
European Court Allows Copyright Owners to Demand Open Wifi Networks be Secured - DiabloD3
https://www.eff.org/deeplinks/2016/09/european-allows-copyright-owners-demand-open-wifi-networks-be-password-protected
======
Iv
France has passed a law making an open wifi owner responsible of "negligent
security", a legal offense. I am not aware of a single ruling about open
access wifi.

I used to groan and add a password to my open wifi but then I saw one of the
MP who actually voted the law who marveled, during a trip in S.Korea that he
could connect without hassle to open wifis. "In France we always have to
register, what a pain! Why do we make things complicated for ourselves?"

Reading that, I decided that open wifi respected the spirit of the law, and
that stupid guy (Thierry Mariani, for those interested) could probably quoted
before a tribunal to argue exactly that.

------
FullMtlAlcoholc
So Germany bans WhatsApp from collecting data on its users(whether you agree
with this or not, at least WhatsApp provides a service with some utility).
Yet, not less than a week later, demands that WiFi operators collect data on
its users for the RIAA/MPAA.

Don't let the name copyright owners fool you into thinking that this is about
actual content creators. The case that in question is Sony vs. Some German
Open WiFi operator. Bravo EU! Middle men with sophisticated lobbying
experience can get access to user data, but actual content and platform
creators can't.

It's clear to me that the EU doesn't truly care about user privacy. They just
have an irrational bug up their ass when it comes to American tech companies.

~~~
comboy
> It's clear to me that the EU doesn't truly care about user privacy. They
> just have an irrational bug up their ass when it comes to American tech
> companies.

I don't think it cares about anything. It's just a huge bureaucracy machine.
So huge, that even if all participating agents would be rational (which we are
so far away from), just a simple communication lag between people (all
organizations in different countries, governments and subdivisions) would make
it hard to reach any rational consensus.

~~~
zigzigzag
It definitely cares about the propagation of the EU and its associated gravy
train.

I learned yesterday that the EU has a wine cellar with more than 40,000
bottles of wine in it. Why?!

~~~
mattmanser
What a silly thing to be outraged about, why wouldn't it? It's got to
entertain 10,000s of visitors per year, 40,000 sounds a reasonable number.

Here's a list of the UK parliament's wine cellar, which has thousands of
bottles of wine:

[https://www.parliament.uk/site-information/foi/foi-and-
eir/c...](https://www.parliament.uk/site-information/foi/foi-and-eir/commons-
foi-disclosures/catering-services-retail/content-of-house-of-commons-wine-
cellar/)

Are you similarly outraged that the UK own 1128 bottles of coke?

~~~
zigzigzag
By that logic almost every organisation should have a private wine cellar.
Normally when entertaining you buy wine from suppliers on demand, not build up
an enormous stash yourself.

But it's not the fact that they have drinks on site that surprised me. It's
the vast quantity. The entire stock of _all_ drinks including non-alcoholic
drinks you point to is worth only about £30,000 vs the EU which has over
40,000 bottles of wine alone. I'd guess the value of the EU drinks cabinet is
thus at least 10x great, probably more like 50x-100x greater. It's reflective
of a wider problem with incredibly profligate spending on luxuries for EU
staff at a time when most European governments are trying to cut their
spending to manageable levels.

~~~
Normal_gaussian
It is cheaper to operate your own stockpile than to purchase on demand.

------
dahart
> Copyright trolling has history in Germany, where lawyers have leveraged the
> 'formal system of notice' for cease and desist letters (abmahnungen) into a
> shakedown system against millions for alleged copyright infringement online.

Is this true... millions? With only 80 million people in Germany, it seems
like if copyright trolls were shaking down millions of people, it would more
or less involve every single organization and household in the entire country.

~~~
Udo
I have no problem believing it's millions. I know many people who got one,
some deserved, some not. Last year my mom got one. She died in 2012.

It's also worth noting that these letters cost about 1000 Euros each, there is
almost nothing you can do about them, and they require not the slightest bit
of evidence that you actually did anything wrong.

~~~
dahart
Yikes, what a scam. Can you point me to any info in the history of this and
what the German government is or is not doing about it?

