  50. icon
    ltlw0lf (profile), 4 Oct 2014 @ 12:14pm

    Re: Re: Re: Re: Re: Re:

    No, "my feeble excuse" is NIST and ISO standards the recommend/require in some cases deauthorization of unauthorized 802.11 traffic.

    Citation please.

    I am not aware of any NIST guidance that requires WIFI deauth packets be used. NIST SP 800-153 talks about using WIDPS only for monitoring. General NIST guidance is that rogue access points should physically be removed. PCI DSS does not say anything about deploying automated wifi containment, and section 11.1 talks about using IDS/IPS only for monitoring for rogues. The PCI DSS Information Supplement v2.0 talks about using containment, but only against devices that are connected to the CDE. It also recommends physical removal of rogue access points. "Many wireless IPS systems provide the ability to prevent clients from associating with an unauthorized AP or can disable an ad-hoc network. However, efficacy of these techniques varies widely, and while they can provide adequate temporary mitigation of the risk, unauthorized devices should be physically removed from the CDE as soon as possible" - https://www.pcisecuritystandards.org/pdfs/PCI_DSS_Wireless_Guideline_with_WiFi_and_Bluetooth_082211. pdf, section 4.3.1.

    And best practices are against you. Note, the last document is a CISCO best practices document, that specifically states "Note that it is critical to evaluate (or avoid altogether) rogue auto-containment, as there are potential legal issues and liabilities if left to operate automatically."

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 4 Oct 2014 @ 1:50pm

    Re: Re: Re:

    According to this FCC document

    http://transition.fcc.gov/pshs/docs/summits/Combating-Contraband-Cell-Phones-in-Prison-Hando ut-v4.pdf

    even state government authorities (but not federal) are prohibited from using jammers, as many state prisons have been known to do to stymie prisoners' attempts to communicate via cellular networks. Instead, the FCC recommends cellphone "call capture systems," while insisting that any deployment needs to be authorized by the FCC, or it's illegal.

    Also of note, the maker of "Stingray" interceptors lied to the FCC in order to get a license.

    http://benswann.com/company-behind-stingray-cell-phone-surveillance-tool-lied-to-the-fcc/

    link to this | view in thread ]

  52. icon
    JMT (profile), 4 Oct 2014 @ 4:12pm

    Re: Re: Re:

    "...up to the point of jamming, they are within the industry norms...

    The real problem is staring you right in the face and you still completely miss it.

    link to this | view in thread ]

  53. identicon
    Anonymous Coward, 4 Oct 2014 @ 4:20pm

    I'm guessing Marriott won't mind the soon-to-follow Yelp reviews, right?

    link to this | view in thread ]

  54. identicon
    Roderick, 4 Oct 2014 @ 4:24pm

    the higher end hotels

    I'd just like to point out that the really top hotels, like Gleneagles in Scotland, provide inclusive, high-speed WiFi at no extra charge. Of all the places I've stayed, the best WiFi has been in the truly special 5-star establishments. Second best is in youth hostels. Everywhere in between will suck you dry, while trying to jam up your web traffic with amateurish malware to insert extra ads in your browsing.

    link to this | view in thread ]

  55. icon
    Whatever (profile), 4 Oct 2014 @ 6:12pm

    Re: the higher end hotels

    Roderick, again, you need to understand that this story isn't about in room wifi, it's about convention center / meeting space wi-fi. Personal room wi-fi was not and is not an issue here..

    link to this | view in thread ]

  56. icon
    Derek Kerton (profile), 4 Oct 2014 @ 7:24pm

    Re: Re:

    According to federal law and FCC regs, it is illegal to deliberately jam wifi in the unlicensed bands. But it is unlikely the Hyatt was doing this, because it would also interfere with their own $1000 wifi.

    More likely, the Hyatt was jamming the cellular signal to people's phones and Mifis, which is a big federal no-no, cuz big biz interests like Verizon and ATT lose their sheet when that happens.

    If the Hyatt were jamming instead the cellular signals that powered the Mifis, then it is absolutely illegal to even transmit any unauthorized signal on spectrum licensed to some wireless carrier, let alone use a jammer.

    link to this | view in thread ]

  57. identicon
    Anonymous Coward, 4 Oct 2014 @ 9:33pm

    Re: Re: Re: Re:

    He's basically admitting that the industry norm is to do everything short of jamming signals and breaking the law. How is that supposed to result in customers not complaining?

    link to this | view in thread ]

  58. icon
    PacoBell (profile), 4 Oct 2014 @ 10:19pm

    Re: Re:

    That's a poor analogy. A better one would be if all cell phones automatically responded to that request by hanging up and you knew they would do that.

    link to this | view in thread ]

  59. icon
    ltlw0lf (profile), 5 Oct 2014 @ 6:38am

    Re: Re: Re: Re:

    Also of note, the maker of "Stingray" interceptors lied to the FCC in order to get a license.

