German User Fined For Having an Open Wi-Fi

Kilrah_il writes "A German citizen was sued for copyright infringement because copyrighted material was downloaded through his network while he was on vacation. Although the court did not find him guilty of copyright infringement, he was fined for not having password-protected his network: 'Private users are obligated to check whether their wireless connection is adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,' the court said."

I see.

[Pojut]

So does this mean if I accidentally leave our apartment unlocked one morning, someone breaks in, steals one of our daggers or guns, and commits a crime...that we could be charged for aiding a criminal?

Re:I see.

[Itninja]

If the court thinks you did it on purpose, then yes it does. If it was truly accidental then i think you could still get sued in civil court for negligence. There have been many cases of people not their securing firearms being successfully sued when someone dies as a result.

Re:I see.

[conares]

Only if they make copies of your CD's and/or DVD's

Re:I see.

[jdunn14]

Though I agree with the sentiment, at least your gun doesn't broadcast it's presence in the house to the potential criminal. That is a significant difference between the two scenarios.

Re:I see.

[GameMaster]

Not sure about the dagger, and IANAL, but I'm pretty sure that in most places in the US you could be, successfully, sued for not properly securing your firearms. It strikes me that leaving an apartment//home unlocked when you know you have a gun in it could be construed as reckless behavior. Owning a gun is a right, but you have an obligation to practice that right in a responsible manner.

Re:I see.

[mysidia]

Well, WiFi is not designed to be used for copyright infringement, even if open, and such things are commonplace/readily available.

It's more like someone walked in through an unlocked door in your house, stole a fork from your silverware drawer, and stabbed someone to death with it.

And now you the homeowner are being charged with the murder, because you leaving your door unlocked allowed the fork to be used.

Re:I see.

[Shakrai]

There have been many cases of people not their securing firearms being successfully sued when someone dies as a result.

Yes, if you don't secure a firearm and one of your kids uses it to blow his friend's brains out then you are liable. But the GP talked about someone breaking in -- why should you be liable in that instance? It's your fault that a someone decided to break the law and steal your property?

I wish that everyone was held to the same standards as gun owners. As a random example, we just had a guy in our town charged with reckless endangerment (a misdemeanor) for putting a bullet through his neighbors apartment while cleaning his pistol. Just property damage, thankfully nobody got hurt, yet he was criminally charged. Contrast that with automobiles. Automobiles can and do kill -- but when was the last time you saw someone receive a criminal charge for an automobile accident that resulted in property damage and no personal injury?

Maybe we should hold drivers to the same standard as gun owners? I bet the roadways would be a lot safer....

Re:I see.

[gzipped_tar]

Comparing copyright infringement to murder is sickening. This is the pattern in which Big Media wants us to think.

Re:I see.

[sunderland56]

No, the homeowner is being charged with leaving the door unlocked, not murder. And, since he did leave the door unlocked, that is entirely fair.

Re:I see.

[somersault]

Not really, it's simple use of "reductio ad absurdum" type logic to make a point.

Re:I see.

[Low+Ranked+Craig]

And, since he did leave the door unlocked, that is entirely fair.

We must have skipped over the part where it became reasonable for a government to tell you that you must lock your door.

Re:I see.

[squiggleslash]

OK. Let me give you an example.

The guy decides to really secure his network. He disables broadcasting the SSID, and implements WPA2 encryption. This, however, provides access only to a small non-Internet connected mini-network with no DHCP and one machine, identified by IP address only, which only responds (ie no pinging) to a specific IP address using the ports needed for an IPsec VPN. The VPN, in turn, uses 1024 bit blowfish encryption and requires a SecureID password to initiate the connection. The VPN provides access to the outside world, but requires you already know the IP addresses of the DNS server and default router, none of which are in an easily guessable netblock.

The system is also set up so any unauthorized activity results in the outside connection being dropped (ie any attempts to guess the passwords result in the wireless router shutting itself down. And, just to add that extra special extra layer of security, the owner switches off the entire system when he leaves to go on vacation.

So an elite hacker comes along and has access to the network within thirty seconds. How does he do it? How does he circumvent all these security measures?

Answer: he throws a brick through the window, enters the house, and HOOKS HIS LAPTOP UP TO THE DSL MODEM.

Virtually every security device can be circumvented.

Re:I see.

[DrgnDancer]

Um... Every book ever written on security? Name a security instrument. I'll show you how to circumvent it. It may not be easy, it may not be practical, it may not even be more than theoretical, but there's probably a way. The question is merely a matter of whether the data you're protecting is worth the effort required to get through your security. For instance there's a trivial way to break full disk encryption, but most people won't use it due to it's violating a number of very serious laws. (Your porn collection may be excellent, but it isn't worth 25 to life)

Re:I see.

[GungaDan]

"This is the best post on /. I've read in years. Do you offer security consulting services?"

Or bricks?

Re:I see.

