The California state Assembly on Tuesday approved new WiFi rules that will require wireless manufacturers, such as laptop makers, to instruct consumers on how to step up security measures and stop would-be piggybackers from accessing their personal networks. Assembly Bill 2415, which the governor is expected to sign, would take effect in January.
Dark Reading explains the details of California’s proposed WiFi law:
Yesterday, the California legislature passed a law (AB 2415) that takes the first steps toward outlawing wireless network piggybacking, as well as hacking into wireless LANs. The bill, which was written by Speaker Fabian Nunez (D-Los Angeles), has been submitted to Gov. Schwarzenegger and is expected to be signed. It will go into effect in Jan. and will apply to devices manufactured after Oct. 1, 2007.
The law will require all manufacturers of wireless access products to put warning labels on their products that remind users to password-protect their WLANs before launching them. The warnings could take place as stickers on wireless routers, notes during installation, or an alert that requires buyers to take action before the device is used.
The new legislation stops short of outlawing wireless piggybacking or hacking, but it points out that a password-protected WLAN is protected under state and federal laws against unauthorized access of computers.
“There is disagreement as to whether it is legal for someone to use another person’s WiFi connection to browse the Internet if the owner of the WiFi connection has not put a password on it,” the proposed legislation observes. However, both Section 502 of the Calif. penal code and the Federal Computer Fraud and Abuse Act “prohibit the intentional access to a computer without authorization.”
In a nutshell, then, the law requires manufacturers to warn WLAN users of the potential for abuse, and to clearly explain to users how to password-protect them. If users take the requisite security steps, and if piggybackers or hackers then break into the WLAN, the interlopers could be subject to criminal prosecution.
The Wi-Fi Alliance, an industry trade group, initially opposed the legislation, but then swung in favor of it. Frank Hanzlik, managing director of the Wi-Fi Alliance, said the options give manufacturers a “great deal of flexibility” when developing the consumer protections and are indicative of a broad best-practices policy being adopted within the industry.
“The question is, can we legislate away consumer idiocy?” said Paul Debeasi, a wireless industry analyst with the Burton Group based in Midvale, Utah. “On the face of it, it’s like cautioning the coffee drinker that the beverage is hot,” said another Wi-Fi industry analyst. “It seems like a solution in search of a problem.”
A spokeswoman for industry leader Linksys supports the legislation. Most equipment makers can comply with the law with only minimal changes to their user instructions. “Anything we can do to educate consumers about the importance of security and the risks that they are open to if they don’t utilize the tools that are provided to them, is good for the industry overall,” said Linksys spokeswoman Karen Sohl.
.gif)
