Michigan Man Charged for Using Free WiFi 848
Nichole writes "Sam Peterson II was charged with unauthorized use of computer access for using a coffee shop's free WiFi. He is facing a 5 year felony charge and a $10,000 fine but apparently got off lucky and received only a $400 fine and 40 hours of community service because he was a first time offender. 'it seems few in the village of Sparta, Mich., were aware that using an unsecured Wi-Fi connection without the owner's permission--a practice known as piggybacking--was a felony. Each day around lunch time, Sam Peterson would drive to the Union Street Cafe, park his car and--without actually entering the coffee shop--check his e-mail and surf the Net. His ritual raised the suspicions of Police Chief Andrew Milanowski, who approached him and asked what he was doing. Peterson, probably not realizing that his actions constituted a crime, freely admitted what he was doing ... [the officer] didn't immediately cite or arrest Peterson, mostly because he wasn't certain a crime had been committed.'"
You're kidding, right? (Score:5, Insightful)
He didn't know he was breaking the law
The COP didn't know he was breaking the law
The STORE OWNER didn't know he was breaking the law
So how exactly did he wind up getting a $400 fine, community service, and a diversion sentence out of it?
Common sence tells me that there's nothing for him to "divert" - I suspect if you had just TOLD him he was breaking the law, he'd have said "oops - sorry - I won't do it again"
What a waste of resources.
This is ridiculous (Score:5, Insightful)
This shouldn't be a crime (Score:2, Insightful)
Don't talk to cops! (Score:5, Insightful)
Sheesh (Score:2, Insightful)
If you don't want unauthorized people accessing your unsecured Wi-Fi network, then provide your customers with the access information on a receipt or something. If hotels can do it surely a coffee shop can figure it out.
What the heck is a "diversion program"?
This is silly (Score:5, Insightful)
If a coffee shop wants to limit its "free wifi" to paying customers only, there is plenty of technology out there to do that. Having worked for a company that sold wireless equipment to coffee shops, I can't believe that they would have been ignorant of this fact, as my company and several others probably would have been constantly bombarding them with sales people trying to sell them products that do exactly that.
If a coffee shop has big signs that say "Free WiFi!" and I am able to pick up a clear signal outside of the coffee shop and connect to it, I can't reasonably be expected to know that "free" to them means "to paying customers only" unless it was explicitly stated on those same signs. Even so, what if this guy picked up the signal from somewhere out of sight of the coffee shop? How could he reasonably be expected to know it was not intended as a public access point, unless the SID was something like "buycoffeeorGTFO"?
Keep your mouth shut. (Score:5, Insightful)
Question: "What are you doing" (cop probably thought he was looking at porn and masturbating in public) Answer: "I'm working on my computer. How's your day going?" Question: "Great. Have a nice day."
Open access point==permission? (Score:2, Insightful)
Fair or not, your responsibility... (Score:4, Insightful)
I'd argue against it but, frankly, without it, Paris Hilton's, "Like, uh, I'm rich! My nail buffer said I could like totally keep driving with a suspended license. I, like, had no idea that was bad." would have been a valid defense.
Re:You're kidding, right? (Score:5, Insightful)
Something doesn't add up here. (Score:4, Insightful)
It's not clear from the article... (Score:3, Insightful)
If it was for private use, shouldn't it be the owner pressing charges? I mean, that's the person nominally injured. And it's not like this was, say, a murder.
Still, lesson learned.
Bravo! (Score:5, Insightful)
A job well done to chief Milanowski. Way to dig for a tool to hit the guy with. Instead of tracking down drug dealers, thieves or physically abusive spouses - or even setting speed traps - he's protecting the town against wi-fi users. I feel so much safer...
I wonder if it came into consideration the idea that a) using a freely offered wi-fi connection doesn't seem to cover the intent of the law as described; and b) the cafe offered the wi-fi connection _freely_. Whether it was offered specifically to customers or anyone in a radius - which isn't made clear - the cafe was offering and didn't even complain about the guy using it. They certainly could either post a sign saying, "Must be a customer to use this service," like restrooms, or enable a key that would be given out only to customers.
Again, Bravo! to chief Wiggum - oops, Milanowski - for going well out of his way to bust someone. You, sir, are a shining example of what law enforcement should be like - in a police state...
Felony == criminal (Score:5, Insightful)
This is an example of why mandatory minimum sentences are bad. It's done to "get tough" on criminals, but all it does is force judges to "get stupid" and not be able to apply any judgement to cases like this one.