[Cruciform]

During our firearm safety course the instructor talked of a friend with a collection rivaling his (huge) that had the equivalent of a bank safe full of guns in his basement. He went on vacation, and while he was gone thieves broke into his house and apparently spent *days* breaking into the vault with a jackhammer and other tools. They finally cleaned him out.

When he returned home and reported the theft he was charged with improper storage of firearms. Their reasoning? Because he left the collection without someone to check on it while he was gone he wasn't taking adequate responsibility to ensure the guns didn't fall into the wrong hands.

Heavy fines and a firearms ownership ban were applied. This took place in Canada.

Re:I see.

[MediaCastleX]

Ever wonder if legal jargon is really just magic spells being spoken aloud? Lawyers and judges could actually be modern-day warlocks and witches locked in an eternal battle for good and evil on the battlefield of the court!

Re:I see.

[Smauler]

The law may or may not protect you, so why not just protect yourself and end the debate?

Because some people think that leaving wi-fi open is an expression of goodwill... sharing. I do not mind if others use my wifi, I quite like people doing so. If someone starts using lots of it, I'll block them, at least temporarily. That hasn't happened yet. There are people living close to me who are on low incomes (and bad credit ratings), and will find it tough to fork out for (or get) stable internet access. I do not mind sharing mine.

In the UK, the Conservatives recently campaigned hugely about "big society". Laws that hold those responsible for sharing liable go directly against that theme. Alienation from local issues destroys communities, lack of cooperation locally destroys communities.

Excuse me while I attempt this...

[MachDelta]

In soviet Germany, WiFi unsecures you!

Or your wallet, anyways.

So if I understand this correctly...

[toooskies]

He was fined 100 euro because a single user downloaded a single song illegally. One song. A hundred twenty-five times its retail value. And he didn't even download it. Copyright is out of control.

Re:So if I understand this correctly...

[Sockatume]

No, the media industry's out of control. Maniacal copyright infringement suits are their current approach to profit maximisation, but saying that copyright law is the problem makes it seem like the media industry is innocently obeying an unjust law. They're not. If we fix copyright tort, they'll do something else. Maybe demonise indie music as some sex-and-drugs scene to discourage parents from letting their kids buy off-label music, or convince the press that homebrew games destroy the mainstream games industry. They've taken an unscrupulous approach to maximizing their ROI, and so fixing the laws they exploit is not enough. We've got to stop supporting them.

Botnets

[symes]

So all those German citizens daft enough to allow thier machines to become part of a botnet are, technically, at risk of prosecution?

So now we all work for the benefit of the RIAA?

[betterunixthanunix]

So, I guess now the German people are being expected to work for the benefit of the copyright lobby. This sounds like the tail wagging the dog -- first the government works for the industry's benefit, and then it starts to require the people it is supposed to represent to do the same.

I hope not

[Carewolf]

I hope there is slightly more to this story than the summary suggests. It seems absurd unless they have a law against sharing your internet connection. I personally have an open guest network with no protection, but then so do every major company, all libraries, schools, the trains and even the busses here in copenhagen.

actual judgement

[Tom]

The actual judgement is a bit more level-headed than the /. summary makes it to be.

The judge essentially said you ought to have some minimum level of security, elst you're liable for damages, much like everything else (e.g. if you don't put the brakes on in your car and it starts to roll and crashes into something).

The standard requested is pretty much "turn on encryption and change the default password".

Most commentators agree that for home users, not much will change. Unless you're an idiot, you already have these things for your home network. The challenge will mostly be to hotels, Starbucks, etc. with their open hotspots.

Re:actual judgement

And why can't I run an open hotspot if I want to?

This is GOOD news

While some of you slashdoters cannot even grasp what this means:
You can leave your wifi open, you can download anything you want, and the maximal fine will be 100 EUR!
I call that a big win where users would be sued up to 10.000 EUR for downloading/sharing music - this will put a dramatic lid on those things.

Cheers.

Re:Qdequately secured or just secured?

[WrongSizeGlass]

What exactly do they mean by adequately secured?

Your wireless router or access point must be secured by a either bicycle lock, a knotted jumble of bungie cords, an aggressive dog or cat, or a large glob of superglue.

Manufacturers to blame? Lack of full regulation?

[strayant]

So, if this is how things are to be, I think that this guy should pass the buck to the manufacturer for not complying with local law. Such devices should be regulated in such a way that they cannot be sold to customers without ALREADY being secure out-of-the-box. Otherwise, I think that this should have no merit.

Not a bad idea...

[FyRE666]

Maybe if this was extended to enforce a more responsible attitude for people leaving their PCs infected and sending out spam for months, I'd be all for it. Stupidity is no defence, so if you're irresponsible behaviour is causing misery for others, and potentially allowing a criminal offence to take place then you deserve to face charges.

Driving a car with no license, or instruction is an offence and whilst spamming thousands of people isn't actually dangerous, it affects more individuals.

