Are You Liable If Someone Does Something Illegal On Your WiFi?
from the you-shouldn't-be... dept
For years, whenever the press has written one of their fear-mongering stories about open WiFi, they almost always include some tidbit about how if someone uses your network to do something illegal, you can be arrested for it. It's one of the popular open WiFi horror stories -- but is it true? Well, of course, you can be arrested, but it's unlikely that there would be any legal grounds for the arrest. The latest debate on this issue comes from a tech writer at the Houston Chronicle who is taking Tim Lee to task for an op-ed piece Tim wrote in the New York Times about open WiFi. The Chronicle writer says Tim is missing the real security issue, about how the RIAA can go after you if someone downloads music on your open WiFi. While it is true that they can go after you, there are valid legal defenses for this -- as has been discussed for years. If you are legally sharing your WiFi, then you are a service provider, and under current laws you are not liable for what others do with the service. That's what it says in the Communications Decency Act, and it clearly applies here. In fact, we've even heard stories of people purposely leaving their WiFi open for this very reason -- as it gives them a legal defense should the industry ever come after them. Of course, it's worth noting two things. First, the entertainment industry likes to pretend this defense doesn't exist, even though it's pretty clear in the law -- and they could convince some judges to ignore it. Second, none of this takes into account whether or not your service provider allows you to share your connection via WiFi -- as most do not. However, that doesn't take away from the defense that you aren't responsible for what others do with your connection. You may be investigated for it -- but the use of your network does not automatically make you guilty, and there's a very reasonable defense against it.
Reader Comments (rss)
(Flattened / Threaded)
Makes me want to run wide open...
(reply to this comment) (link to this comment)
Civil, not criminal
Probably won't get arrested, but might be subject to the losing end of a lawsuit, depending on whether or not you "should have known better". If you're a network engineer, and you don't restrict the access, you might very well be liable. If someone rides the WiFi of a household where no one understands the security issues, they'll probably get a pass. Unless they're so rich they should have hired someone. Unless they did hire someone and they told them not to worry. Unless someone else...
(reply to this comment) (link to this comment)
good idea
Good idea going open, but you still run a risk of haveing to deal with the hassle of getting sued.
(reply to this comment) (link to this comment)
a way around?
so could someone just open their WiFi whenever they get a call from the RIAA, and say it was open the whole time?
(reply to this comment) (link to this comment)
I'm not so sure..
It seems to me that if something illegal is done over my network (i.e. it's traced back to the IP address that I had at the time of the illegal activity), then it's my responsibility prove that I did not perform the illegal activity. Never mind the RIAA, if downloading or, heaven forbid, uploading of child porn was done over my network, why shouldn't I be considered the primary suspect? Why shouldn't I have the burden of proof?
I can claim that since I have an open, unsecured wireless network that it must have been someone else, but shouldn't I have to prove that it wasn't me, or that it wasn't my specific computer(s)? Is there some way to prove that none of my computers were involved in that activity at that time, even though it was behind my router?
It may be fear mongering to tell people that there is a danger in leaving their wireless networks open, but it's probably a good fear to have for the average person. If you aren't able to document who was sharing your network at any given time, it seems to me that you can (and maybe should) have to answer for whatever occurs on that network.
Rob Miles
--
There are only 10 types of people in the world;
those who understand binary and those who don't.
(reply to this comment) (link to this comment)
good article
Although there are many robust legal defenses, organizations such as the RIAA have a couple thousand lobbyists in their pockets and on payroll. These people are actually tasked with either legally altering or illegally blinding the truth of the law. As well as documented accounts of jury tampering and solicitation. The best thing to do for anyone providing service with their wifi router is to simply add some basic security and logging. The worst thing to do but will save you in the eyes of any tribunal or court is either provide logs voluntarily or notify officials when log something suspicous. Although I am a proud advocate for the freedom of information I refuse to stick my neck out there for another person to bring down the guillotine.... just my opinion.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
Wait...when did the burden of proof fall to the innocent? "but shouldn't I have to prove that it wasn't me"
That's just idiotic. When did the innocent have to start proving their innocence? How are you supposed to, anyways? Showing that the MAC address didn't belong to you? MACs can be faked.
(reply to this comment) (link to this comment)
I don't understand...
I thought people in the U.S. were presumed innocent until proven guilty? If I have open Wi-Fi and claim that my connection was stolen for illegal activity, shouldn't it be on the prosecutor's back to actively pursue undeniable proof that it was my machine? Why should I have to come up with proof that I didn't do it? How are you supposed to prove something like that?