Re:So using this logic.... (Score:4, Insightful)
That analogy holds right up to the point you send your first packet to their network. After that, you are no longer a passive spectator...you are playing in a completely different ballgame, with completely different rules.
When you ask yourself "am I allowed to use this network?", "I don't know" does not equal "yes". The onus is upon you to verify that you are not trespassing before proceeding. In this particular case, it doesn't initially appear that any malice was involved. $400+40hrs sounds a little steep, but not in the realm of the unreasonable.
Re:So using this logic.... (Score:5, Insightful)
No. In your example, there's no computer involved.
Really, there are two contradictory laws at stake, here.
1) According to the FCC, it's perfectly legal to receive ANY BROADCAST TRANSMISSION. I can set up a radio receiver and pick up whatever happens to be in the air. This includes wifi broadcasts, which are really nothing more than a cordless phone combined with a MODEM.
2) But, it's also illegal in most areas to "access computers or computer networks without permission". They stand in contradiction to each other. The part that's odd here is that the WIFI spot announces itself as unencrypted, sort of like a welcome sign. How did this guy not have permission to access the network?
I personally think that wireless networks, even those that are being broadcast in unlicensed spectrums (like wifi) should be illegal to access if the "digital doorknob" is locked. If you have to enter in a password or decryption key, even a weak one like WEP, it's illegal to access. But, if it's open/unencrypted, then you should be free to act with impunity.
This is how we interpret things more physically. AFAIK here in California, if you approach my house and the front door is closed such that you have to turn the doorknob to enter it, it's illegal to enter without a specific invitation. (EG: "Come on in" sign, me hollering for you to, whatever) But if the door is open, you can enter with impunity - having the door open can be considered an invitation to enter.
(IANAL, etc)
So why would wireless networks be any different? Don't want people accessing your network? Put up a password/encryption key. Otherwise, your door is open, and people can (and probably will) enter.
PS: More than once, I've trolled middle-class neighborhoods for a hotspot in a pinch. It seems that the best neighborhoods are the straight-up middle class ones - lower classes don't tend to have high-speed connections, upper classes tend to hire tech weenies to set up their networks, and they usually secure them. But the guys in the middle buy their Linksys routers at Best Buy, take them home, plug them in, they work, and they stop there.
Re:You're kidding, right? (Score:1, Insightful)
Umm, sorry, ignorance is not an acceptable excuse for breaking the law. He either did or didn't.
Re:This is ridiculous (Score:5, Insightful)
Re:Windows XP just connects... (Score:3, Insightful)
Damned if ya do....You know the rest.
Re:So using this logic.... (Score:5, Insightful)
Oh well that makes the totally unreasonable nature of what happened OK then. I'm glad that I'll only ever be arrested for things that are illegal so as long as I'm not a terrorist criminal pirate general bad guy I'll be fine. I'm also glad I can trust the government to keep the letter of the law such that it only makes bad stuff illegal.
I like it here in your little fantasy world. I'd stay, except I'm not a total bloody retard.
Re:Oh, please (Score:3, Insightful)
You can encrypt it, or in this case ask for a password.
Broadcasting my radio into your house doesn't mean it's a crime for you to listen to it. The fact that you need a reciever changes nothing.
Don't like it? don't broadcast.
Re:Cue the Slashdot chorus... (Score:4, Insightful)
Your insurance company sure thinks it is. Ask them if they will pay out under these circumstances?
Laws and Mores (Score:5, Insightful)
We can not legislate all aspects of human behavior. It simply won't work.
Healthy societies have both laws and mores to shape human behavior. Laws derive from a logical/thinking framework, and mores are primarily from an emotional/feeling framework. All people have the ability to use both thinking and feeling in making decisions about what is right or wrong. But in American society, and more generally in a capitalist mentality, laws and money interests have so completely dominated that people have forgotten about the mores.
Mores are like laws, but enforced by society feedback, typically emotional feedback. People frown at Bob if he acts like an ass, and he understands that he should stop acting like that, because Bob doesn't like it when people frown at him. That is because Bob is healthy and likes to have healthy happy people around him. Note, nowhere in here are we able to legislate that Bob "acting like an ass" is illegal in a logical way.
We can that the Bush administration as the PRIMARY promoter of this mentality: "If it is not illegal, than I can get away with it." As such shining examples leading the USA today, more and more people (like Enron) are saying, "Hell, why not me too?"