    Not at all surprised by that, given that they tend to want people to lie and hide the use of Stingray in court or court documents.

    link to this | view in thread ]

  60. icon
    LVDave (profile), 5 Oct 2014 @ 8:22am

    Re: Re: Re: I suppose rich people have too much money to think for themselves, eh?

    Marriot is particularly bad about this.. There is actually two "Marriots", the big swanky hotel-type Marriots,
    and the motel-style Marriots. The motel-style Marriots go by names like "ResidenceInn" etc.. Waaay back in 2004, I stayed in the downtown Atlanta Marriot and was charged $10/day for wifi, and later on that same trip I stayed at a Marriot ResidenceInn in Sarasota Florida, and the wifi was free. Seems somewhat backwards somehow...

    link to this | view in thread ]

  61. identicon
    J1, 5 Oct 2014 @ 11:03am

    Re:

    My question too. I thought this type of jamming was a crime. Does anybody know? And if so, will the employees responsible be prosecuted?

    link to this | view in thread ]

  62. identicon
    Rick, 5 Oct 2014 @ 12:44pm

    Re: Nothing New for Them

    Ever been to a "resort" hotel? Could be marriott, Hilton, doesn't matter really. Upon checkout, I ALWAYS have bogus charges on the statement. Parking, spa charges, fitness center, movies. You name it. They think people won't look at the bill; that they'll just pay it. Many do. And that's what they're banking on. What a flippin' racket. And they wonder why we cast a dirty look at them when get a bogus bill.

    link to this | view in thread ]

  63. identicon
    Right wing nutter, 5 Oct 2014 @ 5:52pm

    Re: Re: I suppose rich people have too much money to think for themselves, eh?

    No. Mid level executives who aren't going much higher measure quality by how much is billed to their expense account. The rich pay attention to that kind of stuff in a "fool me once shame on you, fool me twice shame on me" fashion. As they become aware of this they won't be booking this place again.
    Which is why the management tried to cover up, and then spin. Starting this practice up again would cost them more than they've gouged.

    link to this | view in thread ]

  64. identicon
    Mark Noo, 5 Oct 2014 @ 8:21pm

    "These days, when traveling, I often pick hotels based on reviews of the WiFi quality, because nothing can be more frustrating than a crappy internet connection when it's needed."

    Beautiful statement. It brought a single, triumphant tear of joy to my eye.

    link to this | view in thread ]

  65. icon
    Niall (profile), 6 Oct 2014 @ 5:46am

    Re: Re: the higher end hotels

    Even so, it's an absolutely ridiculous price to pay PER DEVICE. We are talking about anyone's individual mobile phone or laptop or tablet - which is a lot of devices in a conference centre. It would be one thing if they were charging $1000 for a high-end connection for a local high-bandwidth wi-fi that anyone attending the conference could use, or even charged a nominal amount.

    Jamming a person's own service into the bargain is really adding insult to injury, quiet aside from the legalities of the issue.

    link to this | view in thread ]

  66. icon
    nasch (profile), 6 Oct 2014 @ 5:52am

    Re: Re: Re: Re: I suppose rich people have too much money to think for themselves, eh?

    The motel-style Marriots go by names like "ResidenceInn" etc.

    I don't think Marriot operates any motels. Certainly Residence Inn, Fairfield Inn, and Courtyard are not motels.

    link to this | view in thread ]

  67. icon
    DannyB (profile), 6 Oct 2014 @ 6:43am

    If Marriott is truly concerned about people's MiFi hot spots interfering with their wireless network, then they need to give people a reason NOT to use their MiFi by giving registered guests free WiFi. Then their WiFi network would not be competing with other WiFi hotspots.

    If Marriott is concerned about security, they could ensure that only registered guests have access by issuing a password.

    If Marriott complains that they cannot offer WiFi for free, because it costs money to install and then has an ongoing cost to operate, I would point out the following. Marriott offers other things for free that cost substantial money to install, and have some ongoing costs to operate:
    * Free Air Conditioning / Heating
    * Free Color TV
    * Free drinking fountains
    * Free use of electrical outlets
    * Free indoor plumbing

    Does WiFi cost as much to install as central air conditioning? Indoor plumbing? Does WiFi cost anywhere near as much to operate as air conditioning? Cable TV?

    I won't hold my breath waiting for Marriott's response. But now I realize that I have made a serious mistake by posting this. Marriott will now have additional charges for air conditioning, indoor plumbing, etc. (please don't throw things at me now that Marriott will start charging for these things! I didn't mean to inspire them to create new charges! Really.)

    link to this | view in thread ]

  68. icon
    John Fenderson (profile), 6 Oct 2014 @ 6:57am

    Re: Re:

    Well, I certainly would. I don't pay for any hotel's WiFi because that's just a silly and stupid thing to do. If a hotel was blocking my ability to run my own hotspot, I'd move on to the next hotel down the road.

    link to this | view in thread ]

  69. icon
    John Fenderson (profile), 6 Oct 2014 @ 7:04am

    Re: Re:

    "if a company is concerned about the security of their networks they use this technology to keep people from setting up an unauthorized wifi access point within their airspace."

