The California legislature has passed a law requiring the manufacturers of WiFi products to put warning labels reminding users to password-protect their networks, and the state’s governor is expected to sign it.
While the bill doesn’t outlaw piggybacking — the practice of simply using an available, open access point — some are wondering if this is the first step towards making it illegal, since it notes “there is disagreement as to whether it is legal for someone to use another person’s WiFi connection to browse the Internet if the owner of the WiFi connection has not put a password on it”.
Securing on open access point isn’t too difficult, and the Wi-Fi Alliance is introducing a new program to make the use of Wireless Protected Access even easier to implement — so if someone doesn’t want people to access their network, it’s not too hard to keep them from doing so. There’s little ethical concern about using an open access point, and a lack of security is typically understood to represent tacit approval that it’s okay.
There have been a few cases of people being arrested or prosecuted for using open WiFi, but the legality of it seems somewhat clear, particularly if the network is being accessed from public property or if the radio waves from one person’s AP have traveled over to someone else’s property.
It’s unclear, though, why California politicians see the need for a law here — if people want don’t want others accessing their WiFi, they have plenty of options with which to lock down their network. They don’t need special legal protection.
Furthermore, if piggybacking is outlawed, where would it leave people who actually want to share their WiFi, whether it’s just an individual, or a business? Things get awfully messy there. If I want to share a network connection over WiFi, how do I communicate to others that I approve of them using my network? Physical signs aren’t a perfect solution by any means.
Overblown security fears shouldn’t prevent people who want to share their WiFi from doing so; for those who don’t, plenty of means exist to limit access without inventing another crime, let alone one that would be ridiculously hard to enforce.