Thomas O’Toole, writing on the E-Commerce and Tech Law Blog, points to an interesting case recently decided in Oregon:
In United States v. Ahrndt, No. 08-cr-468 (D. Ore. Jan. 28, 2010), a federal trial court held that a child pornography suspect had no constitutionally protected privacy right in the files found on his personal computer, stored in a shared iTunes folder fed by a Limewire account, accessible by a neighbor who was piggybacking on his unsecured wireless network.
via TechLaw: Court Finds Constitutional Significance in Defendant’s Failure to Password-Protect Home Wireless Network. (I recommend you read the whole piece by Thomas O’Toole.)
The neighbor connected to the open wireless account, opened iTunes, and found child pornography shared by the (now convicted) defendant. A police officer who responded to her call guided her through opening one shared file, and saw child pornography. The police them proceeded to gather details of exactly who’s network it was and obtained a warrant — in turn discovering more child pornography.
The defendant argued it was an illegal search by the police and the warrant should be thrown out, since the initial finding by the officer violated his 4th amendment reasonable expectation of privacy.
The court said, no, if you leave your wireless router unsecured, your expectation of privacy is much lower. People routinely use unsecured networks of others, says the court, and setting a password to prevent this is clearly laid out in the instructions (in this case, Belkin’s). What’s more, if you have iTunes sharing turned on, you shouldn’t expect those files broadcast to everyone on your network to be private.
I agree with O’Toole that none of this breaks new Constitutional ground. It all seems perfectly reasonable to me, and it seems like the judge “gets it” with regard to technology (nice to see).
It does also imply that an open wireless network is not like a closed (but unlocked) door. Accessing it is not equivalent to breaking and entering. (I think this is the correct view of things, myself.)
O’Toole ends with a warning that you should password-protect your network if you want 4th Amendment protections. I would add that, if you choose to share your wireless network, then make sure you secure your computers within that network. The lack of a password for the network was only one factor — sharing iTunes files publicly also contributed.
Extending this argument, if you have private files, you should be able to get 4th Amendment protection by password-protecting them at any level (encryption is a practical protection, but shouldn’t be necessary for legal protection — if one extends from this ruling). Thus, you could share your iTunes library and — provided you password protect your financial documents — still have Constitutional protections for those documents (but not the music or videos you are sharing).
Seems common sensical, but that doesn’t mean that it’s necessarily “the law” everywhere! This was only a federal district court in Oregon, after all, and isn’t binding precedent (though it may be persuasive). But it’s an intelligent decision.