OOO "free choice". LLC "free choice" Public wifi user agreement for visitors

Identification of Wi-Fi users by passport data or telephone number in public places is required by law (97-FZ of October 5, 2014, PP No. 758 of July 31, 2014, No. 801 of August 12, 2014). Public places include all public and private institutions: parks, hotels, cafes, restaurants, clubs, cinemas, shopping centers, etc. In addition to mandatory authorization by phone number, public Wi-Fi must prevent children and adults from accessing prohibited sites.

In the first half of 2018, in order to ensure security and prepare for the World Cup, Roskomnadzor will conduct unscheduled inspections of free Internet access points.

In 2017, Roskomnadzor fined 185 establishments for lack of Wi-Fi identification and access to prohibited sites

Based on the results of the inspection, in 2017, 185 protocols were drawn up regarding violations of public Wi-Fi standards. Fines for administrative offenses for cafes, restaurants and hotels ranged from 20 thousand to 300 thousand rubles under the following articles:

1) Responsibility for the lack of an established procedure for identifying users in accordance with Article 13.30 of the Code of Administrative Offenses of the Russian Federation.
2) Responsibility for access to “non-children’s content” (blocking sites) in accordance with Article 6.17 of the Code of Administrative Offenses of the Russian Federation.
3) Responsibility for access to prohibited resources (blocking sites) in accordance with Article 13.34 of the Code of Administrative Offenses of the Russian Federation.

To comply with the 2018 Wi-Fi law, you must:

1. Use Wi-Fi user identification by phone number (via SMS or call) or passport data (via vouchers or integration with the hotel management system).
2. Install protection against “inappropriate” content (Yandex DNS, user agreement 18+).
3. Establish protection against access to blocked sites according to the resolution of Roskomnadzor (the responsibility of the telecom operator or provider).

How to Avoid Fines and Comply with Wi-Fi Identification Laws

The Global Hotspot service authorizes Wi-Fi users by phone number and blocks access to prohibited and “inappropriate” content. The service is configured on your equipment free of charge and remotely. For a list of manufacturers, see the Equipment page.

When registering, the user's language is automatically selected. The login page has been translated into 12 languages.

How is Wi-Fi identified by phone number?

You can log in and use public Wi-Fi via SMS or call. They are also used, but they are relevant only in the hotel business. After confirming the phone number, the user follows the specified link: to your website, social network account or other address.

Wi-Fi authorization via social networks

Authorization through social networks does not comply with the law. Since a social network account can be faked or stolen, and not all accounts are linked to a phone number, this method is not legal. But this method can be used for marketing purposes after the user has logged in via SMS or call. needed to collect likes and subscribers and force the visitor to repost for access to Wi-Fi. Not very humane, but effective.

Wi-Fi Marketing: Advertising and Surveys

You can create any survey in the system and monitor response statistics. Visitors answer questions about gender, age, preferences, presence of children, etc. Managers can call a customer base and offer them services based on their interests, gender, age and presence of children.

Anyone can complain about you on the Roskomnadzor website

What is the price

Read also

https://site/wp-content/uploads/2019/04/integration_wifi_hotel_32.3_pms.jpg 225 225 dguseva dguseva 2019-04-14 14:59:22 2019-04-14 14:59:22 Integration of Wi-Fi with the management system "Hotel 3 (2.3)" https://site/wp-content/uploads/2019/04/nastroika_yandex_direct_instrukcia.jpg 200 200 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-04-04 17:02:40 2019-04-04 17:27:17 Step-by-step instructions for Yandex.Direct. Search and YAN https://site/wp-content/uploads/2019/03/geptargeting_trc.jpg 300 300 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-03-15 17:39:37 2019-03-18 11:49:45 Heat maps over Wi-Fi. Targeting. Auditoriums of the shopping center https://site/wp-content/uploads/2019/02/public-wi-fi-2019-.jpg 250 250 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-02-28 15:59:51 2019-02-28 15:59:51 Fines and Federal Laws on Public Wi-Fi in 2019