~~~
iamjeff
Here [1] is a fairly exhaustive examination of this scam...mind boggling..here
is a sample

"In cases involving peer-to-peer sharing of music files, the value of the
claim was regularly set at €10,000 per file by the rights-holders...Recipients
of Abmahnungen often pay the costs without consulting a lawyer, or negotiate a
settlement themselves. There is a noticeable tendency to pay rather than
challenge the claim..."

and

"the evidence collected about the infringement will only identify the
IP...This IP address needs to be matched against the subscriber to whom it was
allocated at the time of the infringement...by way of a judicial disclosure
order...[in which] German courts are rather reluctant to engage in an
assessment...[for instance] within 9 months in 2009, 2824 disclosure orders
were sought in Cologne alone, each relating to several hundreds of IP
addresses."

[1]-The RedTube copyright infringement affair in Germany: shame on who?
([http://www.tandfonline.com/doi/full/10.1080/13600869.2015.10...](http://www.tandfonline.com/doi/full/10.1080/13600869.2015.1012777))

------
userbinator
It reminds me of this:

[https://www.schneier.com/blog/archives/2008/01/my_open_wirel...](https://www.schneier.com/blog/archives/2008/01/my_open_wireles.html)

I wonder if his wifi is still open.

------
malandrew
just name the wifi network "password-is-foobar" or something like that.

~~~
germanier
EFF's editorialized headline is not meant to be interpreted literally. Quoting
directly from the verdict

> password-protecting the internet connection, provided that those users are
> required to reveal their identity in order to obtain the required password
> and may not therefore act anonymously

The whole question by the way was not settled by the court but referred back
to lower instances and is not something that will have to be answered
uniformly across the EU. The court merely found that such a law would be
allowed under EU rules.

~~~
pYQAJ6Zm
May there be a loop-hole there?

If the requirement is just to have the user reveal their personal identity
before using the network, and nothing is said about keeping that info
afterwards, then something like this would be possible: ask the user for their
personal info, handle them a hash that would work as a password to reconnect
to the network within a short time window, and past this time forget said hash
and the user info.

Could this work? (IANAL.)

------
fredgrott
hmmm what happens if a EU citizens decides to use a null password?

~~~
ramblenode
Or any common password shared by "open" networks. If enough APs intentionally
adopt the same password then they are effectively open, just with the ritual
step of having to enter a password.

~~~
cynwoody
It's not very relevant to the current discussion, but there _is_ a security
advantage to requiring a public password vs totally open. For instance, a
store could post a sign reading "Welcome to N Guy's Burgers; our WiFi password
is 'N'".

You see, if the WiFi network is truly open, then client-to-access point
traffic is open and can be sniffed by other clients on the network. But if the
network is secured, even trivially as above, then each client's connection to
the access point is individually encrypted and cannot be sniffed.

That means, if you needed any password to join the network, you needn't fear
the questionable critter with the MBP in the corner (unless he's hacked the
store's ISP or upstream from there).

~~~
icebraining
Not true, unfortunately. The session key can be obtained as long as the
attacker can capture the initial handshake (and they can send deauth packets
to force the client and AP to handshake again). Wireshark does this decryption
out of the box, just insert the Wifi password:
[https://wiki.wireshark.org/HowToDecrypt802.11](https://wiki.wireshark.org/HowToDecrypt802.11)

------
j3097736
Modern routers should be powerful enough to create an open network and route
all it's traffic trough Tor, maybe with a bit of DNS caching plus hostfile
adblocking in the middle.

~~~
m1r3k
That is basically freifunk. It is a openwrt router firmware with open wifi and
all traffic is routed through VPN outside of Germany to circumvent the legal
bullshit.

------
batrat
I still don't get it why they did this. So some of the obvious problems:
passwords are saved so I can use the wifi anytime, I can tell the password to
others, even if they keep track of users with 30 concurrent customers it
doesn't matter if they ask for names.

IMO this is wrong at so many levels.

~~~
detaro
That's something that has been discussed again and again in German politics,
but no government clearly wanted to say "Free Internet is worthwhile enough to
allow protecting it from 'illegal' activity, even if it can't offer the the
log data a traditional ISP can".

So now we have a bunch of rules that only apply if you _something_ to stop it,
but it doesn't really matter if that is actually effective, and how much that
_something_ hurdle is depends on what court or politician you ask. Maximum
uncertainty for small operators, so it's mostly a few larger commercial
operators and some enthusiasts with VPNs. And a lot of places without wifi
that would have it in other countries.

~~~
kuschku
And it’s only an issue with the CDU on federal level prohibiting any move
towards it, often with contradictory arguments why.

Evil tongues claim that they just want to protect T-Mobile’s business, being
corrupt.

