Legal implications of wireless?

08-09-2001

I posted this as a follow-up in another thread, but I think this topic is worth starting a new thread for - as it's important for all of us:

-----

Interesting searches -

I've done a bit more reading on this, and it would seem that the laws are written to favor the owner of a network. That's certainly an understandable way to write the laws. For further discussions, you might want to do some lookups on "computer eavesdropping" and "computer trespass" -- those (felonies, in certain circumstances) laws seem to be written towards wired networks, but would probably form the basis for any lawsuit that might be filed.

Correct me if I'm wrong, but back when cell phones were analog, it was illegal to use a scanner to tap into the phone calls of people in your area. Even though the coversations were in the air (unencrypted) all around you, if memory serves me correct it was illegal to listen in. Maybe that's the difference between "licensed" and "unlicensed" frequencies, mentioned earlier in this thread? Maybe the cell phone frequencies are licensed, and others (standard 900mhz or 2.4ghz cordless phones) are not.

Who knows. Certainly is a tangled issue, but well worth the debate so that we can attempt to determine some answers before a) someone gets in trouble, or b) the press starts coming up with their own interpretations of the law.

-Toomer

08-09-2001

sounds good..

08-09-2001

The all to famous Electronic Communications Privacy Act (ECPA) of 1986 mad an attempt to stop the interception of analog cellular, but it was not until 1992 when the Telecommunications Disclosure & Dispute Resolution Act (TCDDRA) was passed by congress that Cellular scanning was really killed. The TCDDRA preventes new scanners from being made or imported that are cellular capable. In addition the 1994, Digital Telephony Bill increased the restrictions and also added cordless phones.

I don’t think it will be to long before the laws are amended to make scanning 802.11 a violation. Personally I feel, if I am in my private space and somebody is sending me information, I have the right to listen to it. Now if they have taken the time to Encrypt it that is another story.

Bish

There is a lot of information
just floating around out there,
it is just a matter of knowing
how to listen to it.

08-20-2001

Uh-oh
This area of topic is a global nightmare.
I'm from Sweden and we have different laws here than US.
So what might be illegal in your country might be legal in ours.

But for the record I share my findings from then.
I spent half a day (half a year ago) investigating this question mainly asking the Swedish Justice Department
Of course they hadn't heard about WLAN then...

From what I understood from this, the law here is like this -if you do something with the *intent* of doing harm then you can get prosecuted.
Otherwise not, (of course this may be from case to case)

Also from my discussions with the IT-police they then hadn't any clues how to interperate this situation, after I briefed them about what WLAN is...

So here another hypothesis to debate =)
I'm walking along with my laptop turned on with my Cisco Aironet downtown. Suddenly my personal FW alerts me.
A fast check reveals that I'm on someone's net -they gave me a DHCP address -how nice of them

.
But their system is also configured to automatic SNMP scan on all devices in their net. And neither I or my FW don't like that...

Q -Who is the intruder now ?

/Daniel

08-22-2001

I think the main factors which differentiates stumbling from an illegal activity is the fact that netstumbler does not search for beacons. It only listens for broadcasts from AP's in its area. If someone yells a "secret password" out the window to someone across the street am in the wrong for hearing it while I walk by? I think the only line, which may come to cross, is our disclosure of what we find to the companies in question. Some choose to let them know they’re vulnerable, and some just choose to make it known to the community. Either way you go about it that is a different topic.

08-09-2001	#1 (permalink)
Posts: n/a	Legal implications of wireless? I posted this as a follow-up in another thread, but I think this topic is worth starting a new thread for - as it's important for all of us: ----- Interesting searches - I've done a bit more reading on this, and it would seem that the laws are written to favor the owner of a network. That's certainly an understandable way to write the laws. For further discussions, you might want to do some lookups on "computer eavesdropping" and "computer trespass" -- those (felonies, in certain circumstances) laws seem to be written towards wired networks, but would probably form the basis for any lawsuit that might be filed. Correct me if I'm wrong, but back when cell phones were analog, it was illegal to use a scanner to tap into the phone calls of people in your area. Even though the coversations were in the air (unencrypted) all around you, if memory serves me correct it was illegal to listen in. Maybe that's the difference between "licensed" and "unlicensed" frequencies, mentioned earlier in this thread? Maybe the cell phone frequencies are licensed, and others (standard 900mhz or 2.4ghz cordless phones) are not. Who knows. Certainly is a tangled issue, but well worth the debate so that we can attempt to determine some answers before a) someone gets in trouble, or b) the press starts coming up with their own interpretations of the law. -Toomer

08-09-2001	#2 (permalink)
Posts: n/a	sounds good.. sounds good..

08-09-2001	#3 (permalink)
Posts: n/a	Cellular scanning laws The all to famous Electronic Communications Privacy Act (ECPA) of 1986 mad an attempt to stop the interception of analog cellular, but it was not until 1992 when the Telecommunications Disclosure & Dispute Resolution Act (TCDDRA) was passed by congress that Cellular scanning was really killed. The TCDDRA preventes new scanners from being made or imported that are cellular capable. In addition the 1994, Digital Telephony Bill increased the restrictions and also added cordless phones. I don’t think it will be to long before the laws are amended to make scanning 802.11 a violation. Personally I feel, if I am in my private space and somebody is sending me information, I have the right to listen to it. Now if they have taken the time to Encrypt it that is another story. Bish There is a lot of information just floating around out there, it is just a matter of knowing how to listen to it.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

08-20-2001	#4 (permalink)
Posts: n/a	Uh-oh This area of topic is a global nightmare. I'm from Sweden and we have different laws here than US. So what might be illegal in your country might be legal in ours. But for the record I share my findings from then. I spent half a day (half a year ago) investigating this question mainly asking the Swedish Justice Department Of course they hadn't heard about WLAN then... From what I understood from this, the law here is like this -if you do something with the intent of doing harm then you can get prosecuted. Otherwise not, (of course this may be from case to case) Also from my discussions with the IT-police they then hadn't any clues how to interperate this situation, after I briefed them about what WLAN is... So here another hypothesis to debate =) I'm walking along with my laptop turned on with my Cisco Aironet downtown. Suddenly my personal FW alerts me. A fast check reveals that I'm on someone's net -they gave me a DHCP address -how nice of them . But their system is also configured to automatic SNMP scan on all devices in their net. And neither I or my FW don't like that... Q -Who is the intruder now ? /Daniel

08-22-2001	#5 (permalink)
Posts: n/a	I think the main factors which differentiates stumbling from an illegal activity is the fact that netstumbler does not search for beacons. It only listens for broadcasts from AP's in its area. If someone yells a "secret password" out the window to someone across the street am in the wrong for hearing it while I walk by? I think the only line, which may come to cross, is our disclosure of what we find to the companies in question. Some choose to let them know they’re vulnerable, and some just choose to make it known to the community. Either way you go about it that is a different topic.