https://site/wp-content/uploads/2019/02/wi-fi-radar-settings-openwrt.jpg 278 278 vdemtcev https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngvdemtcev 2019-02-12 20:17:22 2019-04-14 17:33:25 Installing Wi-Fi Magnet on OpenWRT https://site/wp-content/uploads/2019/02/instructions-mikrotik-openwrt.jpg 200 200 vdemtcev https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngvdemtcev 2019-02-01 16:15:28 2019-04-16 18:22:02 Mikrotik firmware in OpenWRT https://site/wp-content/uploads/2019/01/Integration-wi-fi-with-epitome-PMS.jpg 250 250 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-01-23 12:07:38 2019-01-23 12:07:38 Integration of Wi-Fi and Epitome PMS hotel management system
https://site/wp-content/uploads/2018/09/Integration-wi-fi-with-hotel-management-system-min.jpg 546 546 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-01-23 12:05:37 2019-04-14 16:05:30 Integration of Wi-Fi and HRS hotel management system

https://site/wp-content/uploads/2019/01/Integration-wi-fi-with-ORERA-PMS.jpg 250 250 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-01-22 17:34:05 2019-01-22 17:34:05 Integration of Wi-Fi and Opera PMS hotel management system https://site/wp-content/uploads/2019/01/Integration-wi-fi-with-Travelline-web-PMS.jpg 250 250 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-01-22 15:45:10 2019-01-22 15:45:10 Integration of Wi-Fi and hotel management system Travelline TL: WebPMS https://site/wp-content/uploads/2019/01/Integration-wi-fi-with-1C-HOTEL.jpg 250 250 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2019-01-22 13:17:12 2019-01-22 13:17:12 Integration of Wi-Fi and hotel management system 1C Hotel https://site/wp-content/uploads/2018/12/router-wi-fi-radar.jpg 209 209 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-12-26 16:18:31 2019-04-14 17:18:07 Requirements for Wi-Fi routers for collecting mac addresses

https://site/wp-content/uploads/2018/12/creation-flyers.jpg 210 210 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-12-21 17:15:23 2018-12-21 18:21:23 Create marketing materials with Canva https://site/wp-content/uploads/2018/12/requirements-roskomnadzor-wi-fi.jpg 205 205 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-12-17 20:12:39 2019-04-24 12:20:10 Requirements of Roskomnadzor and the Federal Law on Public Wi-Fi in 2019 https://site/wp-content/uploads/2018/12/wi-fi-check-roskomnadzor.jpg 219 218 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-12-17 17:16:50 2018-12-20 15:57:45 Inspection 2018-2019 by Roskomnadzor of public Wi-Fi https://site/wp-content/uploads/2019/03/authorization-via-social-networks.jpg 200 200 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-09-26 15:00:51 2019-03-26 15:32:22 Instructions: authorization in the Wi-Fi network via social networks Facebook, Instagram or Vkontakte

https://site/wp-content/uploads/2018/10/Integration-wi-fi-with-Fidelio-Oracle-suite-8.jpg 245 245 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-09-23 12:19:06 2018-10-23 13:47:03 Integration of Wi-Fi and Fidelio Suite 8 hotel management system https://site/wp-content/uploads/2018/07/D0_B0_D0_B2_D1_82_D0_BE_D1_80_D0_B8_D0_B7_D0_B0_D.jpg 184 184 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-09-11 18:21:39 2018-12-21 18:51:37 Legislative framework for public Wi-Fi in 2018 https://site/wp-content/uploads/2018/07/Integration-wi-fi-with-shelter-pms.jpg 245 245 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-07-04 16:21:54 2018-10-04 17:41:04 Integration of Wi-Fi with Shelter hotel management system https://site/wp-content/uploads/2018/07/Integration-wi-fi-with-Logus-HMS.jpg 245 245 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-07-04 16:03:14 2018-10-04 18:23:59 Integration of Wi-Fi and Logus HMS hotel management system

https://site/wp-content/uploads/2018/07/Integration-wi-fi-with-EDELWEISS-system-Edelweiss.jpg 245 245 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-07-04 15:36:49 2018-10-04 18:35:46 Integration of Wi-Fi and Edelweiss hotel management system https://site/wp-content/uploads/2018/07/D0_B7_D0_B0_D0_BA_D0_BE_D0_BD-_D1_8F_D1_80_D0_BE_.jpg 184 184 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-06-15 18:07:21 2018-09-27 12:06:04 Who must store Wi-Fi user data as of July 1, 2018? https://site/wp-content/uploads/2018/07/D0_B8_D0_B7_D0_BC_D0_B5_D0_BD_D0_B5_D0_BD_D0_B8_D.jpg 184 184 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-06-13 15:30:36 2018-07-13 15:18:51 Changes to the Law "On Communications" from June 1, 2018 https://site/wp-content/uploads/2018/07/D0_B2_D0_B0_D0_B9-_D1_84_D0_B0_D0_B9-_D0_B2_D1_83.jpg 184 184 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2018-06-05 15:15:28 2018-08-01 17:26:12 Wi-Fi identification for schools, universities and other educational institutions

