Man Who ‘Piggybacked' Off Neighbor's Wi-Fi Lacked Privacy Expectation

Keep up with the latest developments and legal issues in the telecommunications and emerging technology sectors, with exclusive access to a comprehensive collection of telecommunications law news,...

By Lance J. Rogers

June 18 — Police did not need to get a search warrant before using a device called “MoocherHunter” to find out who was tapping into a neighbor's unsecured wireless router and using the connection to swap child pornography with other Internet users, the U.S. Court of Appeals for the Third Circuit ruled June 11.

The defendant gave up whatever privacy he enjoyed in his own home when he hijacked his neighbor's Internet connection, the court said in an opinion by Judge D. Brooks Smith.

“In effect, Stanley opened his window and extended an invisible, virtual arm across the street to the Neighbor's router so that he could exploit his Internet connection,” it said.

Mooching Didn't Disclose ‘Signal.'

However, the court stopped short of ruling that the defendant had no legitimate expectation of privacy just because his computer transmitted an electronic signal to a third party. All Internet users transmit data to third parties when they send a signal to a modem or server owned by a third party, it said.

“A holding that an Internet user discloses her ‘signal' every time it is routed through third-party equipment could, without adequate qualification, unintentionally provide the government unfettered access to this mass of private information without requiring its agents to obtain a warrant,” it said.

The court also passed up the chance to decide whether statutes making it a crime to gain unauthorized access to a computer network apply to cases of “wireless mooching.” It stated simply that hijacking an unsecured wi-fi connection is of “dubious legality.”

To Catch a Thief

The police had raided the neighbor's home after they learned that a device at that particular Internet Protocol address was being used to distribute and collect child pornography. When it became clear that the neighbor was not the culprit, the police suspected that someone was mooching off the neighbor's open wireless Internet service.

The officers obtained a warrant to search the defendant's computers after MoocherHunter, a mobile-tracking software that facilitates the geolocation of unauthorized users of wireless modems, indicated that a computer in the defendant's home was sending radio waves to the neighbor's router.

The defendant lost his motion to suppress. On appeal, he argued that the police conducted an unconstitutional warrantless search under Kyllo v. United States, 533 U.S. 27 (2001). In Kyllo, the U.S. Supreme Court held that police violated a homeowner's reasonable expectation of privacy when they used a thermal-imaging device to monitor the radiation of heat from the home.

The court of appeals disagreed, concluding that the defendant's expectation of privacy is not one that society is prepared to recognize as legitimate.

‘Virtual Trespasser.'

There are several flaws in the defendant's reliance on Kyllo, the court said.

For one thing, that decision relied heavily on the fact that the homeowner “sought to confine his activities to the interior of his home,” the court said. By contrast, the defendant here ventured well beyond the “safe harbor” recognized in Kyllo by deliberately projecting his activities into his neighbor's home and over the Internet, it said.

The defendant can't claim the protection of his home just because he initiated his computer transmissions from that location, the court said.

“Most importantly, while Stanley may have justifiably expected the path of his invisible radio waves to go undetected, society would not consider this expectation ‘legitimate' given the unauthorized nature of his transmission,” it said.

Furthermore, recognizing the defendant's expectation of privacy as legitimate would reward him for establishing his Internet connection “in an unauthorized manner,” the court said.

“Although the analogy is imperfect, we believe that the MoocherHunter is akin to a drug sniffing dog in that it was only able to detect a signal that was itself unauthorized and likely illegal,” it said.

Assumption of the Risk

The district judge based his denial of the suppression motion on the ground that there is no legitimate expectation of privacy in information voluntarily conveyed to third parties, citing Smith v. Maryland, 442 U.S. 735 (1979). But this analogy is flawed because the defendant in this case was not transmitting “information” that could be “conveyed” to third parties, the circuit court said.

In Smith, the Supreme Court held that individuals do not have a legitimate expectation of privacy in phone numbers they dial because they knowingly convey such information to phone companies upon dialing a number.

“A holding that an Internet user discloses her ‘signal' every time it is routed through third-party equipment could, without adequate qualification, unintentionally provide the government unfettered access to this mass of private information without requiring its agents to obtain a warrant.”Judge D. Brooks Smith

The defendant certainly disclosed to his neighbor his private IP address and the fact that his computer was communicating with the neighbor's router, the Third Circuit said. Moreover, the defendant “assumed the risk” that his neighbor would share that information with the police, it said.

However, the additional information used to obtain a search warrant came about from the police officer's investigative use of the MoocherHunter, the court said. The defendant never “assumed the risk” that the neighbor would share that information because the neighbor never had it, it said.

‘Pandora's Box' Remains Closed

“Were we to hold that Stanley exposed his ‘signal' under Smith by transmitting it to a third-party router, we might open a veritable Pandora's Box of Internet-related privacy concerns,” the court said.

Such a ruling would give the government too much latitude to collect “an abundance of detailed, private information about that user's Internet activity,” it said.

At least two other federal district courts have reached the opposite conclusion, however, ruling that a Smith analysis is appropriate in the MoocherHunter scenario. See United States v. Norris, 2013 BL 234489 (E.D. Cal. 2013) (no expectation of privacy in information voluntarily transmitted to third parties); United States v. Broadhurst, 2012 BL 311349 (D. Ore. 2012) (same).

Judge Anthony J. Scirica joined the opinion. Judge Patty Shwartz did not join the section of the opinion discussing Smith. She found it unnecessary to discuss the third-party doctrine given the court's conclusion that the defendant lacked a reasonable expectation of privacy.

Donovan J. Cocas, of the U.S. Attorney's Office, Pittsburgh, argued for the government. Peter R. Moyers, of the Federal Public Defender's Office, Pittsburgh, argued for the defendant.

To contact the reporter on this story: Lance J. Rogers in Washington at

To contact the editor responsible for this story: Mike Moore at

Request Tech & Telecom on Bloomberg Law