(reply to this comment) (link to this comment)
Agreed
"I thought people in the U.S. were presumed innocent until proven guilty? If I have open Wi-Fi and claim that my connection was stolen for illegal activity, shouldn't it be on the prosecutor's back to actively pursue undeniable proof that it was my machine? Why should I have to come up with proof that I didn't do it? How are you supposed to prove something like that?"
Agreed.
(reply to this comment) (link to this comment)
Tighten Security.
All I can say (for private WiFi) is tighten up your security. Make sure you use the standard security protocols for your WiFi network.
If someone can "hack" it and then use it illegaly on it, then you'd have a better chance of staying clear from any lawsuites.
I personally dont like wireless networks, but it is nice being able to sit back with my Sharp Tripad and read my email from the bathroom at work =)
(reply to this comment) (link to this comment)
Correction.
"it and then use it illegaly on it" My bad.
Meant "it and then use it illegaly"
(reply to this comment) (link to this comment)
Robs Reply
I'm not so sure.. by Rob Miles on Mar 20th, 2006 @ 6:38pm
It seems to me that if something illegal is done over my network (i.e. it's traced back to the IP address that I had at the time of the illegal activity), then it's my responsibility prove that I did not perform the illegal activity. Never mind the RIAA, if downloading or, heaven forbid, uploading of child porn was done over my network, why shouldn't I be considered the primary suspect? Why shouldn't I have the burden of proof?
I can claim that since I have an open, unsecured wireless network that it must have been someone else, but shouldn't I have to prove that it wasn't me, or that it wasn't my specific computer(s)? Is there some way to prove that none of my computers were involved in that activity at that time, even though it was behind my router?
It may be fear mongering to tell people that there is a danger in leaving their wireless networks open, but it's probably a good fear to have for the average person. If you aren't able to document who was sharing your network at any given time, it seems to me that you can (and maybe should) have to answer for whatever occurs on that network.
Rob Miles
--
There are only 10 types of people in the world;
those who understand binary and those who don't
----------------------------
I see you have a good point, but the fact is that you track thing only so far, router in a LAN tools with a port to the WAN ( internet) if the RIAA trace route you they are going to get your WAN ip address then they will stop look and get your MAC address, then and packet ripper to get the name and info on the hard using that MAC address, once they see the UNIX and I clone on the list they know its a Router and there for knowing thats is most likey a wireless because thats the most sold out there they arent going to bother because its top much hassle. and proving that it
and theres only 2 kinds of people to understand binary, 1 0
(reply to this comment) (link to this comment)
analogy
If I leave a box of knives on in front of my lawn, someone takes one without me knowing it and later commits a crime using the knife, is it my fault?
(reply to this comment) (link to this comment)
news to me.
That's intresting. I had actually never heard that people were getting arrested for dumbasses using their WiFi. It makes me want to protect my WiFi, even though I now know I cannot be penalized for it, it would still be quite annoying to have the cops and whoever else come and mess with my stuff. I guess I'll just leave it open for anyone stupid around here to get busted with.
-'disgrace'
(reply to this comment) (link to this comment)
Re: analogy
actually, you are liable in that case. if someone breaks into your garage and then gets trapped, its also your fault. or if someone is trying to break into your house and is on your roof and falls through onto knives, you are liable. its a messed up world.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
Last time I checked, in the USA you are "innocent until proven guilty", not "guilty until you prove you are innocent."
(reply to this comment) (link to this comment)
Re: I'm not so sure..
because the burden of proof, is on the accusor not the accused
(reply to this comment) (link to this comment)
Liable?
Actually, multiple court cases have thrown those out. In the US, you can no longer sue for injury sustained during the commision of a crime.
(reply to this comment) (link to this comment)
Re: Re: I'm not so sure..
Last time I checked, in the USA you are "innocent until proven guilty", not "guilty until you prove you are innocent."
Tell the people in Guantanamo bay that!
(reply to this comment) (link to this comment)
Re: analogy
You really did not provide enough information. Did you really not know you left it in front of your lawn? If you ask this type of what if question, then it seems like you actually did intend to cause some kind of harm. Did you leave it on the sidewalk in front of your lawn? Aren't sidewalks public property? Are these butter knives, or are they butterfly knives--which are illegal in my city. If you left something illegal out on public property in front of your own property, I would say that you are about as stupid as your question. Suppose you changed your weapon of choice from knives to grenades, or to vials of anthrax, do you think that the police would think that you are free from liability if someone who has more money than you got injured? What if that someone happened to make huge donations to your local police? What if you had a criminal record? If you were to act like such a bust, and leave your murder weapon out on your lawn for your nosy neighbors to see, so then you could act like it got "stolen," when inevitably there is some old person who acts as a security camera for your neighborhood watch, then it is your fault that you are so stupid.
(reply to this comment) (link to this comment)
another thing
I think that in reference to the "Innocent until proven guilty," the nature of the judicial system (for criminals mostly) is "GUILTY, unless proven innocent (if you can afford to hire an attorney who knows what to do.)" This "Innocent until proven guilty" saying is an impersonal and insincerely-crafted cliche. If they REALLY thought one was so innocent, then they wouldn't set the bail amount so ridiculously high. Everyone who got arrested would get OR'd when they went to court from the jail/substation.
(reply to this comment) (link to this comment)
Re: Re: analogy
And if someone breaks into your house and injures themselves, you DEFINITELY are not liable because the burglar has first trespassed onto your property.
(reply to this comment) (link to this comment)
Re: Re: I'm not so sure..
Say, how's it living under that rock?
(reply to this comment) (link to this comment)
Re: analogy
If you leave a box of knives on your front lawn and someone comes by and hurts themselves or someone else, you are certainly partially responsible and will face a lawsuit.
(reply to this comment) (link to this comment)
Why
why not just buy a cd?
(reply to this comment) (link to this comment)
Re: Agreed
HA! Ok well if you still believe your innocent until proven guilty, you haven't been in criminal court before, you are, in fact going to need to prove your innocent before a judge, all that BS about innocence and justice are just fluff, just like the constitution... The only people that would get away with this are people with money and good lawyers, most regular people would be screwed.
(reply to this comment) (link to this comment)
Re: Re: Re: I'm not so sure..
They are not americans and thus do not protection from the constitution.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
Why should you have to prove your innocence? Isn't the burdon of proof placed on your accusor, and thus they should have to be the ones to show that it was indeed your computer, not someone else piggy backing on your open network.
(reply to this comment) (link to this comment)
Re: Re: I'm not so sure..
Really? Ever gotten a traffic ticket?
(reply to this comment) (link to this comment)
Ignorance is no excuse
I'll admit this is way off topic, but I hate stupid comments. That said.
Tell the people in Guantanamo bay that!
Last time I checked, Guantanamo Bay was not in the US, the people were taken into custody for probably cause by US military forces while conducting raids, seizures, searches, etc. and they are considered prisoners of war. Also, US law does not directly apply to them, but international law and the Geneva Convention does.
(reply to this comment) (link to this comment)
Re: Re: I'm not so sure..
Pay attention to the law...The prosecution only needs a preponderance(sp?) of the evidence. There would not likely be capital crimes. If they come to court and show it came from your IP, your router, at your address, you simply can not throw up your hands and say wasn't me.
They have to get a judge to say, there are no logs of anyone else doing it, it came from their internal equipment, and it was on their internet connection, they are the most likely party to have committed the offense.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
I can claim that since I have an open, unsecured wireless network that it must have been someone else, but shouldn't I have to prove that it wasn't me, or that it wasn't my specific computer(s)? Is there some way to prove that none of my computers were involved in that activity at that time, even though it was behind my router?
That's completely rediculous. It can take as little as 2 minutes to crack a secured wireless connection with the right software and a wireless NIC that can packet sniff. Would you like to the the one standing behind the "Defendant" sign in criminal litigation for child pornography because someone with malicious intent decided to upload a half dozen nasty pictures to a known, monitored bulletin board using your wireless connection? Would you like to try and prove that you don't own the NIC through its MAC address, that you've never owned it?
The idea is completely absurd and boggles the mind.
Personally, I'm just happy to be sitting up here in the great white north, downing the contents of BitTorrent through a 7mb/s straw and not having to worry one bit about the legality of my actions... Ohhh Canada Baby.
(reply to this comment) (link to this comment)
I'll go one further
I had set up my neighbor's wifi with all security in mind. The cable guys came to address another issue, and reset his router so that it was WIDE open. They had conviced him that I had it all wrong, until I explained to him what dhcp and broadcasting SSID meant. Would the cable company then be liable?
(reply to this comment) (link to this comment)
Re: I'm not so sure..
Nope, you don't have to prove it wasn't you. You are innocent until proven guilty. They have to prove it was you.
(reply to this comment) (link to this comment)
Running open?
Oh hell no, okay, it may give you a defence, but do you really want your neighbour caning your bandwidth to download the latest movie or game?
