Clueless Woman Calls Tech Show When Her Stolen Wi-Fi Disappears

[grumbler]

Incidentally, leeching bandwidth would imo count as "obstructing or interfering with the use of a computer programme", since for example it causes the effective download speed of the authorized user to decrease.

Any lawyers have an opinion on what it would take to show intent to do this (even assuming that Marti is correct)?

[grumbler]

It's hilarious how you slam him for making bad analogies and then make this one. Joining a network, encrypted or not, requires a positive action - it doesn't just happen involuntarily (unlike overhearing a conversation or music playing from someone else's speakers). The action may be trivial (just clicking "Confirm") but your computer wouldn't just join a free network without prompting you somehow (unless you configure it to do so, but then it is a positive action as well).

Joining a network simply requires one to follow the recommendations in the network wizard.  I am not sure (and more than you are, in the absence of some legal expertise in these kinds of things)m whether the "reasonable person" wouldn't simply follow the recommendations of the wizard.

[ulmont]

Incidentally, leeching bandwidth would imo count as "obstructing or interfering with the use of a computer programme", since for example it causes the effective download speed of the authorized user to decrease.

Any lawyers have an opinion on what it would take to show intent to do this (even assuming that Marti is correct)?

I think that you would only need to show the intent to leech bandwidth, since the natural consequence of leeching bandwidth is to "obstruct[], interrupt[], or in any way interfer[e] with the use of a computer program or data."  Alternately, the intent to leech bandwidth is the intent to "[t]ak[e] or appropriat[e] any property of another" (the bandwidth).

In either case, the only intent needed is the intent to leech bandwidth, assuming that leeching bandwidth can be shown to have the natural consequence of taking my bandwidth or slowing my downloads.  You would not need to show an intent to break the law, just an intent to act in a way that would naturally lead to the barred results.

I am by no means certain that a prosecutor could convict of wifi theft without some additional facts, but I do think that such a charge could be brought and make it to the jury.

[Barrister]

Any actual lawyers have any opinions on this?

The definition of theft in Canada:

322. (1) Every one commits theft who fraudulently and without colour of right takes, or fraudulently and without colour of right converts to his use or to the use of another person, anything, whether animate or inanimate, with intent
(a) to deprive, temporarily or absolutely, the owner of it, or a person who has a special property or interest in it, of the thing or of his property or interest in it;
(b) to pledge it or deposit it as security;
(c) to part with it under a condition with respect to its return that the person who parts with it may be unable to perform; or
(d) to deal with it in such a manner that it cannot be restored in the condition in which it was at the time it was taken or converted.

Several problems in calling the leeching of wifi theft:

"who fraudulently" - by using an unsecured wi fi signal you aren't doing anything dishonestly - there's no password after all.

"to deprive the owner" - unless you're absolutely maxing out the connection, odds are the owner doesn't even realize you're leaching.

There's a separate offense for unauthorized use of a computer:

342.1 (1) Every one who, fraudulently and without colour of right,
(a) obtains, directly or indirectly, any computer service,
(b) by means of an electro-magnetic, acoustic, mechanical or other device, intercepts or causes to be intercepted, directly or indirectly, any function of a computer system,
(c) uses or causes to be used, directly or indirectly, a computer system with intent to commit an offence under paragraph (a) or (b) or an offence under section 430 in relation to data or a computer system, or
(d) uses, possesses, traffics in or permits another person to have access to a computer password that would enable a person to commit an offence under paragraph (a), (b) or (c)
is guilty of an indictable offence and liable to imprisonment for a term not exceeding ten years, or is guilty of an offence punishable on summary conviction.

Again the issue is "fraudulently".



As a prosecutor if the police presented me with such a charge I believe we would decline to prosecute for lack of public interest.

[grumbler]

I think that you would only need to show the intent to leech bandwidth, since the natural consequence of leeching bandwidth is to "obstruct[], interrupt[], or in any way interfer[e] with the use of a computer program or data."  Alternately, the intent to leech bandwidth is the intent to "[t]ak[e] or appropriat[e] any property of another" (the bandwidth).

In either case, the only intent needed is the intent to leech bandwidth, assuming that leeching bandwidth can be shown to have the natural consequence of taking my bandwidth or slowing my downloads.  You would not need to show an intent to break the law, just an intent to act in a way that would naturally lead to the barred results.

I am by no means certain that a prosecutor could convict of wifi theft without some additional facts, but I do think that such a charge could be brought and make it to the jury.

I understand what you are saying, and am not saying you are wrong, but I am saying I would be surprised if it proved to be the case that just by clicking on the "connect to network" button one was committing a crime, given that the network was there and unprotected to begin with.

