Bureau reiterates view that using “deauthentication frames” to bounce hotspot users constitutes prohibited “interference”.
Conference goers, rejoice! It looks like the FCC really is serious about preventing hotels and other conference venues from blocking access to the venues’ Wi-Fi networks through personal “hotspot” network devices.
The Commission’s Enforcement Bureau had staked out its position on such behavior last year, when it extracted $600,000 from Marriott for doing such access-blocking. The Bureau then followed up with an “Enforcement Advisory” reiterating its determination to “protect[ ] consumers by aggressively investigating and acting against such unlawful intentional interference”.
And now, making good on that promise, the Bureau has entered into a “Consent Decree” with Smart City Holdings (and two subsidiaries). In the Decree, Smart City admits that,
at several venues where it managed or operated Wi-Fi systems, it automatically transmitted deauthentication frames to prevent Wi-Fi users whose devices produced a received signal strength above a preset power level at Smart City access points from establishing or maintaining a Wi-Fi network independent of Smart City’s network.
As a consequence, Smart City will cough up $750,000 as a “civil penalty”. It has also agreed to a compliance plan to ensure that that kind of thing won’t happen again.
For conference participants, self-provided Wi-Fi hotspots – through stand-alone devices, laptops, smartphones, etc. – can be a godsend. Hotspots afford the user access to the Internet without the Wi-Fi access fee imposed by the hotel or conference venue, a fee that can often be considerable. Venue operators, not eager to lose income that they might otherwise derive from such fees, have an obvious incentive to discourage the use of personal hotspots. But, according to those same venue operators, being able to control such use is an important component of the management of their own on-site Wi-Fi networks.
It’s clear that the operators’ concerns about network management haven’t gotten any real traction here: the Commission is coming down on the side of the consumer. It’s doing so by utilizing Section 333 of the Communications Act – which prohibits willful or malicious interference to radio communications licensed or authorized under the Act – to put a stop to hotspot blocking. But as my colleague Tony Lee observed last year in connection with the Marriott case, it’s not clear that Section 333 covers this particular conduct. Section 333 proscribes “interference to radio communications”. Transmitting “deauthentication frames” does not involve the transmission of radio signals that “interfere” with any other radio signals in the traditional sense. In other words, it’s something of a stretch to apply Section 333 in this connection.
But stretch or no, this is clearly the position the FCC has staked out, and the first two targets – Marriott and Smart City – have opted not to challenge it. (FWIW – Smart City insists that it has “strong legal arguments” in its favor; it’s declining to challenge the Commission’s position only because “mounting a vigorous defense would ultimately prove too costly and too great a distraction for our leadership team”.) Unless and until somebody challenges the FCC’s reading of Section 333 – and does so successfully – personal hotspot users should be free to use their devices without fear of getting booted off the network by venue operators.
