FCC fines Marriott $600,000 for jamming hotel Wi-Fi

Well good! Does that open them up to a lawsuit from each individual that lost access? Mikek

The amazing part is that the FCC is apparently acting on behalf of the general public instead of the usual vested interests. However, that is substantial revenue for the government, so perhaps that might explain the action.

Yes, but unlikely. Exhibitors might have lost a few thousand dollars here and there, but that's peanuts compared to the cost of a civil lawsuit. They might do better with a class action suit, but those only benefit the attorneys involved. In a few weeks try searching for "Marriott" on the many class action lawsuit web sites that are searching for victims.

This was Marriott's response: Marriott International's Statement on FCC Ruling Marriott has a strong interest in ensuring that when our guests use our Wi-Fi service, they will be protected from rogue wireless hotspots that can cause degraded service, insidious cyber-attacks and identity theft. Like many other institutions and companies in a wide variety of industries, including hospitals and universities, the Gaylord Opryland protected its Wi-Fi network by using FCC-authorized equipment provided by well-known, reputable manufacturers. We believe that the Gaylord Opryland's actions were lawful. We will continue to encourage the FCC to pursue a rulemaking in order to eliminate the ongoing confusion resulting from today's action and to assess the merits of its underlying policy.

So how much of this is real and how much (other than the obvious that they are concerned about rogue hotspots) is BS?

What do you mean "only benefit the attorneys involved", I have got some coupons for discounts I never used over the years.

Mikek

All of it is public relations department steer manure.

If Marriott was concerned about wi-fi service, they should use more dual band wireless access points instead of 2.4GHz only and perhaps they might deliver decent performance:

The rogue hotspots in question were using 4G cellular wireless data for the backhaul, not the hotel system which was allegedly useless. If anything, the rogue hotspots reduced the load on the Marriott backhaul and wi-fi system, thus improving service.

I must admit that they are correct that their system does protect against cyber-attacks and identity theft. If users find the system so slow that it can't be used effectively, they are unlikely to be attacked via wi-fi.

The FCC clearly indicated that jamming for profit is not lawful. If Marriott wants to contest that, there's a very expensive appeals process available. Or, they can buy a lobbyist and try to change the rules as the press release suggests.

I would be interested in knowing the name of the "well-known reputable manufacturer" that supplied Marriott with the jamming equipment.

More, from 2007. Soon, we'll begin replacing high-speed connection boxes in our hotels. They'll be more reliable and they'll reduce guest complaints. But providing high-speed connections and service improvements must be paid for by each hotel, and it's very costly. It affects the bottom lines of our hotel investors-and, as I have mentioned in the past, we don't own our hotels, we manage them for their investor owners.

"How Some of Marriott's Hotels are Making Free and Working WiFi a Priority "

Yabbut, how much did Marriot profit off of the jamming? Many times the fines are less than the company made in revenue from their illegal actions. So it's in their best interest to do it again. It's a win-win for everybody except the consumer and encourages companies to break the law - as long as the government and lawyers can get a cut of it, too.

$600,000 is only 240 vendors at $2,500/pop for broadband fees. Heck, that's one large 3-day technical convention out of ... how many they held? (and not just at that one jammed location). That's chicken feed to them.

-sw

Being called out on it is likely to cause future conference bookers to demand free wifi "or else"

I don't know for a fact who that is, and I wouldn't say if I did. But here's my absolutely unofficial (and perhaps imprudent) take on some of the issues involved here.

1. As I read the stories, Marriott's wireless infrastructure was *not* actually "jamming" their customers' hotspots. It was *containing* the hotspots.

Jamming (at least as defined by Wikipedia,

whom I actually trust) involves emitting RF energy that impacts the victim radio in the analog domain, by reducing SNR. It would be self-defeating for any

802.11 network operator to do this, because jamming the victim radio's cell would thereby also jam the network operator's production radios' cell - because the cell is one and the same.

Containment does not "jam" the cell. Rather, it attempts to DoS the victim

802.11 radios, typically by sending 802.11 Deauth frames using a forged source MAC address. See for example

1. My personal view is that the owner of a property has every right to contain radios that are on that property. (Apparently the FCC, or at any rate some people who work for the FCC, disagree.)

(I do not believe that a network operator has any right to contain radios that are *outside* of their property [for example, across the street] - and in fact, such a containment operation, IMO, should be considered as illegal trespass, or something like that.)

1. In this discussion, we see a distinction made between on-premises rogue APs that backhaul into the property owner's internal network (which presumably the property owner has a right to contain), and on-premises rogue APs that backhaul e.g. via a public carrier's 4G network, bypassing the property owner's wired network, which APs the property owner putatively does not have a right to contain.

This is a significant distinction, however one that, in practice, the 802.11 network operator may have great difficulty in making. Most rogue APs nowadays use WPA2/AES-PSK security, which (given a strong passphrase) prevents examining the user data to determine whether it involves the operator's network. And these APs typically use NAT routing, which prevents matching up the clients' MAC addresses with the on-wire addresses.

Moreover, the assumption that, as long as the rogue hotspot uses 4G backhaul, it cannot not significantly impact the operator's 802.11 network, is quite flawed. Especially in 2.4GHz, cell capacity is *severely* constrained - especially in a conference, this capacity is an extremely scarce and valuable resource. Any rogue hotspot absolutely can and will directly impact the operator's network capacity.

None of the above should be construed as implying that I think it is *nice* for a network operator to charge for Wi-Fi access and to contain hotspots. If I were, as a conference attendee or hotel room guest, to encounter such behavior myself, I would be extremely irritated. But I do not believe that not-nice behavior should necessarily always be treated as illegal. (Admittedly, in this regard, my views seem to be increasingly divergent from those held by the Executive Branch in DC.)

