German Court Says You Must Secure Your WiFi Or You May Get Fined
from the open-wifi-is-illegal? dept
Miranda Neubauer was the first of a few of you to send in the news of a bizarre German court ruling that makes it effectively illegal to offer open WiFi. Seriously:
Germany’s top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data.
Internet users can be fined up to euro100 ($126) if a third party takes advantage of their unprotected WLAN connection to illegally download music or other files, the Karlsruhe-based court said in its verdict.
“Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,” the court said.
This is backwards in so many ways. First, open WiFi is quite useful, and requiring a password can be a huge pain, limiting all sorts of individuals and organizations who have perfectly good reasons for offering free and open WiFi. Second, fining the WiFi hotspot owner for actions of users of the service is highly troubling from a third party liability standpoint. The operator of the WiFi hotspot should not be responsible for the actions of users, and it’s troubling that the German court would find otherwise. This is an unfortunate ruling no matter how you look at it.
Filed Under: copyright, germany, passwords, security, third party liability, wifi, wireless
Comments on “German Court Says You Must Secure Your WiFi Or You May Get Fined”
password?
What if everyone who wish to leave it open just made the password “password” (or the German equivalent)? Would they be liable for not having a strong enough password? Who would they hold liable if the WiFi was locked with a strong password, but there was good reason to believe that the password had been compromised by other means?
Re: password?
What the would do is assume that since your connection was “secure” that you were the one doing the downloading and hit you with that.
Re: password?
yes, the case decided by the German Supreme Court (BGH) was a case with a wlan that used a password which was preselected by the manufacturer. So an “easy to know” password, would not be sufficient. You have to use a “secure” password.
So… if someone steals your car in Germany, and then uses it as a getaway car in a robbery, can you be charged for that as well?
Besides, in a normal crime, even if you knew about it, you could only be charged as an accessory, not the perpetrator.
This is nuts.
Re: Re:
if you lend your car to someone to perform a robbery, perhaps. if they steal it, no. open wifi is a stupid, stupid concept only supported by the internet tree huggers and bandits who dont want to pay for anything. it is the internet version of ‘snitches get stiches’ and just as dishonest. you might as well leave your front door open during the day so strangers can use your sofa and tv while you are at work. totally stupid.
Re: Re: Re:
YEAH! Those coffee houses that have seats in them to entice people to drink their coffee in the place (and perhaps get them to buy more stuff when the caffeine kicks in) shouldn’t be allowed to have them. They are only used by people who want to sit down for free.
Re: Re: Re: Re:
the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit. you are thinking like an american, using bizarre absolutes to try to prove a point. do you let everyone into your house, or only people you choose?
Re: Re: Re:2 Re:
I let everyone into my home. You know what they say, sharing is caring.
Re: Re: Re:3 Re:
in which case you are an exceptional idiot, and you can pay the fines.
Re: Re: Re:4 Re:
What fines? No one fines me for letting people into my home. That’s just stupid!
Re: Re: Re:2 Re:
the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit
You fail again TAM. I work at a place that is simply too large to conveniently “provide connection information” to our patrons. Unless we put signs up all over the place we would have tons of customers wasting staff time asking how to get on the wireless network. By leaving the connection open we make it much more convenient for our customers. Besides, putting a password on it still wouldn’t prevent people from doing illegal things with that network connection.
TAM is such a miserable failure.
Re: Re: Re:2 Re:
“the coffee house is more than able to provide connection information to their patrons, in the same manner that you might grant someone use of your home network when they visit.”
Ah I really love unintended consequences. One really big problem is that this will open up a huge new problem, WiFi locations and password lists online. Also WiFi hacking password software is another unintended consequence. Of course this hacking WiFi hacking software will lead to laws that, require you to get a new WiFi router everytime the encryption is cracked and the firmware upgrade doesnt work.
Re: Re: Re:
You don’t really understand what the internet is, do you? That actually makes a lot of sense.
http://en.wikipedia.org/wiki/Internet
Re: Re: Re:
That comment made no sense whatsoever, and yet still managed to get across the fundamental concepts that sharing things with others is bad and people should be legally restricted from doing so. Kudos to you, sir!
Re: Re: Re:
You, sir, are an idiot.
Adding the level of security that the average user is going to be able to add means that they’ll still be giving away wifi to plenty of people, just like locking your car door and walking away with the keys doesn’t really stop anyone from stealing it.
In both cases, it has nothing to do with permission, but only in one case can you be held responsible for what someone did without your permission.
Re: Re: Re:
We have open wireless at my workplace so that our vendors and techs can get on the internet for fixes, training and demos.
If I put a password on it I would have to hand out that password to about 20 different people per week. Which means at the end of the year there are over a thousand people with that password anyway.
You obviosly have no connection to the IT industry.
Re: Re: Secure
> you might as well leave your front door open
> during the day so strangers can use your sofa
> and tv while you are at work
The point is that if I want to do that, then I should be able to. It’s *my* house and *my* sofa and TV and if want to make it available to people to use, that’s my business. It may not be smart, but I have the right to control my own property. It’s none of the government’s business.
