Re: CRIME Wiretapping WiFi

From: Troy Davis (troy@private)
Date: Mon Oct 20 2003 - 09:45:27 PDT

Next message: Todd Ellner: "CRIME Where is he now..."

Previous message: e-gold Ltd: "CRIME Official notice to crime@private from e-gold Ltd"
In reply to: George Heuston: "RE: CRIME Wiretapping WiFi"
Next in thread: Curd, Bill (AZ75): "RE: CRIME Wiretapping WiFi"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 15, 2003 at 10:17:48AM -0700, George Heuston <GeorgeH@private> wrote:

> them may be susceptible to warrantless interception.  However, with a
> cordless phone there's an automatic technical limitation: only the voice
> conversations are there to be intercepted.  With a WAP, not only the
> data 'in transit' is exposed, but potentially the whole system that sent
> it is as well.  I would think that some courts may hold that even though
> the WAP is open, there remains a reasonable expectation of privacy
> (REOP) on the part of the WAP participants with respect to their own
> systems; and therefore, any data sought from the systems (that wasn't
> 'in transit') would require a search warrant.  Just to close, and to

Using this argument brings into question what the sender and general public
know about technology -- what is reasonable to them.  Unlike physical
searches, aerial surveillance, or even wired surveillance along the
forwarding path, in situ monitoring may not be something the average person
would know is possible.

In Katz v. US (1967) a tape recorder planted outside a phone booth was
found to require a warrant.  The logic was that information someone tries
to keep private, even in a public place, should be recognized as private.
The person (and to some degree, their intent) is protected, not the place.

Mitigating factors specific to the case would come into play.  For HTTP,
assuming SSL wasn't in use, did the user understand *that* security risk or
see the open lock icon on most graphical browsers?  Did not using SSL (or
some payload-specific encryption) implicitly mean that the data is not
private?  Does using a public hotspot w/o any encryption imply that the
data isn't private and that RF monitoring is just another risk?

Dean v. Superior Court (CA Court of Appeals, 1973) says "Judicial
implementations of the Fourth Amendment need constant accommodation to the
ever-intensifying technology of surveillance."  They upheld an aerial
search using binoculars, which isn't a bad analogy: seeing what wouldn't
normally be visible.

The answer isn't necessarily national, either.  I'm in Washington state
where the state Constitution (art. 1, sec. 7) has been found to provide
[slightly] more protection than the US Const.

I don't know of any case law involving WAP snooping.  IANAL.  

Troy

Next message: Todd Ellner: "CRIME Where is he now..."
Previous message: e-gold Ltd: "CRIME Official notice to crime@private from e-gold Ltd"
In reply to: George Heuston: "RE: CRIME Wiretapping WiFi"
Next in thread: Curd, Bill (AZ75): "RE: CRIME Wiretapping WiFi"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 20 2003 - 10:48:43 PDT