Luckily, on state level that’s not yet an issue, the parliament of Schleswig-
Holstein just approved a test project of running some Freifunk nodes on/in
public buildings, and a local company has started putting up free hotspots
everywhere in Kiel.

~~~
detaro
Eh, I somehow feel like the federal SPD is just so positive on the topic right
now because they know the CDU will work against them anyways.

I hope pressure and organization from state or city level will help somewhat.
Public organisations can provide similar shields as the commercial providers
do right now, and once somebody makes a state look stupid the federal level
will have more of an incentive to fix it.

------
pyronik
Every day its looking more and more like Brexit leave was a good decision.

------
ultim8k
Fuck EU. Fuck laws and governments. I'm removing my wifi pass now.

------
jjawssd
The disintegration of the European Union needs to accelerate. The non-
democratic powerful elite junta known as the EU is increasingly passing policy
goals which ultimately serve only the elite minority. Our rights our being
eroded, chipped away a little bit at a time like sand being carried away by
flowing water. We must resist these policies and rebuild a stronger foundation
for our civil liberties, including a truly free Internet. We need to return to
stronger local governance and a more decentralised power structure. What we
are seeing today is a consolidation of power and the emergence of a singular
totalitarian state.
[https://en.wikipedia.org/wiki/Democratic_deficit_in_the_Euro...](https://en.wikipedia.org/wiki/Democratic_deficit_in_the_European_Union)

Disagree with EU policies? Shut up and tolerate it.
[http://www.europarl.europa.eu/meetdocs/2009_2014/documents/l...](http://www.europarl.europa.eu/meetdocs/2009_2014/documents/libe/dv/11_revframework_statute_/11_revframework_statute_en.pdf)

Arbitrary circuit breakers added to circumvent dissenting opinions. Article 7
TEU. "Far-reaching sanctions" can be exerted, and a country can be stripped of
all voting rights in the EU and have funding blocked. In January this year,
Frans Timmermans, the first ever unelected Commission "vice president," who is
in charge of "human rights," triggered the mechanism for the first time
against Poland’s government which came to power in a record-breaking,
landslide election in 2015. [http://ec.europa.eu/justice/effective-
justice/rule-of-law/in...](http://ec.europa.eu/justice/effective-justice/rule-
of-law/index_en.htm)

"If freedom of speech is taken away, then dumb and silent we may be led, like
sheep to the slaughter." ― George Washington. Or more recently, led straight
into the gas chambers for a nice "hot shower."

We must ask ourselves what is the end game here? Dissenting opinions are now
often twisted into being labeled as "hate speech" and "racism." Europe has
already experienced the suppression of free thought and expression with the
fall of the Roman Empire. What followed was a chilling effect which lasted
1000 years. Do we want to go down this road again?

~~~
NetStrikeForce
There are a lot of strong claims in your comment. Could you please back them
up with evidence?

Like, I don't know, the ruling against Apple and the IE government. Was that
in favour of the ruling elite minority?

The EU has a lot of problems to fix within itself, but it has a decent track
of evidence against your claims (user privacy, antitrust, etc).

And you completely lost it when you start mentioning the gas chambers. Dude, I
don't know, but you're going too far.

~~~
jjawssd
Good points. My goal is to provoke the readers and their friends to start
asking questions and not to provide conclusive evidence or solutions to these
problems.

------
digi_owl
We know the color of the bits, and it is brown...

------
DiabloD3
Dear mods, how does story auto-resubmission work?

~~~
DiabloD3
For those downvoting, I submitted this 4 days ago, yet was automatically
resubmitted after such a long time.

Don't downvote if you don't understand the context of a comment.

~~~
kcbanner
You provided 0 context in your original comment, and then complain about down
voted from people without said context?

------
jakub_h
"Passport-protected open network"...heh, that reminds of the "anonymous
functions" in PHP (the ones documented with the sentence "Creates an anonymous
function from the parameters passed, and returns a unique name for it") :D

------
jokoon
Open wifi networks feel to insecure, I'm sure intelligence agencies have all
their fingers on it, or at least the companies leasing those service must make
a good feast of snooping on their users.

Seeing terms of agreement for a wifi network is a bad enough sign.

~~~
pyvpx
intelligence agencies have their fingers all over landing stations and
internet exchange points (IXPs)

frankly, they don't need an "open" wifi network to get whatever data they
might be interested in.

