An interesting legal precedent may not be as far-reaching as the headline might imply:
Breaking in to an encrypted router and using the WiFi connection is not an criminal offence, a Dutch court ruled. WiFi hackers can not be prosecuted for breaching router security.
A court in The Hague ruled earlier this month that it is legal to break WiFi security to use the internet connection. The court also decided that piggybacking on open WiFi networks in bars and hotels can not be prosecuted. In many countries both actions are illegal and often can be fined.
[. . .]
The Judge reasoned that the student didn’t gain access to the computer connected to the router, but only used the routers internet connection. Under Dutch law breaking in to a computer is forbidden.
A computer in The Netherlands is defined as a machine that is used for three things: the storage, processing and transmission of data. A router can therefore not be described as a computer because it is only used to transfer or process data and not for storing bits and bytes. Hacking a device that is no computer by law is not illegal, and can not be prosecuted, the court concluded.
The key here is the definition of a computer under the law: I expect the Dutch to update this definition in response to the outcome of this case.
A computer in The Netherlands is defined as a machine that is used for three things: the storage, processing and transmission of data. A router can therefore not be described as a computer because it is only used to transfer or process data and not for storing bits and bytes.
These days, a router is a computer.
Just considering the simply Dutch criteria, does a router’s configuration settings not count as data? The cheap WiFi unit I have at home has a web-based user interface where one can configure all sort of things — users, user access levels, user passwords, login information to your DSL account, and more. You can also view all sorts of log information, such as host names and MAC addresses that have connected to the router. All of this stuff is data stored on the router. Certainly a good lawyer could have made that argument.
The industrial grade switches and routers with which I work have a Linux-based operating system — that fact alone should probably classify them as “computers”. Even the Power-over-Ethernet (PoE) power supplies with which I work could be considered as computers.
Sounds to me like the prosecution here may have had some lazy lawyers, or the legal department has some lazy researchers.
Comment by Lickmuffin — March 21, 2011 @ 10:11