Hello,
The situation is fairly simple and NOT as some people have deemed, unclear. The
un-clarity comes from a lack of understanding of the law, not that the law is
in anyway unclear. There are in most common law western countries a variety of
statutes that cover these acts at a federal level.
For clarification, the US, (most of CA), AU, UK, NZ and many other places are
common law and not Romanic or civil law countries. France is civil law. Now
that this is clear I will progress.
Wireless interception is covered as electronic interception. Wireless
communications use electromagnetic waves for transmission. The dissemination of
electromagnetic waves is legally considered electronic interception of
electronic communications. Thus is clear. It is decided in case law in a
variety of countries.
Mostly this is oldish law going back 20-30 years. The majority of cases at that
point are due to the interception of Satellite transmissions or to pay
television through electronic interception.
In § 2511 (Interception and disclosure of wire, oral, or electronic
communications prohibited) of [1], parts1.b.ii states:
?such device transmits communications by radio, or interferes with the
transmission of such communication?
So this is US Federal law. Forget all the ?my state? bits etc. It is defined
federally, and federal is all you need to be covered.
Section 2.d of the Act states:
?It shall not be unlawful under this chapter for a person not acting
under colour of law to intercept a wire, oral, or electronic communication
where such person is a party to the communication or where one of the parties
to the communication has given prior consent to such interception unless such
communication is intercepted for the purpose of committing any criminal or
tortious act in violation of the Constitution or laws of the United States or
of any State.?
The act even covers cases where a transmission is NOT ?encrypted or scrambled?.
It is still not legal to intercept it.
Now from the above in 2.d you should note that you can be given prior
permission. This is from the site or system owner. As such, you can intercept a
communication on your own site when you are an auditor or network
administrator. You are exempted under the act as long as you remain acting
within your authority. If you attack another network which crosses your site ?
you have no authority.
REMEMBER that this is PRIOR permission. That is BEFORE the act. There can not
be any permission subsequent to the act.
In Au, we have the Telecommunications (Interception) Act 1979 and the
TELECOMMUNICATIONS (INTERCEPTION) AMENDMENT BILL 2006. The UK has the
equivalent as do the majority of other common law (and many civil law)
countries.
Nothing is unclear about the law. Not knowing it does not make it unclear.
These are VERY clear laws. The ONLY areas of un-clarity are in tortious
actions. The un-clarity is how much of a civil penalty will you also get.
There is nothing to stop the owner of the network your intercepted taking
tortious action. If you have been found guilty or charged with a criminal
offence ? this makes it easier.
So the uncertainty is not per se a legal one, but rather that when you go to
goal, will the aggrieved party also sue you.
So:
Admin and your own network =ok
Admin and finding another network, but stopping = ok
Admin finding another network and just capturing = asking for trouble
Not admin and no permission = new friends with Bubba
Simple?
Regards,
Craig
[1]
TITLE 18. CRIMES AND CRIMINAL PROCEDURE
PART I--CRIMES
CHAPTER 119--WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND INTERCEPTION
OF ORAL COMMUNICATIONS
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
