Since someone else brought this up, and the question on non-encypted
wifi has come up many times how does the following apply and has anyone
seen any cases that it has been used as a defense for using an open wifi
system.
18 USC 2511:
(2)
(g) It shall not be unlawful under this chapter or chapter 121 of this
title for any person—
(i) to intercept or access an electronic communication made through
an electronic
communication system that is configured so that such electronic
communication is readily
accessible to the general public;
Would not a open Wifi router BE "configured so that such electronic
communications is readily accessible to the general public"?
Larry Offley
www.offley.ca
cwright@bdosyd.com.au wrote:
Hello,
The situation is fairly simple and NOT as some people have deemed, unclear. The un-clarity comes from a lack of understanding of the law, not that the law is in anyway unclear. There are in most common law western countries a variety of statutes that cover these acts at a federal level.
For clarification, the US, (most of CA), AU, UK, NZ and many other places are
common law and not Romanic or civil law countries. France is civil law. Now
that this is clear I will progress.
Wireless interception is covered as electronic interception. Wireless communications use electromagnetic waves for transmission. The dissemination of electromagnetic waves is legally considered electronic interception of electronic communications. Thus is clear. It is decided in case law in a variety of countries.
Mostly this is oldish law going back 20-30 years. The majority of cases at that
point are due to the interception of Satellite transmissions or to pay
television through electronic interception.
In § 2511 (Interception and disclosure of wire, oral, or electronic
communications prohibited) of [1], parts1.b.ii states:
“such device transmits communications by radio, or interferes with the
transmission of such communication”
So this is US Federal law. Forget all the “my state” bits etc. It is defined
federally, and federal is all you need to be covered.
Section 2.d of the Act states:
“It shall not be unlawful under this chapter for a person not acting under
colour of law to intercept a wire, oral, or electronic communication where such person is a
party to the communication or where one of the parties to the communication has given prior
consent to such interception unless such communication is intercepted for the purpose of
committing any criminal or tortious act in violation of the Constitution or laws of the
United States or of any State.”
The act even covers cases where a transmission is NOT “encrypted or scrambled”.
It is still not legal to intercept it.
Now from the above in 2.d you should note that you can be given prior permission. This
is from the site or system owner. As such, you can intercept a communication on your
own site when you are an auditor or network administrator. You are exempted under the
act as long as you remain acting within your authority. If you attack another network
which crosses your site – you have no authority.
REMEMBER that this is PRIOR permission. That is BEFORE the act. There can not
be any permission subsequent to the act.
In Au, we have the Telecommunications (Interception) Act 1979 and the
TELECOMMUNICATIONS (INTERCEPTION) AMENDMENT BILL 2006. The UK has the
equivalent as do the majority of other common law (and many civil law)
countries.
Nothing is unclear about the law. Not knowing it does not make it unclear.
These are VERY clear laws. The ONLY areas of un-clarity are in tortious
actions. The un-clarity is how much of a civil penalty will you also get.
There is nothing to stop the owner of the network your intercepted taking tortious action. If you have been found guilty or charged with a criminal offence – this makes it easier.
So the uncertainty is not per se a legal one, but rather that when you go to
goal, will the aggrieved party also sue you.
So:
Admin and your own network =ok
Admin and finding another network, but stopping = ok
Admin finding another network and just capturing = asking for trouble
Not admin and no permission = new friends with Bubba
Simple?
Regards,
Craig
[1]
TITLE 18. CRIMES AND CRIMINAL PROCEDURE
PART I--CRIMES
CHAPTER 119--WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND INTERCEPTION OF ORAL COMMUNICATIONS
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