Okay, you have a valid legal defence when the jackboots of the legal system show their ugly face, but more to the point your own illegal downloads are going to be retarded. I don't want the student scummers next door using up my valuble bandwidth.
Besides all that, if they do, and they download kiddie and animal pics, whose computer equipment do you think the constabulary are goin to seige when your IP address is traced?
More hastle than its worth.
Securing your wifi is vital. Anyone who doesn't realise this deserves the discomfort when they are arrested for someone else's crime, and the nightmare of trying to get their property, and possibly their virginity, back afterwards.
(reply to this comment) (link to this comment)
Re: Re: Re: I'm not so sure..
Muslims in prison at Gitmo are not Americans.
(reply to this comment) (link to this comment)
Re: Why
Why by robert on Mar 21st, 2006 @ 4:49am
why not just buy a cd?
Because they are overpriced, because I only want 1 song out of 15 on it, and most of all because it pays the RIAA to harrass the public and bend laws and politician's ears.
(reply to this comment) (link to this comment)
Liability and Innocence
You have a good point but your forget one thing. at least for now we in this country are still innocent till proven guilty. the burden of proof is on the RIAA not you. they have to PROVE you are guilty. You do not have to prove you are innocent (though that would help) if you tracked mac addresses (not sure if that is possible or not) and could show the offending mac address was not one of your own then you have met your end even if you did not have to.
Chris Taylor
http://www.nerys.com/
(reply to this comment) (link to this comment)
Re: I'm not so sure..
Rob,
For a Chinese national, you sure have an odd name.
To answer your question on why you shouldn't have the burden of proof, that depends on what laws you live under. On this side of the sea, we are presumed innocent and the plaintif has the burden of proof to show you as guilty.
Following your logic, you'd be guilty of manslaughter should your car be stolen and it is driven over a crowd of people.
Rolling over and complying with totalitarin entities disrespects my country's founders, and implies people are all thieves. Ergo those that claim damages, are also thieves.... By standing up for your rights and having some self esteem you will break this circular run of "everyone is guilty, so hurt everyone you can before they hurt you."
(reply to this comment) (link to this comment)
Re: Robs Reply
"and theres only 2 kinds of people to understand binary, 1 0"
Umm, guess you fell asleep in CS 100. 10 binary == 2 in decimal therefore, "there are only 10 types of people in this world; those who understand binary and those who don't" is accurate.
In the US, you are innocent until proven guilty, although being able to prove your innocence doesn't hurt either!
********************************
The Religious Right - America's Taliban
********************************
(reply to this comment) (link to this comment)
Re: Re: I'm not so sure..
Hey junior, there are many many MAC spoofing tools out there. And as for the innocent having to protect themselves, you are really not innocent at this point. If someone has taken time to hack your network chance are they are going to have the knowledge to basically blame it on you. And even if they have just stumbled accross your open network there is still a chance that they will know what they are doing and that they can point it right back to you.
(reply to this comment) (link to this comment)
Re: Why
Do you have any any how much music is in print versus out of print, never to return to the shelves (because it's not "commercially attractive") ? Or for that matter, how much excellent music never made it to the shelves in the first place?
There's your answer, and have fun listening to your new Britney Spears CD.
(reply to this comment) (link to this comment)
Even if....
Does this apply even if you have access restricted and someone hacks into it by running their favorite knoppix which can monitor your wifi and figure out you 128 bit key over time?
(reply to this comment) (link to this comment)
Re: Ignorance is no excuse
There is no such thing as international law, the US has has vetoed any attempt to make something as organised as this. However, even though US law does not apply to the whole world, the US gov. will attempt to apply it to people outside its borders regardless. Extradiction into the US is quite common if someone does something the gov. does not like.
Don't get me started on the US gov. compliance with the Geneva convention, but needless to say there are numerous documented cases of violations by the US gov.
Foreign people don't hate US freedoms (not many left if you pay close attention, I actually pity you), they hate the US interfering with ours.
(reply to this comment) (link to this comment)
Re: Running open?
Bingo. If it comes from your IP, any smart investigator is going to get a search warrant and impound all your computer equipment and search it for porn / MP3's / whatever law they think is broken. At the worst you are going to end up in court, at the least you have some major hassles to deal with.
(reply to this comment) (link to this comment)
Hmm
I'd certainly be angry if I got in trouble due to someone else doing illegal stuff on my network. --- http://www.wirah.com
(reply to this comment) (link to this comment)
A Scenario
What I would like to see answered by a lawyer is:
Someone hacks your Wi-fi, by working out your key, spoofing your MAC address on the access control list (all known exploits) and then does something illegal (shares music, hack someone else). Are you liable?