Unless you are offering a professional legal opinion, in which case I would defer to your superior expertise, of course.

[ulmont]

I understand what you are saying, and am not saying you are wrong, but I am saying I would be surprised if it proved to be the case that just by clicking on the "connect to network" button one was committing a crime, given that the network was there and unprotected to begin with.

I see your point.  However, there have been arrests (US and elsewhere) and convictions (elsewhere, as far as I can tell) or plea bargains (US) though:
http://arstechnica.com/tech-policy/news/2007/05/michigan-man-arrested-for-using-cafes-free-wifi-from-his-car.ars
http://www.cbsnews.com/stories/2005/07/07/tech/main707361.shtml
http://www.pcworld.com/article/122153/the_case_of_the_stolen_wifi.html
http://www.msnbc.msn.com/id/16299061/

Unless you are offering a professional legal opinion, in which case I would defer to your superior expertise, of course.

God, no.  I am discussing hypotheticals only, without reference to any specific person's situation.

[grumbler]

http://arstechnica.com/tech-policy/news/2007/05/michigan-man-arrested-for-using-cafes-free-wifi-from-his-car.ars

The Michigan law cited in this case is much more specific than others I have seen (and I specifically allowed that the language cited earlier implied this might well be the case in at least some jurisdicitons):

A person shall not intentionally and without authorization or by exceeding valid authorization do any of the following:

(a) Access or cause access to be made to a computer program, computer, computer system, or computer network to acquire, alter, damage, delete, or destroy property or otherwise use the service of a computer program, computer, computer system, or computer network.

I am willing to bet that the internet cafe had the kinds of logon warnings I have seen elsewhere, which stated that the network was for customer use only.  That would make the "without authorization" issue clearcut.

The Florida case is more relevant to what we are talking about, and pretty much proves your point (provided a conviction is gotten).  I haven't looked to see if the Florida law is as specific on the topic (making use illegal and not just harm) but I don't think that is relevant to your point, which I concede.

[garbon]

The action may be trivial (just clicking "Confirm") but your computer wouldn't just join a free network without prompting you somehow (unless you configure it to do so, but then it is a positive action as well).

Not exactly. In fact, the first time I ever leeched internet was after I'd been visiting my aunt and uncle.  They didn't know about encryption and so there network was just setup with the default network name (in this case: linksys). As connecting to a network in windows sets it up to automatically connect whenever you are in range, my computer would then connect to any unencrypted linksys networks that it found in range. I did nothing.

[grumbler]

Not exactly. In fact, the first time I ever leeched internet was after I'd been visiting my aunt and uncle.  They didn't know about encryption and so there network was just setup with the default network name (in this case: linksys). As connecting to a network in windows sets it up to automatically connect whenever you are in range, my computer would then connect to any unencrypted linksys networks that it found in range. I did nothing.

  I dare say most people set up (or have set up when they purchase it) their computers to automatically connect to their network, and that few change the defaults.

Still, this is probably not the kind of egregious behavior that would result in anyone noticing anyway.  However, it does appear to be illegal, in some if not all US jurisdictions.

[DontSayBanana]

The definition of theft in Canada:

322. (1) Every one commits theft who fraudulently and without colour of right takes, or fraudulently and without colour of right converts to his use or to the use of another person, anything, whether animate or inanimate, with intent
(a) to deprive, temporarily or absolutely, the owner of it, or a person who has a special property or interest in it, of the thing or of his property or interest in it;
(b) to pledge it or deposit it as security;
(c) to part with it under a condition with respect to its return that the person who parts with it may be unable to perform; or
(d) to deal with it in such a manner that it cannot be restored in the condition in which it was at the time it was taken or converted.

Several problems in calling the leeching of wifi theft:

"who fraudulently" - by using an unsecured wi fi signal you aren't doing anything dishonestly - there's no password after all.

"to deprive the owner" - unless you're absolutely maxing out the connection, odds are the owner doesn't even realize you're leaching.

There's a separate offense for unauthorized use of a computer:

342.1 (1) Every one who, fraudulently and without colour of right,
(a) obtains, directly or indirectly, any computer service,
(b) by means of an electro-magnetic, acoustic, mechanical or other device, intercepts or causes to be intercepted, directly or indirectly, any function of a computer system,
(c) uses or causes to be used, directly or indirectly, a computer system with intent to commit an offence under paragraph (a) or (b) or an offence under section 430 in relation to data or a computer system, or
(d) uses, possesses, traffics in or permits another person to have access to a computer password that would enable a person to commit an offence under paragraph (a), (b) or (c)
is guilty of an indictable offence and liable to imprisonment for a term not exceeding ten years, or is guilty of an offence punishable on summary conviction.