This problem will not stop unless and until people start giving strong emotional feedback (disapproval, and eventually ostracizing people) for bad behavior.
Re:Felony == criminal (Score:5, Insightful)
Re:You're kidding, right? (Score:5, Insightful)
Here, we have a specific case where neither the perp, the cop, NOR the store owner were aware of the existence of the law - it seems to me that "justice" would have been much better served by just *informing* everybody about the law, so that it wouldn't happen again.
The point of law is NOT to prosecute people, or put them in jail - it's an agreed-upon set of rules that we agree to follow when we join a society, so that society can function smoothly. Prosecution - and subsequent punishments - are intended to be coercive measures to enforce compliance with these rules.
If ever there was a case of "This time, I'll let you off with a warning", this is it.
Re:You're kidding, right? (Score:3, Insightful)
Exactly. The GP called this a "waste of resources", but the only one who is out anything is the guy, for whom I guarantee the $400 is only the beginning of his expenses. He's probably also paying court fees, paying fees to whoever tracks his community service (probation officer, maybe, though TFA doesn't mention probation), and paying fees to enroll in whatever a "diversion program" is.
They may have actually been reluctant to prosecute cases like this before. But now that they have, and tasted the sweet green blood of a new revenue source, expect them to vigorously pursue this kind of case in the future.
Re:...eh? (Score:3, Insightful)
This is similar to a shop-owner buying a fancy new LED sign that has the options of "Open", "Closed", and "Everything in the store is free to take, no questions asked". The shop-owner plugs in the sign, but doesn't bother checking to see what it's set at.
I don't know if that makes an argument
Re:So using this logic.... (Score:3, Insightful)
While it might be legal to receive any broadcast transmission, it would be difficult to check email and surf the web without transmitting something.
This application of the law is, of course, ridiculous. The EFF or someone should really step-in and do something.
Personally, I would have fought tooth and nail over this law had it been me. I *might* could be persuaded into agreeing that it is wrong (morally though not legally) to sit outside someones house and mooch their unsecured wifi but this is a public business that, presumably, advertises (or at least provides) this service to the public in order to increase business.
Re:So using this logic.... (Score:5, Insightful)
I know we all love analogies around here, and most of them are pretty off the wall, so let me see if I can come up with a more direct correlation to all the parts of the "crime" here.
Your front yard has a water fountain sitting next to the sidewalk. You pay for the water. The fountain only works by use of a key. But you have a machine sitting next to the fountain that produces a key for anyone who presses a button labelled "Press here to request access to water fountain". Am I committing a crime by pressing the button and then drinking the water?
being without surveilance != up for grabs (Score:2, Insightful)
Still I find the punishment too harsh
Re:So using this logic.... (Score:3, Insightful)
Re:So using this logic.... (Score:5, Insightful)
Hear hear!!
Man..this sucks...neither he nor the operator of the coffee shop knew they were committing a crime, it sounds like the owner of the open wifi didn't care to press any charges, and YET, this guy while getting off 'easy' is now a convicted FELON!! So much for the rest of his life as far as getting jobs, owning a firearm, or possibly even voting.
On another note....I wonder what other states have laws like this??
Re:Bravo! (Score:1, Insightful)
Huh? A typical cop would arrest the guy and then see if there's something to charge him with. He did the right thing, and is following the letter of the law. If he sees a crime being committed it is his duty to do something about it, no matter if you think it isn't a crime or not.
Re:So using this logic.... (Score:5, Insightful)
Re:So using this logic.... (Score:3, Insightful)
Re:So using this logic.... (Score:5, Insightful)
Actually, if our legal system were rational, there would be a trivial answer: As soon as that packet is either accepted (and forwarded) or rejected (and bounced) by the AP, you'd know. If the packet was accepted, then the AP has in fact allowed you to use it. And it didn't do this by accident. It was explicitly programmed to behave that way. Or, more likely, the software has config setting saying whether to accept or reject packets from unregistered devices, and the AP's owner has set this to "accept". You should be able to tell the court "My packets were accepted and delivered; it's clear that I was in fact allowed to use the AP."
