According to the Herald Sun newspaper today, “a Monash university student has admitted in court scamming thousands of dollars worth of Internet access in what experts say is potentially a rocketing problem”. Considering I work with this type of technology (Internet, Wi-Fi, etc…) all the time and I’m not aware of the laws around this topic, I imagine there are many more people who would be equally in the dark.
The implication from the news report is that it was illegal for Zee Ping Lim, the individual at the centre of the case, to connect to another person’s internet connection and use it without authorisation. But considering that most computers with Wi-Fi support will automatically connect to an available unsecured connection with no user interaction whatsoever, can a user really be responsible for this usage? Sure, most users will be aware that they’re not connected to their own wireless network, and will have sufficient knowledge to realise they’re utilising another person’s bandwidth, but how can the law cover such an ambiguous area where another user could legitimately be unaware of an automatic connection?
Given that wireless access points are easily secured with encryption (WEP or WPA being the two main types), surely it would make more sense that the owner of a wireless access point should be responsible for ensuring they have implemented security. If a user then intentionally managed to hack their way into such a secured network (which in itself would be hugely improbable and a major achievement in it’s own right!) there’d be no doubt that they were there with illegal intent.
There are frequently legitimate situations where you can jump on to a free wi-fi hotspot, such as at a cafe or airport lounge, and there’s no way for a user to distinguish which connection they are entitled (and encouraged) to use versus which connection would be ‘illegal’ to use — until you’ve established your connection and opened a web browser window, you can’t receive any communique from the owner of the network to advise you of whether or not you’re welcome there.
What do you think? Although I agree that Zee Ping Lim would likely have been fully aware that he was utilising somebody else’s bandwidth and should not have done it to the extent that he did, I think the law should place the responsibility back on the network owner to implement some security if they don’t want somebody piggy-backing on their connection. That’s the only way to make it clear where each party’s obligations begin and end, and to protect innocent (mostly non-technical) users who have inadvertently ‘strayed’ onto somebody else’s wireless connection.