German Court Says You Must Secure Your WiFi Or You May Get Fined

from the open-wifi-is-illegal? dept

Miranda Neubauer was the first of a few of you to send in the news of a bizarre German court ruling that makes it effectively illegal to offer open WiFi. Seriously:
Germany's top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data.

Internet users can be fined up to euro100 ($126) if a third party takes advantage of their unprotected WLAN connection to illegally download music or other files, the Karlsruhe-based court said in its verdict.

"Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation," the court said.
This is backwards in so many ways. First, open WiFi is quite useful, and requiring a password can be a huge pain, limiting all sorts of individuals and organizations who have perfectly good reasons for offering free and open WiFi. Second, fining the WiFi hotspot owner for actions of users of the service is highly troubling from a third party liability standpoint. The operator of the WiFi hotspot should not be responsible for the actions of users, and it's troubling that the German court would find otherwise. This is an unfortunate ruling no matter how you look at it.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Travis Miller (profile), May 12th, 2010 @ 12:39pm

    password?

    What if everyone who wish to leave it open just made the password "password" (or the German equivalent)? Would they be liable for not having a strong enough password? Who would they hold liable if the WiFi was locked with a strong password, but there was good reason to believe that the password had been compromised by other means?

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    Rose M. Welch (profile), May 12th, 2010 @ 12:47pm

    So... if someone steals your car in Germany, and then uses it as a getaway car in a robbery, can you be charged for that as well?

    Besides, in a normal crime, even if you knew about it, you could only be charged as an accessory, not the perpetrator.

    This is nuts.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 1:32pm

    Re:

    if you lend your car to someone to perform a robbery, perhaps. if they steal it, no. open wifi is a stupid, stupid concept only supported by the internet tree huggers and bandits who dont want to pay for anything. it is the internet version of 'snitches get stiches' and just as dishonest. you might as well leave your front door open during the day so strangers can use your sofa and tv while you are at work. totally stupid.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Phillip Vector (profile), May 12th, 2010 @ 1:38pm

    Re: Re:

    YEAH! Those coffee houses that have seats in them to entice people to drink their coffee in the place (and perhaps get them to buy more stuff when the caffeine kicks in) shouldn't be allowed to have them. They are only used by people who want to sit down for free.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 1:39pm

    Re: Re:

    You don't really understand what the internet is, do you? That actually makes a lot of sense.

    http://en.wikipedia.org/wiki/Internet

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    :Lobo Santo (profile), May 12th, 2010 @ 1:48pm

    Re: Yep

    Plus, if any nearby Germans have rights, other nearby Germans are subject to violence (inexplicably).

    ; P

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 1:54pm

    how silly, this is probably one of those laws legislators pass just to appear to be doing something, but will never be enforced because of the shitstorm it would cause

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 2:17pm

    Re: Re: Re:

    the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit. you are thinking like an american, using bizarre absolutes to try to prove a point. do you let everyone into your house, or only people you choose?

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    John Fenderson (profile), May 12th, 2010 @ 2:19pm

    Re: Re:

    That comment made no sense whatsoever, and yet still managed to get across the fundamental concepts that sharing things with others is bad and people should be legally restricted from doing so. Kudos to you, sir!

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Rose M. Welch (profile), May 12th, 2010 @ 2:29pm

    Re: Re:

    You, sir, are an idiot.

    Adding the level of security that the average user is going to be able to add means that they'll still be giving away wifi to plenty of people, just like locking your car door and walking away with the keys doesn't really stop anyone from stealing it.

    In both cases, it has nothing to do with permission, but only in one case can you be held responsible for what someone did without your permission.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 2:30pm

    Re: Re: Re: Re:

    I let everyone into my home. You know what they say, sharing is caring.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Stuart, May 12th, 2010 @ 2:35pm

    Re: password?

    What the would do is assume that since your connection was "secure" that you were the one doing the downloading and hit you with that.

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Cynyr (profile), May 12th, 2010 @ 2:36pm

    i wonder

    I wonder if you can apply to have an open wifi network if it is part of a business, or though some other means. It would probably require locking down some aspects of the service and logging data.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 2:41pm

    Yeah, that was TAM, our resident RIAA shill. He never makes any sense and has no fucking clue about technology. Just the same as that German court.

    Using a password is only part of securing the wifi. WEP can be easily broken and even WAP, although more difficult. The point is you can claim your wifi has been hacked. Then what?

    And what if you did everything you know to secure your network but left a weak point and got hacked?

    What if you are a moron like TAM?

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 2:49pm

    Re: Re: Re: Re: Re:

    in which case you are an exceptional idiot, and you can pay the fines.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 2:54pm

    Re: Re: Re: Re: Re: Re:

    What fines? No one fines me for letting people into my home. That's just stupid!