Saying this, maybe wireless routers/modems shouldn't even have an option to operate in an open mode. Likewise, maybe ISPs shouldn't allow customers to send mail out on port 25 to random machines - just route it all through their own mail server. If a machine is sending a huge amount of mail, it's simple to block it until the user fixes their system. Surely it's not that fucking hard!

Re:Ludicrous

[Ares]

A cousin of mine served in the US Army and was stationed in Germany. He once received a citation because his car was unlocked. Yes, in Germany, there is a law stating you must lock your car, though I don't know if it applies while the care is secured in a garage.

Quick

[carp3_noct3m]

Someone go find the RIAA/MPAA or whatever the equivalent in Germany is, use their wifi (would WEP or WPA-TSK count as "adequately secured to the danger of unauthorized third parties abusing it to commit copyright violation,'?) And start downloading everything you can think of. Lets see if they sue themselves.

Re:Wow

[V!NCENT]

Welcome to my world. My passport was stolen. I was "lucky this time", according to the officer, because they could have charged me with false identity terrorism aiding or somthing. I live in a democratic, western country and not in America and this almost happened to me. 'luckily the police officer was being nice'... jeez...

The problem with negligence

[MikeRT]

is that it often comes down to a failure to do right and a need to blame someone. If someone steals a gun and commits a crime with it, they should be 100% civilly responsible. Allowing the victim of the theft to be sued is nothing more than indulging the blood lust of the victim and their family who want anyone connected with it to pay dearly.

This is disgusting

[selven]

Free public Wi-Fi is one of the most important public services of the 21st century. It gives anyone who can come up with the $200 for a netbook the ability to access the sum of human knowledge. It allows people to communicate over long distances in many more ways that a simple voice conversation. Anyone who comes up with the money for an unlimited internet connection and jeopardizes some of his privacy (or some convenience, if he uses some kind of proxy/encryption) to let anyone access the internet without paying high fees to greedy monopolistic corporations is doing good for society. Saying that he's doing evil since he's also allowing copyright infringement is like saying cars are evil since you can use one to get away from a robbery. All technology can be used for good and evil, but the internet being freely available to the public does hundreds of times more good than it does evil.

Stop, belay that headline...

[mseeger]

Serious case of misleading headline.... The court said: "If you have an open WIFI and someone uses it to fileshare copyright protected material, the owner of the rights may send you a cease and desist letter (effectively insisting that you secure your WIFI) and extract 100,- Euro from you for covering the fees of the legal process."

The user was not fined, he was not punished, he was not ordered to pay for the damages.

CU, Martin

P.S. Who wonders, that lawyers don't get the technical aspects right when the techies confuse the most elemental judical terms....

Piracy is armed robbery of ships

[tepples]

Comparing copyright infringement to murder is sickening.

Perhaps, but the comparison between prohibited copying and armed robbery of ships, which often involves murder, has been around so long enough that nobody outside the FSF bats an eye at calling it "piracy". The ship has sailed; the slope has slipped.

A few more facts:

[Kjella]

1. The network was in fact not open. It was secured with WPA1 and a default password (source, German)

"Somit ist auch noch einmal zu Betonen: Es ging in der Entscheidung nicht um ein vollständig ungesichertes WLAN! Der BGH hat also nicht über ein offenes WLAN verhandelt, wie lange fälschlicherweise berichtet wurde. Vielmehr ging es ganz allgemein um die bedeutsame Frage, welche Sicherungspflichten die Betreiber von WLAN allgemein trifft."

2. The 100 euro is not for copyright infringement, but rather it seems that in Germany the reciever of a DMCA-like notice is liable for up to 100 euro unless they can either a) Point the blame to someone else or b) Pass some standard of having done everything reasonable to avoid damage. That's at least how I read the law:

" 97a Abmahnung

(1) Der Verletzte soll den Verletzer vor Einleitung eines gerichtlichen Verfahrens auf Unterlassung abmahnen und ihm Gelegenheit geben, den Streit durch Abgabe einer mit einer angemessenen Vertragsstrafe bewehrten Unterlassungsverpflichtung beizulegen. Soweit die Abmahnung berechtigt ist, kann der Ersatz der erforderlichen Aufwendungen verlangt werden.

(2) Der Ersatz der erforderlichen Aufwendungen für die Inanspruchnahme anwaltlicher Dienstleistungen für die erstmalige Abmahnung beschränkt sich in einfach gelagerten Fällen mit einer nur unerheblichen Rechtsverletzung außerhalb des geschäftlichen Verkehrs auf 100 Euro."

The key sentence here is "Soweit die Abmahnung berechtigt ist, kann der Ersatz der erforderlichen Aufwendungen verlangt werden." which translates to something like "When the warning is justified, compensation for the relevant expenses can be demanded." The second caps it to 100 euro for simple cases.