Nowadays it is hard to find a place with less than 3 WiFi networks in range of our network card. Even though most of the access points are already protected by WPA, occasionally some are either not secured at all, or are secured by WEP (basically they are not secured either). When visiting a new place, or using laptop beyond reach of our internet access it is especially tempting to ‘perform penetration testing’ of such networks and eg check email. While most of these incidents will go unnoticed by owner of the access point and does little harm – which means that there is no enough reason to involve law enforcement resources and criminal prosecution – sometimes it turns into outright stealing of bandwidth and ‘free’ source of internet. Unfortunately it is hard to define what exactly constitutes of unauthorised access as well as proving guilt of perpetrator.
Most jurisdictions, as well as convention on cybercrime, includes crime of unauthorised access to computer network. Using often included very broad definitions, which commonly states that computer network is group of interconnected devices which perform automated data processing it is easy to say that accessing someone’s WiFi falls under this definition. The problem that arises is that most of the time stealing wireless connection is completely different felony that ‘unauthorised access to computer network’. It rarely includes breaking into other machines connected to hotspot and intercepting or altering data stored there – the very core of ‘hacking’. As a result either sanctions defined in statues have to be very broad to include all possible situations on the spectrum, or adequately high punishment could be applied to rather petty crime. Much more problems in this case however rises the very definition of unauthorised.