[edit] United States
Laws vary widely between states. Some criminalize the mere unauthorized access of a network, while others require monetary damages or intentional breaching of security features. The majority of state laws do not specify what is meant by "unauthorized access". Regardless, enforcement is minimal in most states even where it is illegal, and detection is difficult in many cases.[18][1]
Somes portable devices, such as the Apple iPod touch, allow on-street-hopping on open Wifi networks as a basic feature, and even use it for user geolocation.[specify]
[edit] Arrests
In St. Petersburg, 2005, Benjamin Smith III was arrested and charged with "unauthorized access to a computer network", a third-degree felony in the state of Florida, after using a resident's wireless network from a car parked outside.[19][20]
An Illinois man was arrested in January 2006 for piggybacking on a Wi-Fi network. David M. Kauchak was the first person to be charged with "remotely accessing another computer system" in Winnebago County. He had been accessing the Internet through a nonprofit agency's network from a car parked nearby and chatted with the police officer about it. He pleaded guilty and was sentenced to a fine of $250 and one year of court supervision.[21][22]
In Sparta, Michigan, 2007, Sam Peterson was arrested for checking his email each day using a cafe's wireless Internet access from a car parked nearby. A police officer became suspicious, stating, "I had a feeling a law was being broken, but I didn't know exactly what". The man explained what he was doing to the officer when asked, as he did not know that the act was illegal. The officer found a law against "unauthorized use of computer access", leading to an arrest and charges that could result in a five year felony and $10,000 fine. The cafe owner was not aware of the law, either. "I didn't know it was really illegal, either. If he would have come in [to the coffee shop] it would have been fine." He was eventually sentenced to a $400 fine and 40 hours of community service.[23][24] This case was featured on the Colbert Report.[25]
In 2007, Palmer, Alaska, 21-year old Brian Tanner was charged with "theft of services" and had his laptop confiscated after accessing a gaming website at night from the parking lot outside the Palmer Public Library, as he was allowed to do during the day. He had been asked to leave the parking lot the night before by police, which he had started using because they had asked him not to use residential connections in the past. He was not ultimately charged with theft, but could still be charged with trespassing or not obeying a police order. The library director said that Tanner had not broken any rules, and local citizens criticized police for their actions.[26][27][28]
[edit] Legislation
In 2003, the New Hampshire House Bill 495 was proposed, which would clarify that the duty to secure the wireless network lies with the network owner, instead of criminalizing the automatic access of open networks.[29][30] It was passed by the New Hampshire House in March 2003, but was not signed into law. The current wording of the law provides some affirmative defenses for use of a network that is not explicitly authorized:[31]
I. A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:
(a) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to access; or
(b) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or
(c) The person reasonably could not have known that his or her access was unauthorized.
New York law is the most permissive. The statute against unauthorized access only applies when the network "is equipped or programmed with any device or coding system, a function of which is to prevent the unauthorized use of said computer or computer system". In other words, the use of a network would only be illegal if the network owner had enabled encryption or password protection and the user bypassed this protection, or when the owner has explicitly given notice that use of the network is prohibited, either orally or in writing.[1][32] Westchester County passed a law, taking effect in October 2006, that prohibits commercial networks from being operated without a firewall, SSID broadcasting disabled, and a non-default SSID, in an effort to fight identity theft. Businesses that do not secure their networks in this way face a $500 fine. The law has been criticized as being ineffectual against actual identity thieves and punishing businesses like coffee houses for normal business practices.[33][34][35]
Search 