The tired old road analogy might help: If you're driving along, pass through an intersection, and continue on the road on the other side, how do you know if it's legal for you to drive there? Pretty much everywhere in the world, the same rule applies: If there's some sort of "no entry" or "private road" sign, then you probably shouldn't drive there. If there's no such sign restricting access, then you are allowed to drive there. Any court would interpret the lack of an explicit sign to mean that the public is permitted to use the road. The fact that someone (maybe the town, maybe a private owner) owns the road is irrelevant; you won't be arrested for driving on a road without signs that tell you the rules. We all understand that, without this rule, our road system would be unusable.
But someone else pointed out the magic word that makes this case an exception: "computer". We seem to be in a phase where, the instant a computer gets involved, all social and legal precedent goes out the window, and everything must be relearned from scratch. Any attempt to explain the precedent gets a "But that's different" reply, with no coherent explanation of what the difference is or why it matters. The mere presence of a computer invalidates everything you ever knew, and you have to fight all the old fights all over again.
But in a few centuries, it'll probably settle down, and computers (like roads, cars, etc.) will just be tools that are treated like all other tools.
We can hope that freedom of speech, communication, expression, whatever survive the relearning process
(I do wonder what the court would say if the defendant here were to file an "entrapment" suit against the store owner. After all, there are a lot of open-access APs around. How is one to know while traveling whether any given AP is legally usable? This decision potentially makes it rather risky to just be a traveler in Michigan, especially now that cars are starting to come with onboard networks and comm equipment. It's just a matter of time until someone is arrested while driving along I-94 because their car used a local AP to talk to the factory or download a map.
It's supposed to be the *justice* system (Score:5, Insightful)
I think that you, like many other people, misunderstand this precept. The idea is that ignorance of the law cannot be considered a valid legal defense, basically because it would be absurd to have to prove that someone knew the law in question.
The justice system is supposed to be about justice, however, and while a person's ignorance is not a legal defense, it is something that should be taken into consideration when deciding whether it is just to punish them. If someone does not know the law, it is reasonable for them to think their action is legal, and no significant harm is done, then justice is NOT served by prosecuting them. They intended no harm. They are not a threat to society. Society will be harmed more by using the resources to prosecute them than it will be aided by the prosecution. It is completely foolish to prosecute someone when simply telling them not to do it will be just as effective, and such needless prosecution is befitting of a police state not a free society.
People who enforce the law are supposed to do so judiciously. They are not supposed to blindly apply the letter of the law but rather they are supposed to use their human judgement to decide what is the just application of the law. And people in law enforcement and the justice system do this all the time. Cops let people off with a written warning (or sometimes just a verbal warning). DAs elect not to prosecute a person (or to give them a generous plea deal) if prosecution under the stautory penalty would be unjust. This is a vital part of their job. Both the cop and the county attorneys failed in doing their job in this case.
Re:So using this logic.... (Score:4, Insightful)
This is true if and only if his router speaks for him. Legally, since you can't transfer power of attorney to an inanimate object, this is legally dubious. It makes perfect sense that his router speaks for him if you are not a lawyer, not trained as one, and have basically no knowledge of the law.
Re:This SHOULD be illegal... (Score:2, Insightful)
Re:Bravo! (Score:2, Insightful)
I have to say, I don't see anything wrong with that.
Now, I completely agree with your sentiments that the law is dumb and should be changed. But don't blame a police officer for doing his job.
Re:So using this logic.... (Score:1, Insightful)
One day a neighbor kid simply cut through my yard and left the gates open allow my dog to escape. The police told me they could do nothing about trespassing unless I had signs posted saying "no trespassing". This borders on ridiculous to me. The gates were closed and the property was obviously private. Still, now I have signs and simple combo locks on both gates.
Back to the article, being normally jailed up to 5 years and a $10000 fine (even though this guy got less) for publicly accessing a virtually public access point is ridiculous. The difference here is, pass the threshold, legal, don't, illegal. To me this is more of a technicality. This law is obviously meant to protect home users who do not know how to secure their network from bandwidth thieves. This did not happen here. This guy probably even visits this cafe on occasion, even if he doesn't go in much. And his usage does not sound abusive. All in all, it sounds like they're trying to make all grey areas black and white ones.
--Dave Romig, Jr.
Re:Let's just say for arguments sake... (Score:5, Insightful)
However, piggybacking is different and philosophically wrong for two reasons. First, Wi-fi use DOES impact other users, as bandwidth is finite and allowed users may theoretically wind up having diminished use of the service due to piggybacking. But more importantly, you CANNOT just sit in a parking lot and use Wi-fi without deciding to ACTIVELY log on to the access point. While you may have a right to sit in the parking lot and use your computer, you are actively deciding to use someone else's resources when you log on, and doing so certainly is not unavoidable while using your laptop in that parking lot.