Someone uses a known windows exploit to turn your PC into a zombie, then uses it in a denial of service attack to bring down a server seomwhere. Are you liable?
Both scenarios pretty much have the same theme and are comparable in essence. Therefore they should both have the same rules?
Alternatively your router manufacturer should be liable for provideing hackable security as should your OS supplier. You get sued by someone, you sue them for providing flawed software.
(reply to this comment) (link to this comment)
Re: Guantanamo prisoners
They are not considered 'prisoners of war' by the US administration, they are not being treated according to the Geneva Conventions, and they have no recourse to international law.
(reply to this comment) (link to this comment)
Re: analogy
If you leave a weapon out like described (presuming that it's not a butter knife) and someone is injured by that weapon then you are guilty of "enablement" of the injury. If the injury occurred during a violent crime then you are an accessory to a violent crime.
I don't buy the open WiFi defense one bit. If you leave a tool open for anyone to use and someone uses it for illegal purposes then you are liable. The clause of service provider will not apply to private WiFi unless you have filed for the permits and/or licensing to provide that service and then pay business taxes for that permitted service. On the other hand, if you take appropriate measures to protect your network and someone still breaks in and commits a crime then you should have logs to prove the attack and a MAC address that has not been on your network before the attack. Sure a MAC can be faked, but the odds of the fake MAC matching one on you network is pretty far out there.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
no.
My crazy idea of what a good legal system looks like: You shouldn't go to jail for something you did not do. Especially if you had no knowledge of the illegal activity happening.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
well one thing is Rob if it is the RIAA they will have the MAC address if/when you they ever get someone. so unless you change your MAC address alot then it hard to say if it was you on your network or if it was someone else using your network.
(reply to this comment) (link to this comment)
lets not fool ourselves..
im sure every person here is running/playing/watching/listening/using something which was acquired via cracks.am or the like. HONESTLY.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
>>> It seems to me that if something illegal is done over my network (i.e. it's traced back to the IP address that I had at the time of the illegal activity), then it's my responsibility prove that I did not perform the illegal activity
Good luck proving a negative.
Whatever happened to the presumption of innocence?
(reply to this comment) (link to this comment)
Re: I'm not so sure..
(reply to this comment) (link to this comment)
The hassle of just being arrested and having to go through the simple defense is enough for me to close my wifi.
(reply to this comment) (link to this comment)
wi-fi can't always be secured
While I secured my router for wi-fi access, my bridge does not have the capability of being secured. So although no one can come in through my router they can come in through the bridge. I didn't even realize that the system wasn't secure for over a year because of that. In addition, my router always has problems with dropped connections and SLOWER connections when security is on. As a result I have turned off security. I am not out there intentionally sharing my connection but I am not stopping anyone from connecting to it because of the hardware issues and hassle involved. The law doesn't require me to secure my wi-fi so I am not doing it. The RIAA can sue me if someone connects to my Internet connection and downloads music or other copyrighted materials but I doubt they could win. It's a losing strategy for RIAA anyway. It's not like all of these lawsuits have hindered copyright violators. I don't condone copyright violations but going after the end user is not the strategy to take. Neither is DRM with it's myriad of problems including interoperability issues and higher battery usage. To me the solution is cheap access to copyrighted materials with no DRM. People would be fine paying a nickel for a song. They would't even mind purchasing that song multiple times whenever they wanted to hear it. To me that's the future of content sales. We are becoming a discard society -- RIAA has to realize that the content must be provided in the same model. Buy it listen to it. Buy it again when you change devices or whatever. Until then it's a cat and mouse game that the RIAA will ineviatably lose.
(reply to this comment) (link to this comment)
Guilty by default, eh?
Rob Miles wrote:
Guilty until proven innocent, eh?(reply to this comment) (link to this comment)
Wow, so short-sighted
I've said it before and I'll say it again: An IP address is not an identity!
Repeat after me: AN IP ADDRESS IS NOT AN IDENTITY!
At best an IP address is a single computer. At worst it is a whole network of computers (which is common these days). There's no way in hell I could ever believe, based on an IP address alone, that a person behind that IP committed any given crime. There's too many other factors and open Wifi is just one of them.
The discussion going on here is so short-sighted. Most people seem to forget:
* A PC behind that address could be hacked/remotely controlled (ever heard of zombies?)
* A single PC can be used by multiple people. You can't sue a whole household.
