MD Bill Would Criminalize Theft of Wireless Access

Pickens writes "A bill presented by Delegate LeRoy E. Myers Jr. to the Maryland House of Delegates would criminalize purposely surfing the Internet on someone else's wireless connection. The bill would make intentional unauthorized access to another person's computer, network, database, or software a misdemeanor with a penalty up to three years imprisonment and a fine of up to $1,000. The Maryland public defender's office has submitted written testimony opposing the specific ban and penalty suggested in Myers' bill. Noting that wireless connections are becoming common in neighborhoods, the written testimony says: 'A more effective way to prevent unauthorized access would be for owners to secure their wireless networks with assistance where necessary from Internet service providers or vendors.'"

I don't like that word "purposely" in there...

[Panaqqa]

...after all, who is to determine whether someone purposely accessed the wireless connection. I know I have been in neighbourhoods where there were many wireless connections, and while I thought I was connecting through my host's access point, it turned out to be someone else's.

So, who it going to determine whether the access was on purpose, or the more likely alternative, accidental?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Non sequitur

[Palinchron]

The bill would make intentional unauthorized access to another person's computer, network, database, or software a misdemeanor with a penalty up to three years imprisonment and a fine of up to $1,000.

And how does purposely surfing the Internet on someone else's wireless connection match that definition? After all, the open wireless access point I use to surf the internet explicitly authorized my access when I asked him about it.

what about my network?

[netsavior]

My SSID is broadcasted as "FreeInternet" It is firewalled from my real network and unless it gets in the way of my gaming, I have no problem with whoever using my broadband. I have a "click here" to accept that you are not going to do anything illegal (via DNS intercept), mac addresses are logged, and most known methods of p2p are blocked... but if you need to check your google groups and you are near my house, why the heck would I care if you do so? It took like 2 hours to set that up. So would it still be illegal to knowingly use my "FreeInternet" network?

Re:abra-ca-de-ridiculous!

[esocid]

I suppose if it were handled like trespassing then the owner of wireless LAN could request that you leave it, and call the "cyber police" if you don't. Wait, I guess they'd be calling the secret service? Or would it be the FBI?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Stupid rednecks!

[ADRA]

There's a big difference between "open by personal preference" and "open by ignorance". If you want to distinguish the two, write a layer for the WAP negotiation which also negotiates based on the 'rights' granted by the access point. So, if I get a dummy linksys access point with a default installation, the point could still be unencrypted for 'dummy' users but declare itself to be non-public. This would mean ethical Wifi leeches would only use access points that are intended for public sharing.

This also means that there is a legal standing in how the network (your wifi point of presence) is used. If someone sets up torrents or Gnutella on my Wifi network and I get sued for copyright violations, could I be successfully sued?

If I was explicitly allowing shared access to my Wifi network, I would be willfully allowing any and all access to my network (and all the consequences). If someone drops into my network illegitimately with a private flag set, I don't know if the same legal consequences would apply? Actually, IANAL, and I don't really know if legally it would make a difference in the end. Maybe some big router company could find out and propose a solution to this anonymous access hole.

Re:abra-ca-de-ridiculous!

[moderatorrater]

I pay for and use my bandwidth. If you start stealing it, you would certainly inconvenience me.

You're almost certainly paying a fixed rate for that internet and the amount you pay will be the same regardless of whether I plug into it or not. Neither of the analogies work well because they've each got a point. However, if you don't take a few trivial steps to secure your internet from illicit use, it's a very reasonable assumption for me to make that you're okay with me using it.

I suppose that plugging my A/C into my neighbor's outdoor electrical outlet should be criminalized too? After all, he didn't put a lock-box over it.

Honestly, I wouldn't mind if my neighbor used my electrical outlet as long as he wasn't using heavily and constantly. If he didn't have an external plug and were to use mine by plugging in his weedwhacker in once a week, or plugging in the bug zapper when he was outside, I honestly wouldn't give a damn. If electricity were a flat cost (as the internet is), I wouldn't even care if he were to use it constantly and heavily as long as I could still use it when I needed to.

Re:abra-ca-de-ridiculous!

[HTH NE1]

Yeah, and I suppose that sitting in someone else's light, or perhaps walking on their lawn should be criminalized too?

How about listening to someone else's radio? I'm sure you could get the RIAA behind that one. And the MPAA for watching someone's Pay-Per-View movie through a window.

They seem to go after the emitter if it can be received unaided but after the receiver if they have to take steps to see something invisible. You wear see-through clothing in public, you're arrested for indecent exposure. You use a night-vision camera to see through otherwise opaque clothing, you're arrested for being a peeping tom.

So the point is whether the access point operator should have known he was wide open and protected himself. If you can get it to work without authenticating yourself to your access point, it stands to reason that anyone could.

Or frame it differently: I'm sure law enforcement would rather not have to get a warrant to tap a wireless access point that is open access and unencrypted. They should be hesitant to establish a presumption of privacy for EM emissions.

Tresspassing signal!

[pecosdave]

I would argue that my neighbors Wi-Fi signal was tresspassing into my home, therefore it was mine to use as it was on my property. If my neighbor had an apple tree haning over my fence any apples that fell on my side of the fence would be my fair game as well.

Re:I don't like that word "purposely" in there...

[Danga]

Remember that when I come and run an extension cord from your outdoor plugin to my equipment. Yes hour honour, he did authorize me to use it since there was power to that plug. (Saw that analaogy somewhere else in this discussion and its the best one I've seen).

That analogy is flawed since electricity is metered and most internet access in the US (at least at the consumer level which this would affect the most) is not. Most "normal" internet usage such as checking email and browsing some websites would NOT end up costing the person who is paying for the internet connection more money at ALL. Running an extension cord is completely different since you would first have to trespass on the homeowners property and then if you plugged something into it you would actually be costing them money. If you just ran the extension cord but didn't plug anything into it then that would be a closer analogy and all you would be guilty of is trespassing.

I think a better analogy (that works for metered as well as unmetered internet access) would be if your neighbor decided to keep a hose constantly running on the edge of his property right next to yours and you decided to rig up a system to store the runoff water that comes on your property to water your plants with it would not be illegal. The neighbor is freely allowing the "goods" to cross his property lines, if he doesn't want you to benefit from that then he needs to fix how he has things setup.

My guess is that this law was most likely pushed by ISP's who want everyone to pay them their monthly fee's and want to prevent people from freely sharing internet access. Like usual it sounds like it is all about the money.

The problem is fixing itself

[bamwham]

A year ago 3 of 6 Wi-Fi setups I could get from my house were unsecured and could be used, although only one of them had a strong enough signal to be reliably useful. Now 1 of 10 are unsecured. I live in a poor neighborhood with many retired renters, it seems like if they are figuring out (or stumbling across) how to secure their router than anyone can.

Re:Or maybe...

[toriver]

Good luck, you have to have defaults for setup purposes or a hardware reset.

Nah, just mandate that configuration is done through Ethernet or serial connection.

My Phillips wireless router came default with the wireless functionality switched off. That is also a good solution: You have to access the router to enable it, and the wizards you go through can advise you to turn on security.

Re:come here, sweetheart

[Double_Duo_Decimal]

If there has to be an analogy... It's more like leaving the door open to a 24/7 Mom & Pop convenience store while you go and take an indefinite piss. If I walk in, read a paper and some magazines, play some pinball, and then leave without breaking anything or making a mess, how am I being a vandal or doing anything wrong? There was no closed sign, no indication that I shouldn't be there, so why is this considered a criminal action?