I'm not saying I like the law, because if they're too dumb to require a login, they will have issues bigger than this fellow who was quite up-front about what he was doing. But the previous analogy is a good example of why it is not quite as harmless as it seems.
Re:So using this logic.... (Score:3, Insightful)
Dumb is not a valid excuse anymore. Not on this topic, and not for the last 4 or 5 years.
Re:Let's just say for arguments sake... (Score:5, Insightful)
Remember when "Felony" meant something? (Score:2, Insightful)
Comment removed (Score:5, Insightful)
Re:Let's just say for arguments sake... (Score:5, Insightful)
Don't some setups automatically find the nearest unsecured access point and connect to it, without intervention from the user? What if I were to open my laptop in an unfamiliar area, only to have it automatically connect to an access point before I was able to halt the connection? Do we place the blame on the hardware/software maker for configuring their device to do this by default, or the user for not disabling it?
Most of the access points at the coffee shops around here don't mention anything of "Free Wi-Fi access with purchase!". While it could be argued that the "with purchase" is implied in those situations, I think it could be easily argued in a court that since there was no specific mention of it, patronage of the establishment was not required.
IMHO, if an access point is unsecured and available, it should be fair game for public use without any implied fine print.
Re:Let's just say for arguments sake... (Score:5, Insightful)
I agree that stealing bandwidth is wrong, the punishment certainly does not fit the crime. This type of thing should be a civil infraction, not a felony. People who steal actual physical goods don't even have to face the kinds of penalties this guy potentially could have. When there's a complete disconnect between the severity of punishment and common sense, it causes contempt for the law.
Amen. All kinds of minor offenses have been trumped up into felony status by legislators gone wild. They seem to be engaged in zero-tolerance one-up-manship grandstanding as being tough on crime.
Re:Let's just say for arguments sake... (Score:5, Insightful)
Re:Bravo! (Score:3, Insightful)
Re:So using this logic.... (Score:2, Insightful)
The law is not an end to itself. Nor does the law only exist to support lawyers.
The law must support the people. The people must understand the law. It must exist in their hearts. It must resonate with them.
Without the support and understanding of the people, the law is just tyranny.
I believe that this is the whole intent of jury trials and Jury Nullification (http://en.wikipedia.org/wiki/Jury_Nullification) It exists to keep the law and the people in sync.
Miles
Re:Let's just say for arguments sake... (Score:4, Insightful)
Re:So using this logic.... (Score:3, Insightful)
What's an SSID? (Service Set ID)
When it broadcasts, it IS advertising service. (WiFi Service here!)
You don't have to broadcast SSID's and without them, you can't attach to the Wifi Network. (Many routers offer the ability NOT to broadcast the SSID.)
But if your broadcast that you're offering service, you then answer in the affirmative when asked for a IP (DHCP) I simply can't see how anyone can consider this "unauthorized." Short of getting written, signed by the authorized agent of the WiFi Network that you (specifically) are authorized, you could be successfully prosecuted for "unauthorized" access, simply because you couldn't prove you'd gotten "authorized" access.
I mean damn. You BROADCAST an SSID. You futhter allow a DHCP address to be assigned to an unkown MAC address, and then forward and receive packets from it.
The SSID broadcast is the AVDERTISING of the service.
The granting of the DHCP request with an IP is the EXPLICIT permission to use the network.
If you intended it to be private, you either encrypt it, authenticate it, or block unknown MAC addresses, or fail to lease IP's to unkown clients.
But if you INTEND to let everyone use it, as an OPEN AP, you do just as the coffee shop did.
-Greg
Re:Let's just say for arguments sake... (Score:5, Insightful)
What about if someone creates a website to distribute pictures to their friends, but doesn't protect it in any way. Should it be an offence for someone to access that site as explicit permission has not been granted?
What about if someone creates a site about a polarising political viewpoint and places a banner stating that anyone opposed to that viewpoint is not permitted to view the site. Should accessing that if you have a differing view be an offence?
Lets take it one step further and assume that the individual who owns the first site pays for data transfer on a per Mb rate, if an undesirable person views the site could they be deemed as having stolen whatever the monetary value is of the data transfer they used?