* An IP address can be faked. Just because some P2P app says that a client is at 123.45.67.89 doesn't mean it really is.
* A person could have had evidence of copyright violation planted on their computer. Given, it isn't likely, but it is still a possibility. It is the burden of the prosecution to prove that this isn't the case. If we just go by IP, it would be too easy to blackmail people.
There's more, but I think you see the point.
-Riskable
"I have a license to kill -9"
(reply to this comment) (link to this comment)
So....
So am I resp if someone steals my shoes then uses them to rob a bank? Am I resp for any traffic violations committed by the guy that jacked/stole my car? When I was young a foolish I could not afford an acoustic modem for my laptop so I could hack from a payphone so what did I do? I would splice into the external phone lines of people's homes. Now if I had been busted doing that could they also sue the home owners who's line I hyjacked for my own purposes? Let's open all WiFi access in the RIAA's honor!!!!
(reply to this comment) (link to this comment)
Open Wi-Fi
So how are you going to prove that it was someone else on your network doing the illicit activity, and not you? That's the big hole in the argument that you're not liable. Everyone in the world will use the lame "it wasn't me" excuse, but try taking on the RIAA lawyers with that excuse.
(reply to this comment) (link to this comment)
"Are You Liable If Someone Does Something Illegal On Your WiFi?"
No.
Thats like taking a Coffee Shop to court because some customer with a laptop and a hard-on hacked into your porn site. The Coffee Shop has done nothing wrong.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
"They are not americans and thus do not protection from the constitution." Not true. "No PERSON shall be deprived of live, liberty (etc) without due process of law. " It doesn't say no American nor no citizen.
(reply to this comment) (link to this comment)
Innocent until Proven Guilty
To all the people talking about that aspect of it, I found it interesting that a state judge here in Minnesota made an interesting ruling about traffic red light cameras this week. Originally, the police just sent a ticket to the owner of the car. The judge ruled that it was illegal to do that vs. our due process rights. It put the burden of guilt on the owner of the vehicle (vs. someone else who was driving the car at the time). The judge said unless the police had proof of the driver it couldn't be used as legal evidence of wrong doing against the owner. Made me wonder if the same thing could apply here.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
You're inverting the whole basis upon which our criminal justice system is based. It's up to the prosecuter to prove beyond reasonable doubt that a suspect is guilty, not for them to say: Hey I think it's you! Prove otherwise!
An open wifi network introduces a reasonable doubt that another person could have performed an illegal action traced back to your account.
In any criminal case involving computers the police will sieze your pc and go throught it with a fine toothcomb to esablish whether you are guilty - that is the evidence that will convict, not the fact that something was done on your isp account.
Even if you don't have an open wifi connection if your computer is available to other family members or guests it has to be proven that it was *you* and not one of them.
(reply to this comment) (link to this comment)
BURDEN OF PROOF
someone said
"It seems to me that if something illegal is done over my network (i.e. it's traced back to the IP address that I had at the time of the illegal activity), then it's my responsibility prove that I did not perform the illegal activity. Never mind the RIAA, if downloading or, heaven forbid, uploading of child porn was done over my network, why shouldn't I be considered the primary suspect? Why shouldn't I have the burden of proof? "
because that's not how the law works. I hope the law NEVER works that way... The burden of proof in a criminal case is on the prosecution, not the defendant - and for good reason. If the burden of proof of innocence rests on the defendant, then we are all guilty until proven innocent. With "unlimited" resources of investigation the prosecution has the power and responsibility to prove guilt. Anything else leaves us in a state where you can be tossed in jail and then asked to "prove your innocence". All the while your home and all possible evidence to free you has been "inventoried" and what you would have used for defense "lost" or "damaged". In a state where you are assumed guilty you then have no defense...
I'm not a big tin foil hat wearer and this isn't a slippery slope argument - its rational and has been demonstrated time and again in states where guilt is assumed.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
You don't have to prove anything. The burden of proof isn't on you. Remember that whole "innocent until proven guilty" thing? Yeah, that still applies even in the current political climate. The RIAA or whoever sues you has to prove that it was you who did it beyond any reasonable doubt. Having your wifi open is certainly enought for a reasonable doubt, just grab any kid with a computer off the street to go on the stand, ask him if he's ever connected to wifi that wasn't his own. There's your reasonable doubt right there.
(reply to this comment) (link to this comment)
Re: Guilty by default, eh?
Why don't you get this? The link back to your IP address is called evidence, evidence points to guilt or innocence. If they trace back money laundering to your IP, you will have to prove you did not do it, because your IP is where the crime originated.