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    DocMenach (profile), May 12th, 2010 @ 2:57pm

    Re: Re: Re: Re:

    the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit

    You fail again TAM. I work at a place that is simply too large to conveniently "provide connection information" to our patrons. Unless we put signs up all over the place we would have tons of customers wasting staff time asking how to get on the wireless network. By leaving the connection open we make it much more convenient for our customers. Besides, putting a password on it still wouldn't prevent people from doing illegal things with that network connection.

    TAM is such a miserable failure.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 2:58pm

    To #3: If you really believe that people "dont want to pay for anything" you probably don't watch TV, which is "free" and is supported by advertisers. Coffee houses provide "free" wifi, which is supported by the increase in business.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 3:21pm

    Some European hotels not offering open Wifi anymore

    I was in Prague for a few days this Spring and our hotel didn't offer open Wifi for this very reason, but when we checked in they gave each of us a patch cable so we could connect to their network for free internet access.

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    Atkray (profile), May 12th, 2010 @ 4:04pm

    Re: Some European hotels not offering open Wifi anymore

    Most hotels I have stayed at in the United States give you a password when you check in. In contrast most of the businesses I have worked at have open WIFI for their customers. I think the main reason is because the hotel has a closer relationship with the customer name and address are given usually a credit card is on file etc... In a retail business you do not always have that communication with customers but it is advantageous to have free WIFI in the customer waiting area. Yes we could encrypt and issue passwords but that stretches our already limited staff even thinner. A sign that says "Free WIFI" is great at getting potential customers into a business.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 4:33pm

    Re:

    ask your insurance company what the difference would be between leaving your car running with the doors unlocked and it being locked, with an alarm system, an immobilizer, a club, and a gps tracking device. then you will maybe understand the difference rd.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 4:44pm

    Re: Re:

    hi mike.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    DocMenach (profile), May 12th, 2010 @ 5:17pm

    Re: Re:

    You fail again TAM (You've been failing a lot today). Your analogy between open Wireless and a car is worse than Ted Stevens considering the internet "A bunch of tubes". There is no correlation between a car and a wireless access point. You are simply trying to derail the discussion with something completely irrelevant.

     

    reply to this | link to this | view in thread ]

  24.  
    icon
    erica ann (profile), May 12th, 2010 @ 5:40pm

    so...

    the courts are saying it has to be secured against unauthorized users.

    So, hotspots would have a username and password to use for the public plus a record of mac and ip addresses used. and the users are then authorized vs unauthorized. anyone can connect, but its still 'secured' vs 'open'

    Home and small business users would protect themselves from having someone borrow their bandwith or illegally obtain network files of data and possibly other client information, spam or other activity not authorized to do - by putting a password on their wifi connection.

    seems like common sense to me.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Pixelation, May 12th, 2010 @ 5:58pm

    Cheaper

    $126 is cheaper than a lawsuit from the RIAA. Just make a deal with your neighbor. I'll use your open wifi and you use mine. We both have the same $126 risk. Even better, the RIAA won't see a dime!
    Brilliant law to screw the RIAA. Yay Germany!

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Regilberto Girão, May 12th, 2010 @ 6:11pm

    CONGRATULATIONS

    Congratulations to the German court.
    Imagine if your wireless network is used to commit a crime: bullying, theft, murder, tax evasion, drug trafficking, terrorism, etc..
    Here in Brazil we say, until you proves that pig's snout is no outlet, your life becames a hell.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, May 12th, 2010 @ 8:07pm

    Here's my password

    For a business, it's ridiculous for them to have to tell me the password for their wireless so I can log in and do illegal things.

    Why not just let me get on without the password so I can do the illegal things? They aren't going to refuse me the password, so why make them jump through the hoop of giving it to me?

    Let's say they do capture my MAC id; so what? There's no way to track me down by MAC. There's no giant DB of MAC id's, plus they're easy to spoof.

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    Hephaestus (profile), May 12th, 2010 @ 8:43pm

    Re: Re: Re: Re:

    "the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit."

    Ah I really love unintended consequences. One really big problem is that this will open up a huge new problem, WiFi locations and password lists online. Also WiFi hacking password software is another unintended consequence. Of course this hacking WiFi hacking software will lead to laws that, require you to get a new WiFi router everytime the encryption is cracked and the firmware upgrade doesnt work.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    dean, May 12th, 2010 @ 11:47pm

    Wifi

    So, why can't the re-jig things to say "private residences"

    i.e. if you have a registered business (as hot spot owners / cafes, etc, etc should presumably have)...then some different interpretation applies

    if you're NOT a business AND you have unsecured wifi...then Blam, fine, thanks!


    I do believe already that the document kind of states this as it's worded "private individuals"

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    PaulT (profile), May 13th, 2010 @ 12:13am

    Re: Wifi

    Cool, you can get your neighbour sued in 4 easy steps! - Go round for a cup of coffee and note down their password when their back's turned - Log into their router and change it to an open network - Download a few movies - Relax and laugh when he opens his settlement bill Much better than trying to get them to make sense by not making 3rd parties responsible for actions they have no control over.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    tuna, May 13th, 2010 @ 5:15am

    Re:

    In the U.S. if you leave your keys in the car and someone steals it and commits a crime you are laible.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    tuna, May 13th, 2010 @ 5:18am

    Re: Re:

    We have open wireless at my workplace so that our vendors and techs can get on the internet for fixes, training and demos.

    If I put a password on it I would have to hand out that password to about 20 different people per week. Which means at the end of the year there are over a thousand people with that password anyway.

    You obviosly have no connection to the IT industry.

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    tuna, May 13th, 2010 @ 5:25am

    wifi

    I live in an apartment complex and have turned into the resident IT guy. I know all my neighbors passwords because I set their wirless systems up.

    Personally, I prefer MAC filtering.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    abc gum, May 13th, 2010 @ 6:09am

    Re: Re:

    "In the U.S. if you leave your keys in the car and someone steals it and commits a crime you are laible."

    Liable for what?

    IANAL, however - I do recall that (in the US) some states have laws which penalize those who leave their keys in the vehicle. In addition, there are laws (in some states) which penalize those who leave the vehicle running, etc. It is my understanding that the vehicle owner is not liable for the actions of the car thief, whatever they may be. If you have information in support of your assertion that would be great, please share.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Anonymous Coward, May 13th, 2010 @ 6:14am

    Re: Re: WIFI insurance

    Why would I do that?
    This makes no sense at all.

    Do I now need WIFI insurance?

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Anonymous Coward, May 13th, 2010 @ 6:15am

    Re: Wifi

    But corporations are now people.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Anonymous Coward, May 13th, 2010 @ 6:21am

    WooHoo

    1) pass a law that requires a new protocol for WIFI, something like Secure Interface Control (SIC)

    2) in order to get everyone on board (except consumers), promise to never shut off a user WIFI

    3) FCC ... something, something

    4) PROFIT !

     

    reply to this | link to this | view in thread ]

  38.  
    icon
    PaulT (profile), May 13th, 2010 @ 9:08am

    Re: WooHoo

    Actually I think it goes like this:

    3.5) every business currently offering wifi turns it off because even their business clientele isn't worth the cost of running the service and subsequent legal exposure.

    4) RIAA/MPAA find another scapegoat because their profits are still falling.

     

    reply to this | link to this | view in thread ]

  39.  
    icon
    btr1701 (profile), May 13th, 2010 @ 11:38am

    Re: Accessory

    > Besides, in a normal crime, even if you knew about
    > it, you could only be charged as an accessory

    That's not true, either. (At least under American law. I have no clue what German law says about this.)

    Merely knowing about a crime doesn't make you an accessory (despite what cops in movies and TV shows seem to think). In order to be an accessory, you have to have provided some kind of material support or facilitation to the perpetrators of the crime.

    In most US jurisdictions, citizens aren't under any obligation to stop a crime they know about or witness; they're not even required to report it to the police. The only exception for this is child abuse. Most states have passed laws that impose criminal liability on people who know about child abuse and fail to report it.

     

    reply to this | link to this | view in thread ]

  40.  
    icon
    btr1701 (profile), May 13th, 2010 @ 11:40am

    Re: Re: Secure

    > you might as well leave your front door open
    > during the day so strangers can use your sofa
    > and tv while you are at work

    The point is that if I want to do that, then I should be able to. It's *my* house and *my* sofa and TV and if want to make it available to people to use, that's my business. It may not be smart, but I have the right to control my own property. It's none of the government's business.

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    btr1701 (profile), May 13th, 2010 @ 11:42am

    Re: Re:

    > In the U.S. if you leave your keys in the car and
    > someone steals it and commits a crime you are laible.

    There are so many things legally and factually wrong with that statement that I hardly know where to begin.

     

    reply to this | link to this | view in thread ]

  42.  
    icon
    BearGriz72 (profile), May 13th, 2010 @ 9:21pm

    Re: Re:

    I myself have an open access point. Granted it is firewalled, isolated from the rest of my network and bandwidth limited (to prevent negative impact on MY use. I am not an ISP) However if one of my neighbors wants to use that connection under those restrictions they are free to do so. That is what it is there for. Grow a Brain...

     

    reply to this | link to this | view in thread ]

  43.  
    icon
    Vince (profile), May 14th, 2010 @ 4:14am

    You do not really understand :-)

    The decision of the court actually makes the situation BETTER for Germans.

    Until now the owner of an open wlan could be sentenced for everything that happenend over his network. He was directly responsible for illegal file sharing via his network, regardless of who really did that sharing. He had to pay compensation to companies also, even if it could not be proved that he has done the crime himself. Companies usually got immense compensation for each file.

    Same is true when your car is getting into a speed trap and is photographed but the driver cannot be seen clearly. Even if you prove that you did not drive the car you have to pay the fine because it is YOUR car and you are responsible who uses it.

    NOW the court says that an owner just has to pay 100 euro at the most if ANY criminal act has happened via his network (because of the nice german word "Stoererhaftung"), but he is not responsible for the criminal act itself and so does not have to pay any compensation to companies.

    This means: Open your wlan, do illegal file sharing all the time and if somebody gets you and wants to admonish you, all you have to pay is 100 euro and be more careful the next time.

    Now think for yourself if this is better than before. :-)

     

    reply to this | link to this | view in thread ]

  44.  
    identicon
    Tom, May 14th, 2010 @ 4:27am

    ...

    There is apparently some misunderstanding. It's not a criminal court ruling(hint: "Zivilsenat")! And no, you cannot get fined for an open WiFi in Germany, it's not illegal. @Rose M Welch, the comparison with a stolen car and a comitted crime is just plain stupid... sorry. There is just no criminal law involved in this story.

    The ruling says that if your unprotected WiFi is hijacked and used for filesharing you are NOT liable for damages sought by the label/RIAA or whoever. But they can demand a sort of German version of a Cease&Desist which the recipient has to pay for and is limited to 100eur.
    If you dont secure your WiFi after the C&D you may get a problem obviously..
    So if you want to operate an open WiFi you can do so, as long as nobody uses it for illegal acts. Coffee houses may just filter any P2P and should be fine(Is there such technology?).

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    Tom Schweiger, May 14th, 2010 @ 5:57am

    Re: password?

    yes, the case decided by the German Supreme Court (BGH) was a case with a wlan that used a password which was preselected by the manufacturer. So an "easy to know" password, would not be sufficient. You have to use a "secure" password.

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    Tom, May 14th, 2010 @ 7:06am

    Re: You do not really understand :-)

    > This means: Open your wlan, do illegal file sharing all the time and if somebody gets you and wants to admonish you, all you have to pay is 100 euro and be more careful the next time.

    @Vince: well thats just not true!

    100eur limit only applys if your WiFi was hijacked! you will have to prove that you were out of the country(like in this case) or something similar while the filesharing occurred. Thats gonna be a case by case decision in court.
    And if a judge finds you did do it, they can still sue you for damages!

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    BearHear, May 14th, 2010 @ 1:55pm

    judicial explanations of this case

    You find some judicial explanations of this case here:

    http://www.undergermanlaw.com/disturbance-liability-the-reason-for-wlan-restrictions-in-ger many/

    (Explanations by a german lawyer, written in english)

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    Jens Müller, May 14th, 2010 @ 2:38pm

    Criminal court

    "Germany's top criminal court" seems to imply it was a criminal ruling. It was not - it was a civil case brought by the music industry, and the "fine" are "just" attorney fees.

     

    reply to this | link to this | view in thread ]

  49.  
    identicon
    david, Jul 19th, 2010 @ 3:06am

    wirless users

    Thats why I live in a free country like the good old USA. Courts would never fine the inocent.

     

    reply to this | link to this | view in thread ]

  50.  
    identicon
    david, Jul 19th, 2010 @ 3:06am

    wirless users

    Thats why I live in a free country like the good old USA. Courts would never fine the inocent.

     

    reply to this | link to this | view in thread ]

  51.  
    identicon
    Anon, Sep 25th, 2010 @ 4:03am

    Re: wirless users

    That's what they want you to think. wAIT UNTIL acta TAKES EFFECT TOO BY THE WAY. then EVERYONE is screwed, even you in your so called "free country"

     

    reply to this | link to this | view in thread ]

  52.  
    identicon
    marc, Jan 20th, 2013 @ 4:02am

    Re: wirless users

    well, usas law system has its disadvantages too my friend :)

     

    reply to this | link to this | view in thread ]

  53.  
    identicon
    J.D., Jan 3rd, 2014 @ 12:04am

    Response to: Rose M. Welch on May 12th, 2010 @ 12:47pm

    In Germany, if you left your door unlocked (either home or vehicle) and it was broken into or stolen, insurance will claim neglegence and not cover you. So yes, Germany has some weird victim blaming.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This