If the above is deemed as true then, even if no fee is calculated on the transfer of data, surely simply making that bandwidth unavailable to other legitimate users would be sufficient for a prosecution?
If an individual accesses these sites without consent (other than that implied by the existence of the sites) should they be held liable?. I don't think so.
Wi-fi and web sites are comparable simply because they are both technological in nature, both require one person or organisation to acquire a service, and then provide information using that service in an indiscriminate manner analogous to broadcast. Both require a concious effort to access (either typing an address / clicking a link or selecting a network to use), and yet often neither explicitly grants nor denies permission to do so. Lastly, and most importantly both can be configured so that casual access is not easily possible.
In short, whilst it is not possible to secure light and prevent others from accessing it without making it totally unavailable, it is possible to secure an access point or a web site so that it is still available but not usable without further action.
The onus to protect against unauthorised access should be on the providers of services that are broadcast indiscriminately. Where protection is in place and is then broken, the responsibility lies with the person having broken it. However deciding what is adequate protection is another matter and outside of the scope of this comment.
Re:Let's just say for arguments sake... (Score:5, Insightful)
Doing so would put the onus of enforcement on the owners of the WiFi and would put them in the position of a) identifying the people "stealing" their bandwidth... b) going to even more trouble by first attempting to quantify their real damages
Good. If the offense is so trivial that it's not even worth identifying the people stealing the bandwidth, it's pretty clear it's not important enough to worry about to the owner--so why should law enforcement?
This is even more silly because the user wasn't circumventing security or illegally accessing a secured, for-pay access point. He was utilizing an intentionally open AP that was put there specifically for people to use for free. Granted, the idea is you come in for coffee, but if the coffee shop didn't even know it was illegal and apparently didn't notice or care, then why should law enforcement take any action?
Judges are ignorant, film at 11 (Score:5, Insightful)
Only because judges are generally illiterate on things tech. DHCP is exactly a request to be assigned network resources. Your workstation/laptop sends out a request containing a globally unique identifier (MAC addr) and the server is free to permit or deny access based on it. That dhcp server is under your control and making decisions based on a policy you gave it, thus it is acting on authority you delegated unto it. By default most routers will hand out an address to anyone who asks for one, which implies a GRANT ANY policy. However almost all DHCP servers offer more restrictive options, even those found in consumer electronics class wireless routers.
Perhaps we need a warning label on the boxes:
"Warning, by default this product will grant access to anyone within it's range who asks. If this is NOT what you want please follow the directions to change it's policy."
Re:So using this logic.... (Score:4, Insightful)
Probably a world in which we are granted or denied access to all kinds of things by machines every day of our lives.
Re:Judges are ignorant, film at 11 (Score:2, Insightful)
There is no inexpensive and hassle-free way to selectively grant and deny based on whether you are a customer.
Re:Let's just say for arguments sake... (Score:1, Insightful)
Re:So using this logic.... (Score:5, Insightful)
Michigan's unauthorized access statute, does in fact grant a rebuttal presumption that access was unauthorized. This means that the defendant, not the prosecution has the burden of proof on this question. This is unusual. Usually, the operator must make the exclusion clear and the prosecution must prove that the defendant ignored and/or circumvented the prohibitions. Michigan's law may in fact be an unconstitutional violation of due process as a result. See Sandstrom v. Montana, 442 U.S. 510 (1979) [findlaw.com]
Second, even if the statute is constitutional, the law may been misapplied. The access is not illegal if
So basically this guy had a bad lawyer. What he did was in fact not a crime.But, maybe he didn't break the law. (Score:3, Insightful)
Here's the law text [mi.gov] (I'll highlight the relevant portions):
Dissecting the text: The act was intentional, but a successful logon to the access point is, by technical definition, authorization. If there was no password, then there is no unauthorized use. Additionally, if there was no username, there was no opportunity for impersonation (impersonation would be a legal manner to be without authorization).
On the second part, he may have exceeded authorization. My question: did the shop present any TOS and if so, did it forbid his manner of usage or only allow usage within the shop? If not, did they confront and object to his usage? If they did none of this, then he did not exceed authorization and the law was not broken. Exceed authorization to use the service and you break the law. Yes, the shop was unknowing. The question is: was the shop also unwanting? How would a user know if their insertion was unwanted? This again assumes a TOS notice.
It may be that he did not do anything unlawful and was just poorly defended. This all depends on the existence of a TOS notice (since I assume the access point had no password).