https://site/wp-content/uploads/2017/06/chanalyzer31sample.v01.jpg 295 295 admin https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngadmin 2017-06-13 10:50:24 2017-06-19 22:13:21 Error "disconnected, extensive data loss" when connecting via WiFi to Mikrotik https://site/wp-content/uploads/2018/07/D0_B0_D0_B2_D1_82_D0_BE_D1_80_D0_B8_D0_B7_D0_B0_D_2.jpg 184 184 dguseva https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngdguseva 2017-06-10 21:30:27 2018-07-12 09:34:05 Setting up Wi-Fi access via SMS authorization https://site/wp-content/uploads/2018/07/D0_B8_D0_BD_D1_81_D1_82_D1_80_D1_83_D0_BA_D1_86_D_6.jpg 184 184 admin https://site/wp-content/uploads/2017/11/global-hotspot-logo-retina.pngadmin 2017-06-04 23:34:36 2018-09-25 18:16:03 Instructions for setting up Wi-Fi HotSpot / Captive Portal on MikroTik

Today, citizens of the Russian Federation do not visit establishments that do not have access to a wi-fi network. And precisely in order to control users who log into the Internet, the State of the Russian Federation has adopted several legislative acts.

Today, user authorization is a prerequisite for gaining access to a free wi-fi network. According to the law, entering personal data will help protect both the user and the owner of the establishment or other institution.

Delighting users and buyers with free access to a wi-fi network is not so easy with the current legislation of the Russian Federation. The main condition for free access to wi-fi is user authorization.

This condition is described in the following legal provisions:

• Federal Law No. 126 “On Communications”, which came into force on July 7, 2003;
• Government Decree No. 801 “On Amendments to Certain Acts of the Government of the Russian Federation”;
• Russian Federation dated July 27, 2006 No.;
• Order of the Ministry of Telecom and Mass Communications of Russia No. 83 dated April 16, 2014;
• Federal Law of the Russian Federation of July 27, 2006 No. as amended and supplemented;
• Rules for the provision of communication services for data transmission, approved by Decree of the Government of the Russian Federation of January 23, 2006 N 32;
• Rules for the provision of telematic communication services, approved by Decree of the Government of the Russian Federation of September 10, 2007 N 575;
• Rules for the provision of universal communication services, approved by Decree of the Government of the Russian Federation of April 21, 2005 N 241;
• Decree of the Government of the Russian Federation of July 31, 2014 N 758.

According to the above-mentioned legislative acts, when authorizing, the user must undergo identification of the individual and his gadget. Identification is required for public access to wi-fi in:

• public wi-fi cafes;
• bars;
• restaurants;
• libraries;
• schools;
• parks and other public places.

The provisions of the Legislation require the preservation of a log of authorized wi-fi users for 6 months (all this is set out in).

The bill was developed by the Ministry of Telecom and Mass Communications of the Russian Federation in collaboration with:

• MFD of Russia;
• FSB of Russia;
• Ministry of Economic Development of the Russian Federation.

According to the Legislation, providing access to wi-fi is possible in 3 ways:

1. Agreement with telecom operators on user identification. This option is good for organizations that already have access to wi-fi or just want to install it.
2. The operator installs a Wi-Fi access network. The advantage in this case is only for guests of the establishment - they get free access to data transfer. The head of the establishment or building will have to pay the costs of creating the network and for the services provided.
3. The establishment has access to someone else's Wi-Fi network. In law , identification of an individual is not mandatory, so this option is the most profitable for an entrepreneur. He can negotiate with his neighbors and pay them for opening a wi-fi point. But it’s worth remembering that if government employees come for an inspection, there will be a lot of questions and it’s better to protect yourself in advance.

Authorization procedure

• using an identity card - the user enters his personal data indicating the passport number;
• using your number - in the Russian Federation, cell numbers are issued upon presentation of the original passport;
• via login on the government services portal.

Changes to the law on providing access to wifi in public places were made on May 5, 2014. The changes affected the point on mandatory identification of users of wi-fi zones.

If business is conducted correctly, the authorization procedure can bring legal entities and private entrepreneurs not only losses, but also profits. For the user to go through the authorization process, he will need to go to the advertising page of the institution or organization. When entering data, the user may be interested in an advertisement or offer from the company and will remain on the page, thereby bringing profit to the company. It is not prohibited by law to authorize users on your advertising page.

Who is responsible for providing Wi-Fi access without identification?

Telecom operators will be responsible for providing access to Wi-Fi without identification. If operators fail to comply with the law, they face a fine of 30 to 40 thousand rubles.

In older versions of the law, it was not provided that owners of cafes, libraries, institutes, park areas and schools should be held accountable for violating the law. In the course of recent changes, the Ministry of Telecom and Mass Communications has eliminated this error and at the moment the above categories of citizens also face a fine for failure to comply with the rules provided for by the Legislation.

The fine for providing access to wi-fi without authorization is:

• for officials - from 5 to 10 thousand rubles;
• for legal entities - from 100 to 200 thousand rubles.

If a citizen violates the rules repeatedly, then the fine for accessing wi-fi without identification will already be about 300 thousand rubles. After several warnings, law enforcement agencies have the right to disqualify and remove the violator from his activities for up to 3 years.

According to Federal Law No. 126, all legal entities and entrepreneurs are required to provide access to free wi-fi to their users and clients only if they have a contract with telecom operators that can identify citizens.

The introduction of a fine for free access to Wi-Fi without identification will protect entrepreneurs and legal entities from anonymous SMS messages with threats from unknown users. An individual code for obtaining free access to a wi-fi network will help you keep track of all users and, if necessary, find the right citizen.

Download the law

Federal Law No. 126 “On Communications” was adopted by the State Duma of the Russian Federation on June 18, 2006. The legislative draft was approved on June 25 of the same year. Federal Law-126 came into force on July 7, 2003. The last changes to the law were made on June 7, 2017.

The changes affected Article 66. Clauses 3 and 4 were added to it. They stipulate that telecom operators are obliged to provide their customers with equipment and all the necessary conditions for using their services. The article also states that the client should not reimburse the operator for expenses related to the points listed in paragraph 3.

This Federal Law consists of 13 chapters and 74 articles.

Federal Law-126 states its goals:

• creating the necessary conditions for the provision of communication services throughout the Russian Federation;
• promoting the introduction of new technologies;
• protection of users of communication services;
• effective and fair competition in the market for the provision of communication services and others.

Federal Law-126 also regulates relations that are related to:

• creation and use of communication networks and the necessary facilities for them;
• exploitation of the radio frequency spectrum;
• provision of electronic and postal communications.

According to the provisions of Federal Law No. 126, in the competitive market of the Russian Federation, each operator has equal conditions. The state does not give anyone privileges or benefits. Competition takes place on equal terms between all service representatives.

Would you like to learn more about the provisions of Federal Law No. 126? Download it.

General provisions

This document (hereinafter referred to as the user agreement) regulates the relationship between the owner of the website resource - the WiFi-Pass company (hereinafter referred to as the site administration) and an individual who has gained access to the pages of the site or uses one of the services of the said resource (hereinafter referred to as the site visitor).

A user agreement is necessary to determine the procedure for accessing resources, information and services of the site, as well as to regulate the rules for using the platform provided by the site administration for communication and mutual exchange of information (receiving and posting it).

1. Site visitor

1.1. According to this user agreement, a site visitor means any individual who has visited the site resource and read the information contained on one of the site pages.

1.2. According to this user agreement, a site user is understood as a visitor who has registered on the resource and authorized using personal personal data. The site user, by filling out the registration form, gives his consent to the collection and processing of his personal data, which is carried out in accordance with the legislation of Ukraine.

1.3. User status presupposes access to additional features of the site resource offered within the site after reading and agreeing to the text of this user agreement. Otherwise, the site user does not have the right to use the benefits of his status.

1.4. A site visitor does not have the right to use the capabilities of this resource or enter into a user agreement with the site administration if this is contrary to the legislation of Ukraine.

2. Rules for using site materials

2.1. Users of the site resource have the right to conduct online communication, comment on materials, express opinions about materials in the form of reviews, post their own materials on the site pages and use the interactive resources of this site.

2.2. The site user has the right to:

2.2.1. posting information about WiFi networks and commenting on your own and other users’ posts;

2.2.2. using the resources of this site in other ways, if these do not contradict the basic principles of the site’s activities.

2.4. Copying site materials without permission from the administration is prohibited. Partial quotation of materials from the site is allowed only on an irregular basis and with a mandatory link to the corresponding, original source page of the quotation.

3. General rules for writing and commenting reviews.

3.1. This section defines the rules and restrictions governing the writing and commenting of reviews, which are mandatory for all users of the site.