Again, the options above are mine alone, uninformed by any legal status or corporate guidance.

Cheers,

Aaron

No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this chapter or operated by the United States Government.

Note that the words "interefere with" do not just mean jam or cause to fail by RF transmission.

Yep. That came out after the original story was released and I added my guesswork. This covers the issues fairly well. The problem is that Marriott's was apparently using Allot NetEnforcer to purge the area of any non-Marriott communications using "deauthing". It's not exactly jamming in the traditional sense of the term, but the effects on its victims communications are very similar.

There's also the matter of Marriott applying enforcement when there was no direct or obvious damage to the Marriott network. The personal hot spots in question all used 3G/4G cellular backhauls and never even touched the Marriott network. How can Marriott claim that they were protecting their network?

More:

That was settled long ago, when it was decided that since the radio waves cannot be stopped at the border of a country, state, county, or city, then regional jurisdiction does not apply to rules governing radio transmissions. All your argument does is attempt to extend the border jurisdiction principle to individually property borders. Are you saying that the FCC does not have jurisdiction over RF related issues when on private property?

The 3G/4G cell sites used as a backhaul were probably not on Marriott property. Since many data plans charge by the megabyte, Marriott would concievably be interfering with the revenue of the cellular provider, which is NOT located on Marriott property.

Yep. Unfortunately, Marriott failed to make that distinction as it jammed or deauthed everything that was not Marriott supplied. Were the hotel not as isolated, I'm sure the deauthing would have had an effect on nearby residences and businesses as it had no mechanism for distinguishing between exhibitor hot spots and the neighbors wireless access points.

My understanding is that these rogue access points were only used to circumvent exorbitant exhibitor connection rates via a constipated Marriott network. I would guess(tm) that the exhibitors would have paid the asking price, if the network worked as expected. Unfortunately, an individual or exhibitor does not have the right to supply their own services, even if the hotel's services suck. For example, bringing your own catering service into the hotel is not generally appreciated. Same with bringing your own plumber, electrician, housekeeper, etc. Whether wireless is an exception is probably going to require the services of a court of law to decide.

Yep. But I've also seen community and hotel networks where half the traffic is ARP requests. Badly configured would be generous. However, if what you say is true, then the exhibitors private wi-fi network should have been as useless as the hotel wi-fi network. Apparently, from rumors and anecdotes, that was not the case. The hotel network was bottlenecked, while the personal hot spots worked quite nicely. Besides, if the exhibitors discovered that personal hot spots didn't work, they would have given up using them and tried something else. I still recall the days of dragging DS0 and T1 lines into conventions.

Thanks for your views.

How would that be any different from bringing your own (cell) phone service on the property to avoid paying the hotel's exorbitant phone rates?

Well if the FCC were to declare that 802.11 containment (deauthing) is a violation of this rule, and is therefore inherently illegitimate everywhere, I'd be fine with it. I've been called upon several times to help customers whose Wi-Fi networks were being DoS'd (inadvertently) by their neighbors (e.g. in a shopping mall or multi-tenant office building) whose wireless infrastructure had - perhaps unwittingly - been configured to do "rogue containment". It's a very nasty practice and brutal to troubleshoot.

Aaron

They're very similar, but not exactly the same. One difference is that it's more difficult to enforce a no cell phone policy than a no personal hot spot policy. The technology behind enforcing both (deauthing) is also very similar to generating a cellular "no service" signal. Another difference is that cellular jamming is considered "theft of service" because the cellular providers have paid for the spectrum and the right to use it. No such payments have been made for unlicensed wi-fi.

Oddly, the FCC has yet to prosecute anyone for cellular jamming. There have been plenty of NAL's (notice of apparent liability) for the sale of cellular jammers, but no prosecution for their use. That's mostly because the major users of jammers are law enforcement agencies. Meanwhile, the FCC finds it necessary to prosecute Marriotts for what might be considered "denial of service" of unlicensed spectrum. I guess(tm) that one can consider all this "selective enforcement" on the part of the FCC.

If you mean enforcement of hotel policy (no hotspots allowed) then the offender could be asked to leave and if he refused he could be arrested under the trespass laws.

But he certainly could not be arrested for theft for just using a hotspot on hotel property, even if they had a policy against it.

Theft of service is a criminal law that would be used for someone

*stealing a service* such as using unauthorized equipment like a hacked phone or cable box to obtain a service without paying for it.

Cell phone jamming and the equipment used to do it would be covered under the Communications Act of 1934.

NALs are a form of prosecution. As I'm sure you're aware many have paid big bucks for NALs over the years.

This guy may be sweating a bit. The link also shows the applicable federal law used for cell jamming.

Why would that be? The Feds (and local cops) can, in many cases, legally ignore the law when necessary in the furtherance of their official duty.

My hats off to the FCC. The Marriott was IMO screwing its customers royally. I'm glad to see that they were caught. The fine's probably a drop in the bucket for them but the bad publicity is priceless. I'm never going back and I'm not even involved.

Correct me if I am wrong, or if things have changed recently, but the FCC has come down hard (although not the level of prosecution yet) when prisons tried to jam cell signals on their property because of phones being smuggled in. Even if the jamming was on the prison's property.

No jamming allowed, period. This became a high profile issue when a cell phone was found in Charles Manson's prison cell. The FCC's attitude is that jamming wrecks police and fire communications, and that there's an effective alternative. The FCC recommends that prisons use various types of monitoring systems that will disclose call details including the phone's GPS position. Some prisons have installed femto cell and small cell base stations to do the same thing. Officers can then go directly to the reported position, and confiscate the phone. It seems to work: Power Point presentation: