A couple years ago, we were disappointed to see a judge take the technologically wrong stance that data transmitted over WiFi is not
a "radio communication," thereby making sniffing of unencrypted
WiFi signals potentially a form of wiretapping. Indeed, based on that, the court eventually ruled that Google's infamous WiFi sniffing
could be a violation of wiretap laws
. This is wrong on so many levels... and tragically, an appeals court has now upheld the lower court's ruling
There are serious problems with this. Under no reasonable view is WiFi not
a radio communication first of all. That's exactly
what it is. Second, sniffing unencrypted packets on an open
network is a perfectly normal thing to do. The data is unencrypted
and it's done on a network that is decidedly open
. It's like saying it's "wiretapping" for turning on your radio and having it catch the signals your neighbor is broadcasting. That's not
wiretapping. Third, even the court here admits that based on this ruling, parts of the law don't make any sense
, because it renders those parts superfluous. Generally speaking, when a court ruling would render a part of a law completely superfluous, it means that the court misinterpreted the law.
Bizarrely, the court seems to rely on the claim that most radio communications are "auditory" (i.e., involving sound) and thus data transmissions are somehow not radio. Seriously. This statement is so uninformed and flat out wrong that it's kind of shocking the court made it. Specifically the ruling says that the "telltale signs" of "radio communications" are that they're (1) "auditory" and (2) "broadcast" and then says it doesn't even need to consider whether or not WiFi signals are broadcast, since the fact that they're not auditory means they don't even have to consider that fact. Seriously. Read this and try not
to bang your head on the nearest desk or wall:
We need not reach the question of what exactly constitutes a "broadcast" because the Wi-Fi transmissions in question were not predominantly auditory.
The court also stumbles badly on the other key question in the lawsuit -- over whether or not these things are "readily accessible to the general public." Again, here, if you know anything
about the technology you know without question that broadcasting unencrypted data over an open WiFi network are by definition
"readily accessible to the general public." That's how it works
and how it was designed to work
. But the court says it's not because someone might send something "sensitive" from
a secured network to
an open WiFi network, and the sender didn't intend for that info to be available via open WiFi. But that gets the calculus totally wrong. First, if I'm sending something "sensitive," it should be encrypted, full stop. Second, the security of the endpoint recipient is the responsibility of that recipient, not the sender, so the whole analogy makes no sense.
Later, the court argues that WiFi isn't readily accessible because the signal is "geographically limited." But, um, again, that's true of just about any
radio signal. If I have a low-power transmitter, that's still a radio transmitter. It also claims that it's "difficult" to access unencrypted data on an open network, but that's not true at all. They claim it requires "sophisticated" hardware and software, but that's not actually true, and if you believe it's true, you could basically make the same argument about all kinds of radio transmissions.
Either way, there's a fundamental fact here that the courts don't seem to recognize: when you broadcast unencrypted data on an open network it's there for anyone
to access. It seems ridiculous to then claim that it's illegal to access it when it's presented in a manner that more or less cries out "come take a look!" This really feels like a situation where the court looked at what Google did, decided it didn't like it, and then tried to tap dance around reality to make it a violation of the law even though it's almost certainly not a violation.