And, of course, the obligatory: IANAL.
Re:So using this logic.... (Score:3, Insightful)
This guy was charged with a felony because the owner of the network (who didn't press charges, as I understand) might not have realized that he was giving permission to others to use his network, which in fact he was. Pretty flimsy reason to ruin someone's life, no? That's pretty much the only reason that coffee shops even have wireless access points.
Re:So using this logic.... (Score:3, Insightful)
I find the words you use above like "intended" and "basic infrastructure" very arbitrary. Web servers can be argued to be part of the basic infrastructure of any entity with online presence, and most web servers are set up to allow anonymous access without permission. Both web servers and wifi gateways are set up to open up some sort of "portal" to allow access to information that otherwise cannot be accessed.
This is arbitrary, too. Logically or conceptually I don't see any definitively clear line that can be drawn between a garden gate and a front door and a thousand other types of entrances between those two. If you see a garden gate unlocked, would you "reasonably assume" that you can just walk in without being accused of trespassing - or just shot on the spot?
Re:So using this logic.... (Score:3, Insightful)
As it happens, I've never been given permission by a doorknob, though I was going to make our front door's lock grant entry based on the people standing infront of it. I suppose that's the same thing, and I didn't really consider that there'd be anything legally wrong with my computer granting house entry to someone.
Re:Let's just say for arguments sake... (Score:3, Insightful)
There is more than simple implied-consent on the part of the WAP administrator. The fact is that they are running a DHCP server on that WAP, and requiring no authentication for anyone to connect. I turn on my wireless card, and **REQUEST** an IP, and their WAP **CONSENTS** and gives me one. It is a completely consensual relationship between the WAP administrator and the client. If they wanted to limit who could access their WAP, there are many ways to make that happen - most of which would not be offensive to the paying customers of the cafe.
I am willing to bet that they have a sign in their cafe window which reads "Free WiFi" not stipulating the purchase of a coffee for access.
Now, I will admit that the guy who is the subject of this ridiculous criminal proceeding is guilty of bad taste... he is an ass, in fact, for knowingly using something for free that implicitly costs money. He is not, however, a criminal, because he did not commit criminal trespass for physical access to the network (they beamed it into his car), nor did he spoof an IP to use the network that was being publicly broadcast to his vehicle - the network managers OFFERED him an address.
It is good that there is no law against being an ass, as we would have more people serving time than we currently do. Note, however, that being an ass usually pays dividends in personal suffering, so it all works out in the end.
Re:So using this logic.... (Score:5, Insightful)
First, I don't understand how you can say with a straight face that web servers indicate and intent to share and broadcasting gateways do not. For one thing, most web services specifically forbid all sorts of uses in their terms of use. For example: http://www.ostg.com/terms.htm [ostg.com]. For another, many people assume that information they post on the web is private (they shouldn't, but they do) if it isn't linked in to a well-known web page.
Second, couldn't you make the same argument about not wanting anonymous third parties using email servers? I only want authorized people to email me, not Mexican pharmacy bots. But since I have a publicly accessible email address I'm likely to get some such email, whether I want it or not.
I don't support the "it's open so I have a right to use it" viewpoint, but there are reasonable technical and social measures that could be employed to indicate that you don't want to share your gateway. They could simply add a the WEP password "pasword". Or not broadcast the SSID. Or put up a terms-of-use page for the first port-80 request from a new MAC address. Or posted a sign outside that said "WiFi access for customers only". Or they could have walked out to his car and asked him to stop using their network.
If they had done any one of those things and he continued using the access point I'd have no trouble prosecuting him. But when people physically trespass, they must have bypassed reasonable security measures and/or be asked to leave before they've committed a crime, and I don't see the benefit of a stricter standard for access points.
Re:Let's just say for arguments sake... (Score:5, Insightful)
What responsibility does the wifi owner have in all this?
At what point do I have to take care of his network and specifically avoid it?
If a laptop has been connected to the wireless network "Linksys" with no WEP before and is set to automatically connect to it, and a coffee shop has no wep enabled and the same SSID then a laptop will automatically connect to it! I would have to activly stop my laptop from connecting to it. Now this is either entrapment or criminal negligence. Since I would face penalties from the act.
It's a simple process to give out a key at the register on the reciepts each day, or set up a basic gateway with a password. You could even turn off the SSID broadcast function and have people type it in manually.
