If you care about network security, you are probably well aware of the Massachusetts Data Privacy Law and its requirement to secure wireless networks.
But password-protecting a wireless router also has constitutional significance.
A child pornography suspect had no constitutionally protected privacy right in the files found on his personal computer, accessible by a neighbor who was piggybacking on his unsecured wireless network.
A neighbor stumbled across the shared files and alerted the local sheriff. After coming by to see the files, the sheriff ran license plates on cars on the street and found one nearby that was registered to a convicted sex offender. The sheriff then obtained warrants to determine the subscribers IP address and eventually to seize the computers.
Even though the defendant confessed on the spot, his lawyer tried to get all of the evidence thrown out claiming the sheriff violated the defendant’s reasonable expectation of privacy. The government disagreed and said the “defendant’s conduct in operating his home computer eliminated his right to privacy.”
The case ended up with Judge King in the Oregon’s United States District Court in the case of U.S. v. Ahrndt.
The case even quotes one of my favorite columns: The Ethicist by Randy Cohen in The New York Times: Wi-Fi Fairness Feb 8, 2004. Cohen came to the conclusion that “you may use but not overuse Wi-Fi hot spots you encounter.”
The judge steps over the issue of whether it is legal or not to access an open wi-fi hotspot, but is happy to point out that the accidental unauthorized use of other people’s wireless networks is a fairly common occurrence in densely populated urban environments.
“As a result of the ease and frequency with which people use others’ wireless networks, I conclude that society recognizes a lower expectation ofprivacy in information broadcast via an unsecured wireless network router than in information transmitted through a hardwired network or password-protected network.”
The judge also found “when a person shares files on iTunes over an unsecured wireless network, it is like leaving one’s documents in a box marked ‘take a look’ at the end of a cul-de-sac.” In the end, the defendant’s conduct in operating his software and maintaining his router diminished his reasonable expectation of privacy.
So not only, will improperly maintaining your wireless network open you to data loss and liability under privacy laws, but you diminish your constitutional protections.
Sources:
- United States v. Ahrndt, No. 08-cr-468 (D. Ore. Jan. 28, 2010) – hosted on JD Supra
- No expectation of privacy in computer connected to unsecured wireless network by Steve Meltzer of the Data Privacy Regulation & Management Blog
- Court Finds Constitutional Significance in Defendant’s Failure to Password-Protect Home Wireless Network from the E-Commerce and Tech law blog
- The Ethicist by Randy Cohen in The New York Times: Wi-Fi Fairness Feb 8, 2004