Privacy and Security Law Blog

Posted by Lance Koonce

Most readers of this blog are well aware of the risks of unencrypted wifi, but a Toronto-based artist is demonstrating some of those risks in a rather graphic way.

Michelle Teran is presenting a series of performance art pieces in which she leads a small group of onlookers through the streets of a city (recently, Cardiff, in Wales) carrying a video monitor and receiver tuned to the 2.4GHz band on which many wireless equipment operates, such as closed-circuit video monitors. When she finds unencrypted signals she displays the unintentionally-broadcast signals on her monitor for her audience.

Posted by Lance Koonce

In other municipal wifi news, Philadelphia has awarded a contract to Earthlink to build the city's 135-square-mile wireless network. Philly is the largest city thus far to formally put a plan for city-wide wifi into place; Earthlink will fund and build the system, and will also own all of the equipment.

Posted by Kraig Baker

Google's offer yesterday to build a municipal Wi-Fi network for the City of San Francisco has many positive and exciting ramifications for convenience, access, and conquering the digital divide. Providing such a network to a wired and technology sophisticated city like San Francisco by a technology provider that will undoubtedly facilitate simple use of VoIP and other multimedia will create massive security headaches. It will be interesting to watch how Google plans to build the network to manage and minimize such headaches. Maybe Google has some ideas that will advance the cause of secure computing and access...

A simmering battle between airports authorities and airlines over management of wireless networks has boiled over at Logan International Airport in Boston, and the FCC has been asked to intervene.

The dispute stems from a Continental Airlines program that provides free wi-fi service to passengers in its President's Club lounges. While some airport authorities also provide free wi-fi within passenger terminals, at Logan travelers must pay a daily fee of $7.95 for the service. Continental frequent fliers, however, can step into the airline's lounge and avoid that fee.

Business managers responsible for data security may be investigating what they can do to avoid the fate of BJ's Wholesale Club. The Federal Trade Commission issued a complaint against BJ's for failing to safeguard data regarding credit and debit cards that BJ's customers used at its stores. The FTC alleged that BJ's lax security, which included BJ's transmission of unencrypted payment card data within its stores over WiFi systems, was an unfair practice.

In the first case of its kind in the UK, a man has been prosecuted for hijacking a wireless broadband connection and has been fined 500 pounds and sentenced to twelve months's conditional discharge. While there have been several convictions for theft of credit card information over wireless networks, this case involved the theft of wifi signals for something as pedestrian as browsing the Internet. Considering the fact that in the United States there are millions of wifi users and that it is relatively easy to use a neighbor's signal even for users who have virtually no technical expertise, it may only be a matter of time before a litany of cases like this appear in U.S. courts.

Posted by Steve Chung