Re: Re: Re:
I myself have an open access point. Granted it is firewalled, isolated from the rest of my network and bandwidth limited (to prevent negative impact on MY use. I am not an ISP) However if one of my neighbors wants to use that connection under those restrictions they are free to do so. That is what it is there for. Grow a Brain…
Re: Yep
Plus, if any nearby Germans have rights, other nearby Germans are subject to violence (inexplicably).
; P
Re: Re:
In the U.S. if you leave your keys in the car and someone steals it and commits a crime you are laible.
Re: Re: Re:
“In the U.S. if you leave your keys in the car and someone steals it and commits a crime you are laible.”
Liable for what?
IANAL, however – I do recall that (in the US) some states have laws which penalize those who leave their keys in the vehicle. In addition, there are laws (in some states) which penalize those who leave the vehicle running, etc. It is my understanding that the vehicle owner is not liable for the actions of the car thief, whatever they may be. If you have information in support of your assertion that would be great, please share.
Re: Re: Re:
> In the U.S. if you leave your keys in the car and
> someone steals it and commits a crime you are laible.
There are so many things legally and factually wrong with that statement that I hardly know where to begin.
Re: Accessory
> Besides, in a normal crime, even if you knew about
> it, you could only be charged as an accessory
That’s not true, either. (At least under American law. I have no clue what German law says about this.)
Merely knowing about a crime doesn’t make you an accessory (despite what cops in movies and TV shows seem to think). In order to be an accessory, you have to have provided some kind of material support or facilitation to the perpetrators of the crime.
In most US jurisdictions, citizens aren’t under any obligation to stop a crime they know about or witness; they’re not even required to report it to the police. The only exception for this is child abuse. Most states have passed laws that impose criminal liability on people who know about child abuse and fail to report it.
how silly, this is probably one of those laws legislators pass just to appear to be doing something, but will never be enforced because of the shitstorm it would cause
i wonder
I wonder if you can apply to have an open wifi network if it is part of a business, or though some other means. It would probably require locking down some aspects of the service and logging data.
Yeah, that was TAM, our resident RIAA shill. He never makes any sense and has no fucking clue about technology. Just the same as that German court.
Using a password is only part of securing the wifi. WEP can be easily broken and even WAP, although more difficult. The point is you can claim your wifi has been hacked. Then what?
And what if you did everything you know to secure your network but left a weak point and got hacked?
What if you are a moron like TAM?
Re: Re:
ask your insurance company what the difference would be between leaving your car running with the doors unlocked and it being locked, with an alarm system, an immobilizer, a club, and a gps tracking device. then you will maybe understand the difference rd.
Re: Re: Re:
hi mike.
Re: Re: Re:
You fail again TAM (You’ve been failing a lot today). Your analogy between open Wireless and a car is worse than Ted Stevens considering the internet “A bunch of tubes”. There is no correlation between a car and a wireless access point. You are simply trying to derail the discussion with something completely irrelevant.
Re: Re: WIFI insurance
Why would I do that?
This makes no sense at all.
Do I now need WIFI insurance?
To #3: If you really believe that people “dont want to pay for anything” you probably don’t watch TV, which is “free” and is supported by advertisers. Coffee houses provide “free” wifi, which is supported by the increase in business.
Some European hotels not offering open Wifi anymore
I was in Prague for a few days this Spring and our hotel didn’t offer open Wifi for this very reason, but when we checked in they gave each of us a patch cable so we could connect to their network for free internet access.
Re: Some European hotels not offering open Wifi anymore
Most hotels I have stayed at in the United States give you a password when you check in. In contrast most of the businesses I have worked at have open WIFI for their customers. I think the main reason is because the hotel has a closer relationship with the customer name and address are given usually a credit card is on file etc… In a retail business you do not always have that communication with customers but it is advantageous to have free WIFI in the customer waiting area. Yes we could encrypt and issue passwords but that stretches our already limited staff even thinner. A sign that says “Free WIFI” is great at getting potential customers into a business.
so...
the courts are saying it has to be secured against unauthorized users.
So, hotspots would have a username and password to use for the public plus a record of mac and ip addresses used. and the users are then authorized vs unauthorized. anyone can connect, but its still ‘secured’ vs ‘open’
Home and small business users would protect themselves from having someone borrow their bandwith or illegally obtain network files of data and possibly other client information, spam or other activity not authorized to do – by putting a password on their wifi connection.
seems like common sense to me.
Cheaper
$126 is cheaper than a lawsuit from the RIAA. Just make a deal with your neighbor. I’ll use your open wifi and you use mine. We both have the same $126 risk. Even better, the RIAA won’t see a dime!
Brilliant law to screw the RIAA. Yay Germany!
CONGRATULATIONS
Congratulations to the German court.
Imagine if your wireless network is used to commit a crime: bullying, theft, murder, tax evasion, drug trafficking, terrorism, etc..
Here in Brazil we say, until you proves that pig’s snout is no outlet, your life becames a hell.