You are innocent until enough evidence points to you being guilty.
I did not do it is not a defense against a crime happened at an IP address, registered to you. Proving you were not home and running a script to do it, or that you were not logged in remotely is proof.
(reply to this comment) (link to this comment)
Straighten It Out!!
IANAL - But even I can see the tons of misconceptions floating around here...
Criminal Law - says you are innocent unless proven guilty beyond a reasonable doubt. However, if the authorities have grounds (IP address) to believe something illegal is coming from your network, that is reasonable grounds for a warrant.
They seize (not "seige") all your computer equipment, anything that looks like video or audio recording equipment and media, and anything that remotely might be connected to the alleged crime(s). You get it back 2 or 3 years later, after they go over it with a fine-toothed comb, and presuming they find absolutely nothing incriminating. But, that's OK, it's taken you 3 years anyway to recover from being arrested on Channel 5 News as a kiddie porn trader; and you lose your house paying for the lawyer.
Civil Law - not "presumed innocent". You have to show that it's likely that someone else is the culprit, ie. for file trading; if they find stuff on your computers, well, better have the CD's.
guatnamo bay is not US territory, but the prisoners are not "Prisoners of war" or they would have rights. They are "enemy combatants", a name recently made up to excuse exemption from US and international law.
(reply to this comment) (link to this comment)
Re: Robs Reply
and theres only 2 kinds of people to understand binary, 1 0????
Actually there are only 10 kinds of people who understand binary, those that do and those that don't.
If you are gonna steal quotes from Bash.org, at least don't misquote them...
Re: Re: I'm not so sure.. by dudex on Mar 21st, 2006 @ 1:13am
Last time I checked, in the USA you are "innocent until proven guilty", not "guilty until you prove you are innocent."
Tell the people in Guantanamo bay that!
and then tell the people in Guantanamo Bay that they are not IN THE USA!!!!! and then remind them that charges are being brought up on the people who violated their civil liberties....
why not just buy a cd?
two reasons, a> CD's are WAY overpriced and usually only end up with 1 or two decent songs on them and 2> I vote with my dollars, until the music industry starts producing music WORTH buying, why should I buy it??? Most of my music I get from ITunes where I can download the one song I like off the album and then burn my own CD's of the music that is good...
(reply to this comment) (link to this comment)
Re:
I would think this falls under property law.
Occupiers liability is vicarious and strict. You are responsible for anything that happens on your property (non criminal). However this liability only extends to people you have invited onto your property or people that are there expressly with your permission.
Someone using your open wifi connection would not be able to transfer liability for their actions onto the host, as they technically fall under the term 'tresspasser'.
(reply to this comment) (link to this comment)
Re: Re: analogy
I don't buy the open WiFi defense one bit.
On the other hand, if you take appropriate measures to protect your network and someone still breaks in and commits a crime then you should have logs to prove the attack and a MAC address that has not been on your network before the attack. Sure a MAC can be faked, but the odds of the fake MAC matching one on you network is pretty far out there.
I watched Kevin Mitnick crack 64 bit web in 32 seconds. 128 bit in 3 minutes flat. Tools like netstat, netstumbler, and many others that assist you in cracking wep and seeing the MAC addresses and IP addresses of every device on the network are freely available for download on the web. If I were going to hack into your secure network to do something illegal, you can be certain that the mac address that performed the illegal activity would be EXACTLY the same as one on your network. You would probably end up with a few files that you never had before as well. Maybe even some docs printed on your printer that was on the network...
People who are out there wardriving are not the Average Joe users who know nothing about what they are doing. Most of the "average users" are going to ride the open free networks. The wardrivers are the ones with the brains and the tools to do it right...
(reply to this comment) (link to this comment)
Communications Decency Act
The Communications Decency Act (CDA) does in fact offer immunity to an interactive computer service (ICS) for content posted by others. See 47 USC section 230(c).
But while that immunity is fairly robust, protecting the ICS from e.g. libel claims, it offers NO immunity for intellectual property claims (such as copyright claims) or criminal liability. See 47 USC section 230(e)(1)-(2).
47 USC section 230
That's not to say there might not be other defenses, but the CDA point in your post is not quite right.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
In the US, the burden of proof is on the prosecution. You do not have to "prove" you are innocent, but if they have evidence that seems to go "beyond a reasonable doubt" (or "a preponderance of the evidence" in civil court), you would want something to refute the validity of their evidence. i.e.:
RIAA: "Your IP downloaded illegal music."