Again the issue is "fraudulently".

As a prosecutor if the police presented me with such a charge I believe we would decline to prosecute for lack of public interest.

"Fraudulently" doesn't cover stolen credentials?  The WiFi leecher is, from the viewpoint of the ISP that charges its legitimate users for its service, using the leeched DHCP service to gain access to its paid service. 

[Barrister]

"Fraudulently" doesn't cover stolen credentials?  The WiFi leecher is, from the viewpoint of the ISP that charges its legitimate users for its service, using the leeched DHCP service to gain access to its paid service.

Not if it's an open wi fi connection, with no credentials needed.

[DontSayBanana]

"Fraudulently" doesn't cover stolen credentials?  The WiFi leecher is, from the viewpoint of the ISP that charges its legitimate users for its service, using the leeched DHCP service to gain access to its paid service.

Not if it's an open wi fi connection, with no credentials needed.

I meant network access being a de facto credential of a licensed user of the ISP; the "theft" is simply that the connection bandwidth allocated to the customer is being siphoned somewhere else- it's theft from both the network owner and the ISP themselves.  You'd probably have a better case going after the ISP's stake, since they're more likely to be able to quantify damages as a result.

[Barrister]

"Fraudulently" doesn't cover stolen credentials?  The WiFi leecher is, from the viewpoint of the ISP that charges its legitimate users for its service, using the leeched DHCP service to gain access to its paid service.

Not if it's an open wi fi connection, with no credentials needed.

I meant network access being a de facto credential of a licensed user of the ISP; the "theft" is simply that the connection bandwidth allocated to the customer is being siphoned somewhere else- it's theft from both the network owner and the ISP themselves.  You'd probably have a better case going after the ISP's stake, since they're more likely to be able to quantify damages as a result.

Go back to the word fraudulently.  Quantifying damages is something else entirely.

[DontSayBanana]

Go back to the word fraudulently.  Quantifying damages is something else entirely.

OK.  Shortening it, the WiFi leecher is fraudulently obtaining access to the ISP's service.  Better? 

The ISP typically counts on MAC addresses to verify they're providing to the computer they think they are, and routers typically work by extending that MAC address to all the resident's computers via MAC cloning.  As far as the ISP's firewall is concerned, that WiFi leecher is using the computer that the techs were sent out to connect.  Leecher poses as customer to get Internet service from the ISP.  Wouldn't you call that fraudulent?

[Barrister]

Go back to the word fraudulently.  Quantifying damages is something else entirely.

OK.  Shortening it, the WiFi leecher is fraudulently obtaining access to the ISP's service.  Better? 

The ISP typically counts on MAC addresses to verify they're providing to the computer they think they are, and routers typically work by extending that MAC address to all the resident's computers via MAC cloning.  As far as the ISP's firewall is concerned, that WiFi leecher is using the computer that the techs were sent out to connect.  Leecher poses as customer to get Internet service from the ISP.  Wouldn't you call that fraudulent?

Definitions of fraudulent on the Web:

deceitful: intended to deceive; "deceitful advertising"; "fallacious testimony"; "smooth, shining, and deceitful as thin ice" - S.T.Coleridge; "a ...
wordnetweb.princeton.edu/perl/webwn
In the broadest sense, a fraud is an intentional deception made for personal gain or to damage another individual. The specific legal definition varies by legal jurisdiction. Fraud is a crime, and is also a civil law violation. ...
en.wikipedia.org/wiki/Fraudulent
dishonest; based on fraud or deception; false; phony
en.wiktionary.org/wiki/fraudulent
fraudulence - a fraudulent or duplicitous representation
fraudulence - the quality of being fraudulent
fraudulence - fraud: something intended to deceive; deliberate trickery intended to gain an advantage
wordnetweb.princeton.edu/perl/webwn
fraudulently - in a dishonest and fraudulent manner; "this money was fraudulently obtained"
wordnetweb.princeton.edu/perl/webwn
Deliberately false or misleading.
www.rpemery.com.au/glossary_of_legal_terms/f.html
fraudulence - Very often the moral norms in a society are defended and maintained by people who are fraudulent and know themselves to be frauds. ...
www.xs4all.nl/~maartens/philosophy/Dictionary/M/Moral%20norms%20-%20features%20of.htm

There needs to be some aspect of dishonesty or disceit.  If someone leaves their wi fi open, and I log in without using any false password, how can I be said to be acting fraudulently?