On the main site, I have on several occasions considered the legality of war-driving, ie, piggy-backing on someone else’s open wifi. Here’s an interesting, if minor, example of the genre from the Netherlands:
If the router don’t store it, you must acquit
A court in the Netherlands has ruled that hacking a WiFi connection is not inherently illegal. But the ruling was based more on a technicality in the law than the principle, meaning it’s possible officials could seek to update legislation.
The ruling is actually a small part of a wider case involving a student who posted on the notorious 4chan board threatening to shoot people at a Dutch high school (for which he received a community service sentence.)
The post was made while using somebody else’s WiFi connection without permission, which led to prosecutors tacking on a hacking charge to the case — a charge that was dismissed, even though the network had been secured.
The reason for the ruling is that the wording of Dutch law says only computers can be hacked, and defines a computer as a machine that processes, transmits and stores data. The student accessed the Internet connection through a wireless router which — because it doesn’t store data (beyond user settings) — is not classed as a computer.
The case will now go to appeal in a higher court where prosecutors look set to argue that the law should be interpreted more loosely to cover routers. It’s also been noted that in cases such as this, the WiFi hacker could be open to civil cases for breaching the network security.
A previous case in the Netherlands concluded that neither hacking a WiFi network, nor piggybacking on to an unsecured connection, can be classed as theft. That’s because the court ruled that bandwidth is not an asset for these legal purposes.
Given the evolving nature of technology and cyber threats, how important is it for legal frameworks to adapt and encompass new technologies and practices to effectively address cybersecurity concerns?
Telkom University