Many UK WiFi providers are unaware there are a myriad of Government Acts that have to be complied with. One Manchester company is taking this responsibility very seriously indeed.
There are untold stories about how terrorists and ne’er-do-wells use technology to further their heinous ends.
Whether it’s money laundering by using Bitcoin or mobile payments systems, setting up Gmail accounts by sharing passwords and saving unsent emails in drafts or even leaving secret messages in games such as Minecraft, there are manifold areas in which these so-called people can operate.
There are many other well known realities and myths, but what is less familiar is how Wifi hotspots are used as a way for baddies to communicate. The UK government, however, is aware of this and there are legal requirements that suppliers of WiFi hotspots need to comply with.
Venues that provide WiFi are responsible for this under the Data Protection act, European Directive for Data Retention Regulations 2009, the Code of Practice (Anti-Terrorism, Crime and Security Act 2001), Regulation of Investigatory Powers Act 2000 and Digital Economy Act 2010.
When somebody supplies a WiFi hotspot, these legal requirements must be complied with, such as holding data and logging all URLs visited. Moreover, another potential problem for suppliers is that of content filtering, which allows venues to block certain content – such as porn and illegal content.
That’s not to say that all WiFi providers know their responsibilities; many venues are unaware their services are not legally compliant or that the compliance issue even exists. This is a grey area that needs to be made black and white. It’s fair to assume that would-be terrorists or criminals know more about exploiting loopholes than those trying to cover them.
According to the Global WiFi market report by Markets and Markets, the global WiFi market is expected to be worth more than $93 billion by 2018, so a large range of players will be part of that market. For now, one company based in Manchester is a member of the Internet Watch Foundation and taking its responsibility as a WiFi provider very seriously.
Purple WiFi is a cloud-based, secure WiFi hotspot system that is authenticated by users accessing their social media accounts. The company’s software offers enhanced social reach, analytics and reporting; it works with any hardware and is therefore scalable in terms of customer need and geographic location. It is also 100% legally compliant.
“There are various laws in the UK, and most other countries in the world, that govern the provision of public WiFi. The main premise is the ability to track activity on a network back to the user.
“Having an open network, giving out a password or any other method of access that doesn’t achieve this fundamental tracking function could land the business in considerable trouble if illegal activity takes place on the public WiFi it provides”, said Gavin Wheeldon, Purple WiFi CEO.
The company this week released a survey of 3,349 global venues and reported that while 82% believed they were legally compliant, most venues were not. Furthermore, 16% of those surveyed ‘didn’t know’ they were compliant, which shows how negligent some of these providers are.
Some 2,048 venues also confirmed that they were either running completely open networks, meaning anyone could access the network, or handing out a password, which indicates the venue has no way of tracking internet access back to the user. Both of these elements are crucial for legal compliance.
This WiFi conundrum is reminiscent of online access more than a decade ago when large organisations were unaware they were providing password-free access to their networks. It was only after well-publicised campaigns by journalists and others that exposed these oversights and closed this access; the publicity also meant individual and domestic users followed this example.
Ensuring that WiFi providers are aware of the law and their responsibilities is a simple enough process, perhaps as simple as those who are exploiting the present situation.
A similar campaign to those waged in the late 1990s about non-password protected networks would work just as well. Perhaps ensuring that public WiFi networks have a sticker or sign that says they are 100% compliant verified would sort the matter out once and for all.