The Internet is being used more and more. In the process, more and more is also done via the WLANThis means that the Internet is accessed wirelessly via a router. This uses a private key to determine who can use the Internet via the router and who cannot. If the key is issued or cracked, then the corresponding user can connect to the Internet. But what about the Liability from?
Securing the WLAN - some basics
In order to answer the above question, you must first be aware of some basic principles. Routers use various security measures. This can be configured via the router. Many routers also come with a code assigned by the manufacturer or generate this code during installation. The most common methods are WPA or WPA2-PSK. Here a key is generated from several characters to secure the Internet. Another - but now obsolete - method is WEP encryption. Alternatively, you can do without encryption completely and have access to various extras, such as securing access via the MAC address or concealing the ID.
WPA2-PSK encryption - the current standard
WPA2-PSK is considered to be the current and most secure standard for encryption. All modern routers and devices support encryption. The code is usually generated during installation or is individually specified for the router by the manufacturer. If this is the case, it can be assumed that the encryption is secure. Therefore, if in doubt, you do not have to be liable if your router nevertheless hacked will.
WPA and WEP encryption
Both encryption measures are determined by the user himself. This means that you decide on a code or have it generated. The WPA standard is rarely used today and was replaced by the WPA2 standard. Today WEP is considered insecure and easy to hack and should therefore no longer be used. Here the situation is different with regard to liability and can vary from case to case. The question here is, which key did you distribute and how easy was it to guess it?
Public WLAN without encryption
This method makes your WLAN public and usable for everyone. There is no security key. This means that if you use this form of connection for your WLAN, then anyone can prevent themselves from using your router. This is considered to be gross negligence and you can almost be sure that you will be held liable for misuse in such cases. Open WLAN is therefore usually secured by other factors. For example, if you use an access list with the individual MAC address of the devices, only these devices can access the router - you have fulfilled your duty. It is also possible to encrypt the SSID, i.e. the identification of the WLAN, so that you not only need to know the code but also the SSID for the connection. As an additional security factor, you can also hide the SSID. You then have to connect to the network completely manually, enter the SSID and only then can you connect.
These three variants work independently of the encryption. This means that you can easily combine these mechanisms with the other encryption methods, not only with the open connection. It is only important that there is a reasonable level of security for the network and that you do not negligently give access to the network.
The legal situation in Germany
The legal situation in Germany on the subject was only recently confirmed once again by the Federal Court of Justice. From this ruling it is clear that a WLAN owner does not have to be liable if he has taken the necessary reasonable measures to protect his WLAN from unauthorized access. This also applies if it can be assumed that the manufacturer has issued an individual and secure encryption code according to current standards (currently WPA2). In this particular case, a woman was supposed to pay for the damage caused by an unknown person by illegally uploading a video to a file-sharing site. In this case, the generation of the encryption was faulty, so the device could be hacked. The Federal Supreme Court ruled in favour of the woman, as it had done in the previous instances. In the past, there have been several verdicts with a similar outcome.
The interference liability
In general, it is difficult to apprehend an offender after using the Internet. Even in a simple household, several people often use the Internet. If it is a university or a shared flat, the group of people is usually even larger. Injured parties often invoke the so-called "Stoererhaftung" (Breach of Duty of Care), which makes it possible to hold the operator liable instead of contacting the offender directly. In this way, injured parties have a possibility to have their damage compensated. Unfortunately, however, there are also many possibilities here and the injured parties are not always in the right.
Conclusion
The topic of the Internet and especially security and encryption is generally considered a complex issue. Every year there is a multitude of proceedings and annoyance due to warnings and illegal Internet use. Often there are also different ways of proceeding. These vary according to the situation and, among other things, whether you are a private individual or a business. For example, you often have to pay the costs of the warning, but no compensation. A difference that can save you a lot of money under certain circumstances. In any case, you should therefore consult a professional lawyer who is familiar with the matter and can represent you accordingly.