Three cases have since been sentenced by the courts and the other three will soon be brought to the courts soon. Most of the WiFi hacking incidents were carried out by using devices such as WiFi booster and WiFi cracker, which can amplify signals to attract WiFi signals within a distance of one to three kilometres.
A person who possesses, obtains or creates an equipment or device designed to fraudulently use or obtain any network facilities, network service, applications service or content applications service can also be charged under Section 232 of the CMA, which upon conviction, will be fined up to RM300,000 and/or jailed up to 3 years.
It has been established that using another person’s unsecured WiFi connection without his or her consent and knowledge is known as “piggybacking” or “mooching”. If a person’s WiFi connection is not secured by a password, any person can actually connect to the account, without the person’s consent and knowledge. WiFi piggybacking normally happens when a person uses his neighbour’s WiFi connection without permission, or when a person sitting in a car near a WiFi hotspot to access the WiFi connection.
Some argue that it is harmless, because it is no different to sitting behind another passenger on a train, and reading his newspaper over his shoulder, or enjoying the music a neighbour is playing in his backyard. Others, however, argue that it is unethical, because it is akin to entering a home just because the door is unlocked, or hanging on the outside of a bus to get a free ride (Source: Wikipedia – Piggybacking (Internet Access)).
In the United States, most of the states prohibit unauthorised access to computer networks which include open WiFi networks. In 2005, a man in Florida was charged with unauthorised access to a computer network because he was using a resident’s WiFi connection from a car parked outside. In 2007, a man in Michigan was fined for using a cafe’s WiFi connection from a car parked nearby to check his email every day.
In Singapore, a 17 years old teenager was arrested for tapping into his neighbour’s WiFi connection. Apparently, he went outside his house to piggyback on any available WiFi connection after his mother had confiscated his computer modem. He was seen chatting online when a passerby asked what he was doing, became suspicious, and later called the police. He pleaded guilty and was sentenced to 18 months’ probation under the Computer Misuse Act. In the United Kingdom, a man was also convicted for dishonestly obtaining an electronic communication service when he was found repeatedly trying to gain access to a neighbour’s WiFi connection with a laptop from his car.
Our Computer Crimes Act 1997 is very similar to the Computer Misuse Act in Singapore and the United Kingdom, which means WiFi piggybacking could potentially constitute a criminal offence under Malaysian law. Section 3 of the Computer Crimes Act 1997 states that a person who:
One peculiar feature of this Computer Crimes Act 1997 is that it has an extra-territorial scope. The Computer Crimes Act 1997 states that regardless of the person’s nationality or citizenship, where an offence is committed by the person in any place outside Malaysia, in which the computer, program or data that he accessed was in Malaysia, or capable of being connected to or sent to or used by or with a computer in Malaysia, he may be charged under the Computer Crimes Act 1997 as if it was committed at any place within Malaysia. What this means is that a foreign hacker may be charged in Malaysia if he hacks into a computer, program or data in Malaysia.
From a technological point of view, it might do no harm to you sharing your WiFi connection with others. However, from a legal perspective, that may attract several problems. For example, sharing your home WiFi connection with neighbours may violate your Internet Service Provider’s terms of service.
That is because usually home WiFi package only allows WiFi connection to be shared within home users only (as opposed to those business WiFi package used by cafés, offices and shopping malls which allows them to share with the public). Another legal implication that may arise from allowing WiFi connection freely available is that you may be liable for the conduct of the person using your WiFi connection since you are the subscriber of the WiFi connection.
While it is clear that unauthorised access to a password-protected WiFi connection is illegal, it is submitted that even the use of public WiFi available at cafés and shopping malls is subject to certain restrictions, as the owners usually limit the amount of network bandwidth that may be used by an individual; require the user to remain within the premises; require the individual to be a customer before he can access the WiFi connection; or prohibit inappropriate online activity such as viewing or downloading pornographic materials (Source: WiFi Connection Laws, legalmatch.com). Hence, just because an open WiFi signal is detected, one should not assume that he is allowed to use it without the consent and knowledge of the owner.