German Court Says You Must Secure Your WiFi Or You May Get Fined

from the open-wifi-is-illegal? dept

Miranda Neubauer was the first of a few of you to send in the news of a bizarre German court ruling that makes it effectively illegal to offer open WiFi. Seriously:

Germany’s top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data.

Internet users can be fined up to euro100 ($126) if a third party takes advantage of their unprotected WLAN connection to illegally download music or other files, the Karlsruhe-based court said in its verdict.

“Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,” the court said.

This is backwards in so many ways. First, open WiFi is quite useful, and requiring a password can be a huge pain, limiting all sorts of individuals and organizations who have perfectly good reasons for offering free and open WiFi. Second, fining the WiFi hotspot owner for actions of users of the service is highly troubling from a third party liability standpoint. The operator of the WiFi hotspot should not be responsible for the actions of users, and it’s troubling that the German court would find otherwise. This is an unfortunate ruling no matter how you look at it.

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “German Court Says You Must Secure Your WiFi Or You May Get Fined”

Subscribe: RSS Leave a comment
53 Comments
Travis Miller (profile) says:

password?

What if everyone who wish to leave it open just made the password “password” (or the German equivalent)? Would they be liable for not having a strong enough password? Who would they hold liable if the WiFi was locked with a strong password, but there was good reason to believe that the password had been compromised by other means?

Anonymous Coward says:

Re: Re:

if you lend your car to someone to perform a robbery, perhaps. if they steal it, no. open wifi is a stupid, stupid concept only supported by the internet tree huggers and bandits who dont want to pay for anything. it is the internet version of ‘snitches get stiches’ and just as dishonest. you might as well leave your front door open during the day so strangers can use your sofa and tv while you are at work. totally stupid.

Anonymous Coward says:

Re: Re: Re: Re:

the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit. you are thinking like an american, using bizarre absolutes to try to prove a point. do you let everyone into your house, or only people you choose?

DocMenach (profile) says:

Re: Re: Re:2 Re:

the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit

You fail again TAM. I work at a place that is simply too large to conveniently “provide connection information” to our patrons. Unless we put signs up all over the place we would have tons of customers wasting staff time asking how to get on the wireless network. By leaving the connection open we make it much more convenient for our customers. Besides, putting a password on it still wouldn’t prevent people from doing illegal things with that network connection.

TAM is such a miserable failure.

Hephaestus (profile) says:

Re: Re: Re:2 Re:

“the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit.”

Ah I really love unintended consequences. One really big problem is that this will open up a huge new problem, WiFi locations and password lists online. Also WiFi hacking password software is another unintended consequence. Of course this hacking WiFi hacking software will lead to laws that, require you to get a new WiFi router everytime the encryption is cracked and the firmware upgrade doesnt work.

Rose M. Welch (profile) says:

Re: Re: Re:

You, sir, are an idiot.

Adding the level of security that the average user is going to be able to add means that they’ll still be giving away wifi to plenty of people, just like locking your car door and walking away with the keys doesn’t really stop anyone from stealing it.

In both cases, it has nothing to do with permission, but only in one case can you be held responsible for what someone did without your permission.

tuna says:

Re: Re: Re:

We have open wireless at my workplace so that our vendors and techs can get on the internet for fixes, training and demos.

If I put a password on it I would have to hand out that password to about 20 different people per week. Which means at the end of the year there are over a thousand people with that password anyway.

You obviosly have no connection to the IT industry.

btr1701 (profile) says:

Re: Re: Secure

> you might as well leave your front door open
> during the day so strangers can use your sofa
> and tv while you are at work

The point is that if I want to do that, then I should be able to. It’s *my* house and *my* sofa and TV and if want to make it available to people to use, that’s my business. It may not be smart, but I have the right to control my own property. It’s none of the government’s business.

abc gum says:

Re: Re: Re:

“In the U.S. if you leave your keys in the car and someone steals it and commits a crime you are laible.”

Liable for what?

IANAL, however – I do recall that (in the US) some states have laws which penalize those who leave their keys in the vehicle. In addition, there are laws (in some states) which penalize those who leave the vehicle running, etc. It is my understanding that the vehicle owner is not liable for the actions of the car thief, whatever they may be. If you have information in support of your assertion that would be great, please share.

btr1701 (profile) says:

Re: Accessory

> Besides, in a normal crime, even if you knew about
> it, you could only be charged as an accessory

That’s not true, either. (At least under American law. I have no clue what German law says about this.)

Merely knowing about a crime doesn’t make you an accessory (despite what cops in movies and TV shows seem to think). In order to be an accessory, you have to have provided some kind of material support or facilitation to the perpetrators of the crime.

In most US jurisdictions, citizens aren’t under any obligation to stop a crime they know about or witness; they’re not even required to report it to the police. The only exception for this is child abuse. Most states have passed laws that impose criminal liability on people who know about child abuse and fail to report it.

