Managing Wi-Fi Networks on Business Premises: Aggressive Enforcement and Unanswered Questions
On Friday, January 30, 2015, Marriott International, Inc. (Marriott) the American Hotel & Lodging Association (AH&LA), and Ryman Hospitality Properties (Ryman) announced the withdrawal of their petition seeking clarity from the Federal Communications Commission (FCC) regarding businesses’ ability to control Wi-Fi connectivity on their premises. It was probably the right decision strategically. However, certain key regulatory questions are unresolved, with no promise of a ready resolution forthcoming.
Background of Marriott and AH&LA’s Campaign for Clarity
In March 2013, the FCC received a complaint alleging that a Marriott property was “jamming” visitors’ mobile hotspots – personal devices, like smartphones, that create a Wi-Fi connection intended for an individual’s personal access via laptop or other device – in the hotel’s convention space. The implication was that Marriott wanted to force visitors to access the internet via Marriott’s own Wi-Fi network, for which Marriott could charge a fee.
At issue was whether Marriott’s alleged “jamming” violated Section 333 of the Communications Act, which prohibits “willfully or maliciously interfer[ing] with or caus[ing] interference to any radio communications of any station licensed or authorized by or under this Act.” 47 U.S.C. § 333. The Enforcement Bureau of the FCC, having previously held Wi-Fi “jamming” to violate Section 333, commenced an investigation.
In August of 2014, Marriott, the AH&LA, and Ryman petitioned the FCC seeking a declaratory ruling, or alternatively a new rulemaking, making it clear that “the operation of FCC-authorized equipment by a Wi-Fi operator in managing its network on its premises does not violate 47 U.S.C. § 333, even though it may result in ‘interference with or cause interference’ to a Part 15 device being used by a guest on the operator's property.”
The petition was clear that it did not involve “signal jammers,” which transmit powerful radio signals to impede other communications; it did, however, focus on network management tools that allow network operators to identify Wi-Fi networks operating on the premises and, in extreme circumstances, partially disable them. The petition explained that such sophisticated tools can be valuable in defense of cybersecurity.
In October 2014, Marriott and the FCC settled over the complaints of signal-blocking, with Marriott agreeing to pay a $600,000 fine and commit to careful compliance measures. This did not resolve the industry groups’ petition regarding more sophisticated Wi-Fi network management techniques, and the following month the FCC opened that petition for public comment. Comments rolled in, many of them negative; and some of the more negative reactions came from tech-industry giants, including Google and Microsoft.
In January 2015, the controversy came to a head. First, on January 5th, the industry groups filed their response to comments. The response sought to clarify that the petition did not seek “carte blanche” to block users’ hotspots. Rather, the filing said, the “deauthentication” that is partly at issue “is typically used only to address the problems posed by a person or company that sets up a Wi-Fi service on a hotel's private property that is offered to other visitors and that jeopardizes the reliability or security of the hotel's Wi-Fi service” (emphasis added). On January 15th, reacting to continued negative publicity, Marriott attempted again to make clear to the public that the goal is not to interfere with visitors’ personal use of their own hotspots, issuing a public statement saying “we will not block guests from using their personal Wi-Fi devices at any of our managed hotels.”
On January 27th, without resolving the petition, the FCC made its position known:
1. The FCC posted an “enforcement advisory” on its website headed, “WARNING: Wi-Fi Blocking is Prohibited. Persons or Businesses Causing Intentional Interference to Wi-Fi Hot Spots Are Subject to Enforcement Action.” The advisory promised to “aggressively investigat[e] and act against such unlawful intentional interference," and gratuitously noted that “the Enforcement Bureau has received several complaints that other commercial Wi-Fi network operators may be disrupting the legitimate operation of personal Wi-Fi hot spots. The Bureau is investigating such complaints and will take appropriate action against violators.”
2. Commissioner Jessica Rosenworcel, speaking at the Commission’s “State of the Net Conference,” minced no words, saying, “last year a bunch of hotels banded together and filed a petition with the FCC. They asked the agency to bless their ability to block hotel guests from using their own Wi-Fi connections under the guise of network security concerns. . . . [L]et’s not let this petition linger or create any uncertainty. I hope my colleagues at the FCC will work with me to dismiss this petition without delay.”
3. FCC Chairman Tom Wheeler issued a blunt statement saying, “The Communications Act prohibits anyone from willfully or maliciously interfering with authorized radio communications, including Wi-Fi. Marriott’s request seeking the FCC’s blessing to block guests’ use of non-Marriott networks is contrary to this basic principle.”
The FCC’s January 27th fusillade made it clear that the petition was not destined to succeed. Marriott and AH&LA had little choice but to abandon it. However, the answers to certain nuanced questions regarding Wi-Fi network management on hotel and other business premises remain unclear and likely will not be fully aired in the near future.
For example, some platforms allow businesses to identify – and, potentially, partially disable -- unauthorized devices that are interfering with the business’ wireless network, or identify the types of devices accessing their Wi-Fi network, how they are accessing the network, and the quantity of data they transmit, providing valuable data to the network manager. Others make it possible for the business to prevent unauthorized network connections from being completed. These advanced network management tools and techniques have yet to be addressed by the FCC.
The industry will have to wait until another day for answers as to what available network management techniques are FCC-approved. In the meantime, it is clear that the FCC will look with a jaundiced eye on any techniques that involve actually blocking visitors’ Wi-Fi hotspots.
If you have questions about this E-Flash, or related issues, please contact Abraham J. Rein, a member of Post & Schell's Internal Investigations & White Collar Defense, Data Protection/Breach and Hospitality Practice Groups, at firstname.lastname@example.org or (215) 587-1057.
Disclaimer: this E-Flash does not offer specific legal advice, nor does it create an attorney-client relationship. You should not reach any legal conclusions based on the information contained in this E-Flash without first seeking the advice of counsel.
About the Practice Groups:
- Post & Schell, P.C.’s Internal Investigations & White Collar Defense Group provides corporate clients and senior executives with thoughtful internal investigations, seasoned risk assessment, insights into high-level enforcement decision making essential to pursuing an informed defense strategy, and sure-handed representation in the courtroom. Learn More >>
- Post & Schell, P.C.’s Data Protection/Breach Group brings unparalleled experience and regulatory knowledge to advising and defending our clients in data loss, data hacking and data theft related issues. Learn More >>
- Post & Schell's multidisciplinary Hospitality Practice Group provides counsel on everything from casualty, to white collar and internal investigations, to employment and labor, and to corporate transactional issues. Our attorneys possess direct legal experience collaborating closely with hospitality industry clients. Learn More >>