Petition for rulemaking follows $600,000 consent decree. Hotels, convention centers, universities, hospitals among those potentially affected.

Last month we reported that the FCC had whacked Marriott Corporation for a cool $600,000 for messing with guests’ Wi-Fi hotspots. (The hotelier had prevented guests at its Opryland resort from using their own hotspots by transmitting disabling signals to private hotspots, forcing them to pay what the FCC felt were exorbitant rates for the resort’s own Wi-Fi service.) The FCC’s theory was that Marriott was violating Section 333 of the Communications Act, which bars interference with lawful communications.

While Marriott appeared to have accepted its come-uppance willingly (by signing onto a Consent Decree), it turns out there was more to the story. While the consent decree was being negotiated, Marriott mustered some reinforcements and took the offensive. Last August, joined by the American Hospitality and Lodging Association and Ryman Hospital Properties, Marriott filed a Petition for Declaratory Ruling or, in the Alternative, for Rulemaking asking the FCC to clarify exactly what operators of large venues may do to protect the security and quality of their own Wi-Fi networks. The petition was filed on August 25, 2014, but it took the FCC nearly three months to invite preliminary comments on it. If you’ve got something to say about this, you’ve got until December 19, 2014 to do so.

The petition raises all kinds of alarms about what will happen if the FCC decides that unlimited operation of private Wi-Fi hotspots must be permitted, even on private property. For example, Bad Guys could set up a private hotspot with the same SSID (network name) used by a hotel network. With that, they could grab traffic from hotel guests and exhibitors who think, wrongly, that they’re attaching to the hotel’s network. From there, it’s a snap for the Bad Guys to snag commercial information, including credit card numbers.

And even if all private guest Wi-Fi systems are on the up-and-up, too many such systems can overload the spectrum at the venue. (Don’t forget, the most commonly used Wi-Fi band – 2.4 GHz – has only three non-overlapping channels normally available for Wi-Fi traffic.) Overloads mean degraded quality of service that the venue can provide to exhibitors and guests, generating demands for refunds of Internet access fees.

To address these various problems, Marriott and its friends commonly deploy sophisticated and expensive Wi-Fi network management systems that search for unauthorized or excessive uses of a network. When such uses are detected, the systems send codes disabling them. The signals technically don’t “interfere” with guest Wi-Fi signals – that is, they don’t “jam” any radio signals, which would obviously be illegal. Instead, they simply send management commands that keep unwanted systems from accessing the venue’s own system.

That’s the good news. The bad news is that the disabling management commands also keep the unwanted private systems from functioning independently, even if those systems don’t try to interconnect with or slow down the venue’s system.

The petitioners, of course, have a point: they want to be able to manage the quantity and quality of traffic on systems. Everyone does it, including a whole bunch of universities which the petitioners helpfully list in an appendix to the petition. The universities manage their networks every day, cramming down data speeds for students who violate university restrictions on total data use, streaming movies, or whatever rules each campus may promulgate. As the petitioners see it, if we venues can’t put a lid on both malicious and excessive use, the resulting chaos will upset users of our systems to the point where we may have to forbid our guests from bringing private Wi-Fi equipment on to our premises at all – an admittedly tricky business when Wi-Fi hotpot capability is built into cellphones. The message to the FCC is clear: if you tell us that we can’t manage the systems that people use on our premises, we will keep the equipment out altogether. They presumably figure that such a prohibition is beyond the FCC’s say-so because the FCC’s jurisdiction is limited to transmission of radio signals and does not include a property owner’s limiting possession of the equipment in the first place. 

The petition doesn’t mention whether the FCC has jurisdiction to regulate the prices at which access to Wi-Fi service can be sold at major venues. It also doesn’t mention the FCC’s displeasure, expressed in the Marriott consent decree, about rates of up to $1,000 a day. The petitioners understandably try to stay away from such things, noting that they aren’t asking for the right to regulate user content (the “net neutrality” hot potato) or to prevent anyone from communicating with destinations of his or her choice.

Wi-Fi networks at large venues cost a bundle to install, and costs must be recovered. But high pricing is usually what drives users to set up private hotspots in the first place, even if those private devices tend to be less reliable than the venue’s network.

If push comes to shove, the legal war over regulating possession vs. operation of Wi-Fi equipment, as well as who has jurisdiction over venue Wi-Fi pricing, will likely keep the legal community busy for quite a while.

Again, you’ve got an opportunity to join the debate at the earliest stages. The deadline for preliminary comments is December 19, 2014.