Posted by cowboym@shmoo.com of the ShmooGroup on the legalities of a federal agent or agency wiretapping a wireless network. While laws tend to be similar around the world, all this information is currently very UnitedStates specific.
Disclaimer: I am not a lawyer, nor do I even pretend to be one, anywhere, anytime. I don't have any legal training, and anything I say here is based solely upon my experiences in dealing with law enforcement.
Fundamentally, wireless networks are no different from wired networks, in that they exist to pass traffic from one machine to another. So, to get an idea of what's allowed/prohibited wrt wiretapping a wifi network, we need to understand what's allowed/prohibited on a wired network first.
The basic premise of wiretapping is that if it's not public, or you don't own it yourself, you can't sniff it legally without a wiretap order. Many states don't even allow wiretaps, so wiretap orders in those areas take place only at a federal level. Federal wiretap orders are *extremely* hard to obtain. During 2002, there were only 497 wiretap requests approved by federal judges (861 to state judges), and of those approved, 7 were never installed.
The same rules that apply to wired networks also apply to wireless. Without getting into all of the applicable federal statutes (state statutes not withstanding), you cannot wiretap a wifi network without a title III wiretap order, period, as I described above. This holds true for federal investigators as well, and not only would any evidence gathered be tossed out of court faster than a cat from a washing machine, the federal agents would most likely be severely reprimanded by the AUSA (Assistant US Attorney), their superiors, etc. Plus, heaven help them if it gets to the papers (which it would.)
Now - be careful. There's a big difference between wiretapping a network (read: intercepting traffic not destined for you), and accessing an open (read: public) network. Here's what I mean:
Back to the wired/wireless analogies: If I have a wired network inside of my house, and I employ password authentication mechanisms to control access to it logically, it can be considered private since it resides on my property, and I've taken actions to lock it down (ie.passwords.)
There exists case law today (don't ask me where, I don't remember right now) that says if a computer does not have login banners, password-controlled (or otherwise) access, and physical controls, it is considered to be public, and accessing any information on it cannot be considered to be unauthorized use of a network.
To draw this into the wired network analogy, if I was to put a computer out in the street in my subdivision with a cable running back up to my house, and that computer had no login banners, and no login passwords, etc. to control access to the data, I would not have much latitude to bitch at the cops because someone was "invading my computer." It was physically sitting out in the street, and there were no signs indicating it was private property.
The same holds true for network access - if I don't control access to my data on the network, a curious person cannot be held in violation of criminal statutes for exploring my machine. This happens all of the time on cable-modem networks where you can click on network neighborhood and run down a list of computers and their shared hard drives. No password == no right to privacy.
Now, take this and apply it to a wireless network: If you don't employ WEP, the entire network is considered public. Even though it may be against the law to wiretap it (interception of traffic not destined for you), there's nothing to prevent a curious person from moseying through the various data shares present on a network, or protscanning it, etc. so long as they don't attempt to circumvent any access controls.
All this being said, most laws center around *intent*, so it could be argued that although a stupid curious average joe just poking around on your unprotected share is not breaking any laws, an FBI cybercrime investigator definitely knows better, and their intent is not one of curiousity mixed with ignorance, so they may get crossways of the law. Even if they don't, my personal opinion is any evidence they obtain would be very, very, shaky at best.
Like I said before, this is all based upon my personal experience working with federal, state, and local law enforcement agencies, and I am by no means a lawyer, and this should never be taken as legal advice, but rather as more of a vague generality to give you the idea that, basically, the feds can't really do much without obtaining search warrants (for snooping around in static data), wiretap orders (for intercepting data in transmission), or various other orders (like preservation of evidence 18 USC 2703(c) <--or e, I forget which), 2703d orders for transmission logs, subpoenas for account/subscriber identity, etc.)
It's just not in their best interests to try and snoop on people without the proper orders signed by a judge, because they end up getting spanked in court if they don't.
Clear as mud?