These places try and make as easy as possible for people to access their network and then have a problem when their efforts result in people using the network.
Take some responsibility. The law shouldn't protect those too ignorant of their own actions from facing the consequences of those actions. After all, that's why the man in the car had to pay a fine and do community service!
Lawmakers need to get a clue, hold people accountable, and hold themselves to the same standard while they're at it! Quit lagging behind the curve, we're supposed to be a great nation and we constantly act like a bunch of neanderthals.
Re:Here We Go (Score:3, Insightful)
Re:So using this logic.... (Score:3, Insightful)
Putting an unconfigured neon "Open" and "Free Internet Here!" sign on your house in no way allows someone to claim that people are trespassing when they walk in looking for free Internet access. Remember, the access point tells everyone within range that it's open every second. That's like standing in your front yard next to your free Internet sign and shouting that everyone is welcome to use the Internet, and then calling the police when people come in. The problem is that people are buying "Free Internet Here!" and "Open" signs and plastering them to their house without a second thought.
Web servers are intended for the dissemination of information to third parties. Wi-fi gateways are basic infrastructure, and can be reasonably be considered intended for the use of authorized parties only, given most people are unlikely to want anonymous third parties using their network without permission.
The problem is, there is absolutely no precedent for assuming that wireless access points are a private network resource. There are far too many free and open access points whose purpose is explicitly that they be free and open that such a distinction would be foolish to make in general. Much better to define private networks as those with encryption or MAC filtering turned on. Remember, wireless networks operate in the *public* 2.4GHz spectrum which is free for all public use within some transmission power limits. Note that there are absolutely *no* laws against snooping or injecting audio into portable phones operating in the public spectrum. It would be silly to arrest someone for accidentally owning the same model of phone as their neighbor and breaking into their calls by mistake occasionally. This routinely happened before phones were built smart enough to do frequency hopping and basic authentication with their base station.
A front door, however, can be reasonably assumed whether locked or unlocked to be a boundary over which a visitor cannot cross without explicit permission. The mistake of many on the "Unlocked WAP means I'm allowed in" argument is to assume such a state of affairs does not exist, and that you can reasonably make assumptions about whether you're allowed to do something on the basis of whether it's easy or not.
Again, your argument discounts the fact that a fair number of wireless access points are intended for public use. There is no physically distinguishing factor to determine whether an access point is like the door to a private residence, the door to a private club (which is still a public place) or the door to a public business establishment. No way, that is, except the utterly trivial ability to set encryption, MAC filtering, or even a "PRIVATE xxxx" SSID. Basically, it's like posting a "Free Internet Access - Open for business!" sign on the front door of your house and complaining when people walk in looking for a computer terminal to use.
As always, there's a solution: just ask. If you're afraid to ask someone if they'd mind if you used their Internet connection via their WAP, you might want to ask yourself whether you really have their consent.
Who do you ask? It's not like wireless routers broadcast GPS coordinates and the owner's name and telephone number or anything. Even if you know approximately where the access point is, how do you find out who owns it so you can ask them? How do you know that the person you ask isn't just lying and saying you can use it? Without a physical presence, it is essentially impossible to establish actual ownership of a wireless router signal, or request permission to use it. That said, how are people supposed to use the real free wireless connections if they're threatened with going to jail if they accidentally connect to the wrong one? Soun
Re:Let's just say for arguments sake... (Score:1, Insightful)
> How is using all of this Ilegal?. If he had cracked a WEP password, or circumvented some security measure, even if the
> SSID of the network was "ONLY_FOR_CUSTOMERS-GO_AWAY", then you would have a case, but in this situation there
> is no reason to punish him. No ilegal activities.
Exactly! It should not be a crime to intentionally take something that is offered to you for free.
Re:Stop lying (Score:2, Insightful)
And the most important point, which you should take to heart, is that you didn't even CONSIDER that possibility that the cop wasn't a rights trouncing, citizen abusing asshole, even though such individuals are BY FAR the exception. Most cops are regular guys, but your overwhelming paranoia clouds your ability to see that.
Only one out of twenty of our airline pilots is drunken on duty, and your demands to speak to the pilot before the flight is extreme paranoia.
Considering that it's the rights trouncing, citizen abusing asshole that hassle people for no reason to start with, I think a little paranoia is well justified when dealing with police.
Re:Let's just say for arguments sake... (Score:2, Insightful)