A few years ago Google got in trouble for (accidentally) sniffing data from unprotected WiFi nodes. While sniffing unprotected WiFi networks wasn’t declared explicitly illegal, in 2011 a federal court hinted as much. Now, thanks to a recent ruling by a different federal judge, the question of the legality of sniffing open WiFi networks is tossed back up into the air.
Before we delve in the judge’s ruling, let’s provide you with some context.
Patent troll Innovatio IP Ventures has sued various businesses, including “hotels, coffee shops, restaurants, supermarkets”, for violating 17 Innovatio patents with their free public WiFi. In order to provide evidence towards the existence of these free public WiFis and to help prove infringement of its patents, Innovatio wanted to sniff these public WiFi networks. Because of the federal Wiretap Act, Innovatio was unsure if sniffing unprotected WiFi is legal or not. So it asked a judge to issue a preliminary ruling on the matter.
You see the American Wiretap Act makes it illegal to intercept any form of electronic communication without a court-issued warrant (unless, of course, Washington decides it is above the law). However, there is one loophole in the just-mentioned federal privacy law — it allows for warrant-less wiretapping of electronic communication if “made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public”. With its request for a preliminary ruling, Innovatio was looking to exploit this loophole. And the United States District Court, N.D. Illinois, Eastern Division is more than happy to oblige.
According to Judge James Holderman, what Innovatio is looking to do — sniff public WiFis — fulfills the requirements set out in the above-mentioned loophole; thus, it is legal and Innovatio can proceed:
Innovatio is intercepting WiFi communications with a Riverbed AirPcap Nx packet capture adapter, which is available to the public for purchase for $698.00. A more basic packet capture adapter is available for only $198.00. The software necessary to analyze the data that the packet capture adapters collect is available for download for free. With a packet capture adapter and the software, along with a basic laptop computer, any member of the general public within range of an unencrypted WiFi network can begin intercepting communications sent on that network. Many WiFi networks provided by commercial establishments (such as coffee shops and restaurants) are unencrypted, and open to such interference from anyone with the right equipment. In light of the ease of “sniffing” WiFi networks, the court concludes that the communications sent on an unencrypted WiFi network are readily available to the general public.
As ArsTechnica points out, Judge Holderman’s conclusion stands in stark contrast with the Google Street View case of 2011 in which a California judge hinted that communication over public/unprotected WiFi is not public information.
Of course this ruling by Judge Holderman is specific to this particular case at hand and other judges may come to a different conclusion, if such a situation is ever put before them. However, this ruling sure gives precedent to future cases… especially the Google Street View appeal that is coming up. So much for privacy.