Here's my password
For a business, it’s ridiculous for them to have to tell me the password for their wireless so I can log in and do illegal things.
Why not just let me get on without the password so I can do the illegal things? They aren’t going to refuse me the password, so why make them jump through the hoop of giving it to me?
Let’s say they do capture my MAC id; so what? There’s no way to track me down by MAC. There’s no giant DB of MAC id’s, plus they’re easy to spoof.
Wifi
So, why can’t the re-jig things to say “private residences”
i.e. if you have a registered business (as hot spot owners / cafes, etc, etc should presumably have)…then some different interpretation applies
if you’re NOT a business AND you have unsecured wifi…then Blam, fine, thanks!
I do believe already that the document kind of states this as it’s worded “private individuals”
Re: Wifi
Cool, you can get your neighbour sued in 4 easy steps!
– Go round for a cup of coffee and note down their password when their back’s turned
– Log into their router and change it to an open network
– Download a few movies
– Relax and laugh when he opens his settlement bill
Much better than trying to get them to make sense by not making 3rd parties responsible for actions they have no control over.
Re: Wifi
But corporations are now people.
wifi
I live in an apartment complex and have turned into the resident IT guy. I know all my neighbors passwords because I set their wirless systems up.
Personally, I prefer MAC filtering.
WooHoo
1) pass a law that requires a new protocol for WIFI, something like Secure Interface Control (SIC)
2) in order to get everyone on board (except consumers), promise to never shut off a user WIFI
3) FCC … something, something
4) PROFIT !
Re: WooHoo
Actually I think it goes like this:
3.5) every business currently offering wifi turns it off because even their business clientele isn’t worth the cost of running the service and subsequent legal exposure.
4) RIAA/MPAA find another scapegoat because their profits are still falling.
You do not really understand :-)
The decision of the court actually makes the situation BETTER for Germans.
Until now the owner of an open wlan could be sentenced for everything that happenend over his network. He was directly responsible for illegal file sharing via his network, regardless of who really did that sharing. He had to pay compensation to companies also, even if it could not be proved that he has done the crime himself. Companies usually got immense compensation for each file.
Same is true when your car is getting into a speed trap and is photographed but the driver cannot be seen clearly. Even if you prove that you did not drive the car you have to pay the fine because it is YOUR car and you are responsible who uses it.
NOW the court says that an owner just has to pay 100 euro at the most if ANY criminal act has happened via his network (because of the nice german word “Stoererhaftung”), but he is not responsible for the criminal act itself and so does not have to pay any compensation to companies.
This means: Open your wlan, do illegal file sharing all the time and if somebody gets you and wants to admonish you, all you have to pay is 100 euro and be more careful the next time.
Now think for yourself if this is better than before. 🙂
Re: You do not really understand :-)
> This means: Open your wlan, do illegal file sharing all the time and if somebody gets you and wants to admonish you, all you have to pay is 100 euro and be more careful the next time.
@Vince: well thats just not true!
100eur limit only applys if your WiFi was hijacked! you will have to prove that you were out of the country(like in this case) or something similar while the filesharing occurred. Thats gonna be a case by case decision in court.
And if a judge finds you did do it, they can still sue you for damages!
...
There is apparently some misunderstanding. It’s not a criminal court ruling(hint: “Zivilsenat”)! And no, you cannot get fined for an open WiFi in Germany, it’s not illegal. @Rose M Welch, the comparison with a stolen car and a comitted crime is just plain stupid… sorry. There is just no criminal law involved in this story.
The ruling says that if your unprotected WiFi is hijacked and used for filesharing you are NOT liable for damages sought by the label/RIAA or whoever. But they can demand a sort of German version of a Cease&Desist which the recipient has to pay for and is limited to 100eur.
If you dont secure your WiFi after the C&D you may get a problem obviously..
So if you want to operate an open WiFi you can do so, as long as nobody uses it for illegal acts. Coffee houses may just filter any P2P and should be fine(Is there such technology?).
judicial explanations of this case
You find some judicial explanations of this case here:
http://www.undergermanlaw.com/disturbance-liability-the-reason-for-wlan-restrictions-in-germany/
(Explanations by a german lawyer, written in english)
Criminal court
“Germany’s top criminal court” seems to imply it was a criminal ruling. It was not – it was a civil case brought by the music industry, and the “fine” are “just” attorney fees.
wirless users
Thats why I live in a free country like the good old USA. Courts would never fine the inocent.
wirless users
Thats why I live in a free country like the good old USA. Courts would never fine the inocent.
Re: wirless users
That’s what they want you to think. wAIT UNTIL acta TAKES EFFECT TOO BY THE WAY. then EVERYONE is screwed, even you in your so called “free country”
Re: wirless users
well, usa?s law system has its disadvantages too my friend 🙂
Response to: Rose M. Welch on May 12th, 2010 @ 12:47pm
In Germany, if you left your door unlocked (either home or vehicle) and it was broken into or stolen, insurance will claim neglegence and not cover you. So yes, Germany has some weird victim blaming.