    Well, first, it isn't their airspace, and they have no right to claim control over it like that. Period. Second, what threat does "an unauthorized wifi access point within their airspace" pose to their networks? None whatsoever -- those hotspots are not connected to the hotel's networks.

    link to this | view in thread ]

  70. icon
    John Fenderson (profile), 6 Oct 2014 @ 7:06am

    Re: Re:

    "is completely legal and neccesary"

    Legal? That seems debatable, since the FCC is claiming otherwise at least in Marriot's case. Necessary? Not by a longshot.

    link to this | view in thread ]

  71. icon
    John Fenderson (profile), 6 Oct 2014 @ 7:08am

    Re: Re:

    They aren't jamming in the usual sense of the word -- that is, they aren't broadcasting noise loudly to drown out all the radio signals on WiFi frequencies (or their own WiFi wouldn't work). What they're doing is more like spoofing, to selectively block "unauthorized" access points.

    link to this | view in thread ]

  72. icon
    John Fenderson (profile), 6 Oct 2014 @ 7:12am

    Re:

    Why did this subdue your outrage?

    link to this | view in thread ]

  73. icon
    John Fenderson (profile), 6 Oct 2014 @ 7:14am

    Re:

    "The FCC is asserting that deliberate interference with radio communication, "jamming", is not allowed"

    Except that technically this isn't what Marriot did. They weren't interfering with any radio communication -- all radio transmissions were being allowed to be sent and received without interference.

    link to this | view in thread ]

  74. icon
    John Fenderson (profile), 6 Oct 2014 @ 9:57am

    Re:

    WiFi is what is known as a "profit center": it's basically free money for the hotel. The more they can charge for it, the more free money they're getting. The rates they charge have nothing to do with installation or operating costs.

    "they need to give people a reason NOT to use their MiFi by giving registered guests free WiFi."

    True in principle, but I think it's important to note that this case doesn't involve hotel guests at all. It's the attendees to a conference held in their conference rooms.

    link to this | view in thread ]

  75. icon
    DannyB (profile), 8 Oct 2014 @ 8:03am

    Re: Re:

    Yes, I get that. And I'm glad the FCC is not allowing Marriott to interfere with the properly licensed use of the limited resource of spectrum.

    But as I say, if Marriott was really concerned about . . .

    link to this | view in thread ]

  76. icon
    DannyB (profile), 8 Oct 2014 @ 8:06am

    Re: Re:

    > Basically, the FCC owns the airwaves, all frequencies,
    > so any kind of radio transmitter device needs FCC approval

    The FCC regulates the airwaves. We, the people, own the airwaves, or more properly the spectrum. The spectrum is a limited resource. Like water, forests, and breathable air. Therefore, it should be regulated in the public interest.

    (Of course government seems less and less interested in the public interest, but I'm glad that in this instance the FCC is doing its job.)

    link to this | view in thread ]

  77. identicon
    None, 11 Oct 2014 @ 3:18pm

    Applicable Law

    The Communications Act of 1934
    Section 301 - requires persons operating or using radio transmitters to be licensed or authorized under the Commission’s rules (47 U.S.C. § 301)
    Section 302(b) - prohibits the manufacture, importation, marketing, sale or operation of these devices within the United States (47 U.S.C. § 302a(b))
    Section 333 - prohibits willful or malicious interference with the radio communications of any station licensed or authorized under the Act or operated by the U.S. Government (47 U.S.C. § 333)
    Section 503 - allows the FCC to impose forfeitures for willful or repeated violations of the Communications Act, the Commission's rules, regulations, or related orders, as well as for violations of the terms and conditions of any license, certificate, or other Commission authorization, among other things.
    Sections 510 - allows for seizure of unlawful equipment (47 U.S.C. § 510)
    The Commission's Rules
    Section 2.803 - prohibits the manufacture, importation, marketing, sale or operation of these devices within the United States (47 C.F.R. § 2.803)
    Section 2.807 - provides for certain limited exceptions, such as the sale to U.S. government users (47 C.F.R. § 2.807)
    The Criminal Code (Enforced by the Department of Justice)
    Title 18, Section 1362 - prohibits willful or malicious interference to US government communications; subjects the operator to possible fines, imprisonment, or both (18 U.S.C. § 1362)
    Title 18, Section 1367(a) - prohibits intentional or malicious interference to satellite communications; subjects the operator to possible fines, imprisonment, or both (18 U.S.C. § 1367(a))

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.