Recently, the U.S. Federal Communications Commission (FCC) proposed a $25,000 fine against Google for “deliberately impeded and delayed” an ongoing investigation into whether it breached federal laws over its street-mapping service that peeked in on open, unencrypted, Wi-Fi access points (AP). Read that again, Google wasn’t fined for collecting and storing data from unencrypted wireless networks. They were fined a slap on the wrist amount for not answering the FCC questions as quickly and as thoroughly as the FCC would have liked. The actual snooping in on people Wi-Fi AP and communications–that’s OK.
Google argued that “the Wiretap Act permits the interception of unencrypted Wi-Fi communications. The FCC agreed. To quote from the FCC’s Notice of Apparent Liability for the Google case, “It shall not be unlawful under this chapter or chapter 121 of this title for any person … to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public.” In short, if your Wi-Fi isn’t configured to be secure by the use of WPA (Wi-Fi Protected Access), WPA2 (Wi-Fi Protected Access 2) or even the long broken Wired Equivalency Privacy (WEP), then by the FCC’s rules it’s not illegal to listen in on it.
As the FCC warns you in its FCC Consumer Tip Sheet: Wi-Fi Networks and Consumer Privacy, “consumers are at risk when they transmit sensitive information – such as credit card numbers and passwords – over public Wi-Fi networks.” Now, if someone grabs that information and uses it for illegal purposes-say they buy themselves an iPad 3 with your credit card number–that’s another story. But, simply grabbing your data as you transmit it in the clear over your local coffee shop’s network, the FCC doesn’t have a problem with that.