Anonymous Coward says:

Yeah, that was TAM, our resident RIAA shill. He never makes any sense and has no fucking clue about technology. Just the same as that German court.

Using a password is only part of securing the wifi. WEP can be easily broken and even WAP, although more difficult. The point is you can claim your wifi has been hacked. Then what?

And what if you did everything you know to secure your network but left a weak point and got hacked?

What if you are a moron like TAM?

Atkray (profile) says:

Re: Some European hotels not offering open Wifi anymore

Most hotels I have stayed at in the United States give you a password when you check in. In contrast most of the businesses I have worked at have open WIFI for their customers. I think the main reason is because the hotel has a closer relationship with the customer name and address are given usually a credit card is on file etc… In a retail business you do not always have that communication with customers but it is advantageous to have free WIFI in the customer waiting area. Yes we could encrypt and issue passwords but that stretches our already limited staff even thinner. A sign that says “Free WIFI” is great at getting potential customers into a business.

erica ann (profile) says:

so...

the courts are saying it has to be secured against unauthorized users.

So, hotspots would have a username and password to use for the public plus a record of mac and ip addresses used. and the users are then authorized vs unauthorized. anyone can connect, but its still ‘secured’ vs ‘open’

Home and small business users would protect themselves from having someone borrow their bandwith or illegally obtain network files of data and possibly other client information, spam or other activity not authorized to do – by putting a password on their wifi connection.

seems like common sense to me.

Anonymous Coward says:

Here's my password

For a business, it’s ridiculous for them to have to tell me the password for their wireless so I can log in and do illegal things.

Why not just let me get on without the password so I can do the illegal things? They aren’t going to refuse me the password, so why make them jump through the hoop of giving it to me?

Let’s say they do capture my MAC id; so what? There’s no way to track me down by MAC. There’s no giant DB of MAC id’s, plus they’re easy to spoof.

dean (profile) says:

Wifi

So, why can’t the re-jig things to say “private residences”

i.e. if you have a registered business (as hot spot owners / cafes, etc, etc should presumably have)…then some different interpretation applies

if you’re NOT a business AND you have unsecured wifi…then Blam, fine, thanks!

I do believe already that the document kind of states this as it’s worded “private individuals”

PaulT (profile) says:

Re: Wifi

Cool, you can get your neighbour sued in 4 easy steps!

– Go round for a cup of coffee and note down their password when their back’s turned
– Log into their router and change it to an open network
– Download a few movies
– Relax and laugh when he opens his settlement bill

Much better than trying to get them to make sense by not making 3rd parties responsible for actions they have no control over.

Vince (profile) says:

You do not really understand :-)

The decision of the court actually makes the situation BETTER for Germans.

Until now the owner of an open wlan could be sentenced for everything that happenend over his network. He was directly responsible for illegal file sharing via his network, regardless of who really did that sharing. He had to pay compensation to companies also, even if it could not be proved that he has done the crime himself. Companies usually got immense compensation for each file.

Same is true when your car is getting into a speed trap and is photographed but the driver cannot be seen clearly. Even if you prove that you did not drive the car you have to pay the fine because it is YOUR car and you are responsible who uses it.

NOW the court says that an owner just has to pay 100 euro at the most if ANY criminal act has happened via his network (because of the nice german word “Stoererhaftung”), but he is not responsible for the criminal act itself and so does not have to pay any compensation to companies.

This means: Open your wlan, do illegal file sharing all the time and if somebody gets you and wants to admonish you, all you have to pay is 100 euro and be more careful the next time.

Now think for yourself if this is better than before. 🙂

Tom says:

Re: You do not really understand :-)

> This means: Open your wlan, do illegal file sharing all the time and if somebody gets you and wants to admonish you, all you have to pay is 100 euro and be more careful the next time.

@Vince: well thats just not true!

100eur limit only applys if your WiFi was hijacked! you will have to prove that you were out of the country(like in this case) or something similar while the filesharing occurred. Thats gonna be a case by case decision in court.
And if a judge finds you did do it, they can still sue you for damages!

Tom says:

...

There is apparently some misunderstanding. It’s not a criminal court ruling(hint: “Zivilsenat”)! And no, you cannot get fined for an open WiFi in Germany, it’s not illegal. @Rose M Welch, the comparison with a stolen car and a comitted crime is just plain stupid… sorry. There is just no criminal law involved in this story.

The ruling says that if your unprotected WiFi is hijacked and used for filesharing you are NOT liable for damages sought by the label/RIAA or whoever. But they can demand a sort of German version of a Cease&Desist which the recipient has to pay for and is limited to 100eur.
If you dont secure your WiFi after the C&D you may get a problem obviously..
So if you want to operate an open WiFi you can do so, as long as nobody uses it for illegal acts. Coffee houses may just filter any P2P and should be fine(Is there such technology?).

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »