It’s so easy: You see an open wireless connection called Linksys or dlink and you jump on to check your email or see if anyone has retweeted you. In fact, we did all the reporting for this story, including VoIP calls, over an unsecured Wi-Fi network.
Were we breaking the law?
“It’s not clear,” says Orin Kerr, a professor at George Washington University Law School and an expert in cyberlaw. “It’s probably OK, but you can’t rule out a prosecution.”
Though using an open Wi-Fi network doesn’t feel like hacking, the federal Computer Fraud and Abuse Act sees things differently. That 1986 law makes it a felony to access computer systems, including routers, without authorization.
But the few cases of someone in the US being prosecuted solely for Wi-Fi theft generally read like that of the Michigan man who drew a sheriff’s attention four years ago by regularly parking outside a café with an open laptop but never buying anything. He was charged with using a computer system without authorization, pleaded guilty, and paid a $400 fine.
Over time, however, the law has apparently become more tolerant of Wi-Fi squatting. For example, you’re not committing multiple felonies if your iPhone jumps from network to network while you walk down the street.
“You have to know it was unauthorized,” says attorney Jennifer Granick, former civil liberties director for the Electronic Frontier Foundation. “Otherwise, you are an accidental criminal, and generally we don’t allow that.”
Granick thinks you’re probably safe even if you purposely direct your laptop to an open signal. That’s because, as Internet users have grown more sophisticated, most networks have become password-protected. So one could argue that it’s reasonable to assume open networks are intentionally so. “Now, more than in the past, using open wireless can be considered authorized,” Granick says.
Still, no one can say for sure. The reason we lack a definitive answer, according to Kerr, is that authorities tend to prosecute open Wi-Fi usage only when they are piling charges onto real hacking crimes in order to snag a plea deal. As a result, authorized use, as it applies to the vaguely worded CFAA, has never been laid out definitively in court.
“But if anyone is charged with a crime solely for using an open wireless connection, have them give me a call,” Kerr says. “I will defend them.”
Hopefully we won’t have to take him up on that.
- By Ryan Singel - Wired