YOU : "True, but my wireless router is unsecured." (Weak)
YOU : "Oh, by the way, here are the logs showing several MAC addresses that do not belong to me that were connected to my access point during the time in question." (Strong)
(reply to this comment) (link to this comment)
Re: Ignorance is no excuse
The Geneva Convention DOES NOT APPLY to the people in Guantanamo Bay. They ARE NOT prisoners or war! They were not from a recognized government and were not in uniform. By the Geneva Convention standard they could be shot upon capture. But you are right US Laws do not apply to them.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
The burden of proof is always on the accuser with regards to criminal law in every state of the United States. However, you are always wiser to have a defense. Civil law affords a much wider latitude with regards to what is admissible in court than does criminal law. If a civil suit is brought forth against an individual and could go any way based on a judge/jury interpretation of the situation and the applicable laws of a given country or state.
(reply to this comment) (link to this comment)
Be proactive with your WiFi
If you are going to throw your signal out on the airwaves, take a few minutes to learn how to set up encryption. If not, you might as well tape your credit card to a window in your house. Liabilities should be limited. However, what happens to you for not heading the warnings to encrypt is something you might unhappily end up regretting .
Kevin Dill
http://ushightech.com
(reply to this comment) (link to this comment)
Re: I'm not so sure..
Innocent until proven guilty, that's why.
(reply to this comment) (link to this comment)
Re: Re: I'm not so sure..
I thought the "slogan" of the justice system was "innocent until proven guilty." By that definition, the burdon of proving guilt stands with the prosecution/plaintiff as opposed to the defense trying to dig out of a hole.
(reply to this comment) (link to this comment)
Re: I'm not so sure..
It seems to me that if something illegal is done over my network (i.e. it's traced back to the IP address that I had at the time of the illegal activity), then it's my responsibility prove that I did not perform the illegal activity.
That's a really crappy assertion and I sincerely hope you never work in the legal field. Assuming you live in the U.S., no, you do NOT have to prove that you didn't do some illegal act. Let's start with a hypothetical situation.
Imagine, if you will, that a friend or family member who knows absolutely squat about computers or network security buys a wireless router and sets it up in their home. Of course, it's left at the factory defaults which are, by and large, highly insecure. It can't be left to them to secure their access point and clients since they don't even know what an SSID is.
Now, imagine further, that someone parks their car across the street, connects to the friend or family member's network, and starts uploading all kinds of child porn to the web and hacks into several government networks. A week later, the cops come knocking on the door. The friend or family member explains that they have a wireless network and admitted that they had no clue that it was insecure. Further, they posit that they have never possessed any child porn nor the knowledge to hack into their VCR's blinking clock, let alone a government computer network.
But of course any criminal can (and almost all do) deny any wrong-doing. But how can they prove that they didn't commit a crime? Even if the police confiscate all of the computers and search the entire house, they can always assert that the friend or family member erased the incriminating evidence on the hard drives and ask them to prove that they didn't. Even if the friend or family member can prove that they were somewhere else when the crime occurred, the prosecuter might ask them to prove that they didn't remotely access their home computer to commit the crime.
See where this is going? It's virtually impossible to conclusively prove that you DIDN'T do something. That's why, in our system of law, the burden of proof is on the the party making the accusation, not the accusee. If they can't demonstrate beyond a shadow of a doubt that you did something illegal, the case is over and you walk free. This ideal is often captured in the phrase, "innocent before proven guilty."
It would signify a severe breakdown in the integrity of our entire legal system (cynical comments on its current state aside) if a person was hauled into court and sent to jail because they couldn't prove that they never did anything illegal with their shared internet connection.
it seems to me that you can (and maybe should) have to answer for whatever occurs on that network.
Now, this is a completely different question. According to this techdirt article, the author states that according to current law, one cannot be held liable if someone else uses their network for illegal purposes. I concur with this and think it should stay this way because people in our nation are already too obsessed with pointing blame at everyone else. (Example: in my city, you can be sued sucessfully if some clumsy idiot slips and falls on a patch of ice on your property.)
But for the time being at least, running an open wireless network doesn't potentially subject you to criminal liability or a conviction even when you do nothing wrong.
(reply to this comment) (link to this comment)
Re: Ignorance is no excuse
Probable cause cannot really be established for Guantanamo prisoners - despite being held on federal land, their incarceration is not subject to the same standards of evidence as the incarceration of criminals in the US. The Geneva Conventions *should* apply, but the Bush administration has been fighting tooth-and-nail to make sure it can do whatever it wants to its "prisoners of war" without having to worry about pesky treaties.
(