3.2. Ignorance of the rules and procedures for posting information on the site does not relieve the user (including the visitor) of the site from the obligation to comply with them. In case of violation of these rules, the user (visitor) is liable in accordance with the legislation of Ukraine and this user agreement.

3.3. Users (visitors) of the site are prohibited from:

3.3.1. publication of information calling for the commission of actions prohibited by the legislation of Ukraine;

3.3.2. publishing statements of an offensive nature towards other visitors or the site administration, as well as provoking a negative reaction from other users or visitors to the resource (trolling);

3.3.4. publication of materials that violate the copyrights of third parties and links to files and/or sites promoting piracy.

3.3.5. use of names in accounts that imitate the official names of the site administration or the names of already registered users;

4. Responsibility for posting materials

4.1. To express opinions on the subject of the site, the administration provides users with a platform for communication, formed in the form of comments and a review system.

4.2. The user who published this information is responsible for the accuracy of the information posted on the site.

4.3. The site administration reserves the right to check published information after it is posted - post-moderation. A representative of the administration (moderator) has the right to delete information, review or comment that violates the terms of this agreement.

4.4. A resource visitor can challenge the legality of publishing information or the actions of moderators through negotiations with the site administration.

4.5. The site administration reserves the right to terminate this user agreement. As additional measures, a ban on user access to the site may be applied.

5. Confidentiality agreement

5.1. The procedure for accumulating, storing and publishing information that may contain confidential or personal data is carried out on the basis of the Confidentiality Agreement and existing standards in the Legislation of Ukraine.

5.2. By visiting the pages of the site, filling out the user registration form or agreeing to the terms of the user agreement, the site visitor agrees to the terms of the Privacy Agreement.

6. Final provisions

6.1. A site visitor automatically agrees to the terms of the user agreement after filling out the registration form on the site.

6.2. The actual use of the site is considered by the administration as acceptance of the terms and conditions of the user agreement.

6.3. The site administration is guided in its activities by the legislation of Ukraine. Any appeal to the actions of the administration will be considered only in accordance with the legislation of Ukraine.

6.4 The site administration is not responsible for losses (direct or indirect), as well as for lost profits of visitors, users or third parties incurred as a result of the site’s activities.

6.5. The resource administration reserves the right to unilaterally change the terms of this document (user agreement).

TIN 7721795211

Legal address: 115054, Moscow, st. Dubininskaya 11/17 building 1

Terms of use

• 1. GENERAL PROVISIONS
  • 1.1. These rules govern the relationship between the Visitor/User/Customer and the Contractor for the provision of Services.
  • 1.2. The Contractor posts on the Site information about the Services offered and other information related to the activities of the Contractor. Changes, including information about the provision of Services on the Site and their cost, are made by the Contractor unilaterally without prior notice to the User. The information is valid until the Contractor makes appropriate changes, unless another period is additionally specified by the Contractor.
  • 1.3. Full and unconditional consent and acceptance of these Rules is the placement by the Customer of the Application in the manner established on the Site.
• 2. TERMS USED
  • 2.1. Site visitor is a person who came to the Site without the purpose of placing an Application.
  • 2.2. User - a visitor to the Site who accepts the terms of this Agreement and wishes to place an Application on the Site.
  • 2.3. Customer - the User who placed the Application on the Site.
  • 2.4. Contractor - a legal entity whose description of the Services is posted on the Site. Information about the legal entity: Limited Liability Company LLC "Free Choice" (TIN 7721795211 Legal address: 115054, Moscow, Dubininskaya str. 11/17 building 1).
  • 2.5..
  • 2.6. Services - information services provided by the Contractor and available for Applications on the Site.
  • 2.7. Application - a duly completed request from the Customer for the provision of the Service selected on the Site.
• 3. PROTECTION OF PERSONAL INFORMATION
  • 3.1. By providing his personal data when submitting the application form on the Site, the Customer gives the Contractor his consent to the processing and use of his personal data in accordance with Federal Law No. 152-FZ “On Personal Data” dated July 27, 2006 in various ways for the purposes specified in this Agreement.
  • 3.2. The Contractor uses the Customer’s personal data for the purposes of:
    • registration by the Customer of the Application on the Site;
    • feedback from the Customer.
  • 3.3. Personal data collected by the Contractor:
    • Customer's phone number;
    • Customer's email address.
  • 3.4. The Contractor undertakes not to disclose information received from the Customer. At the same time, disclosure of information is not considered a violation of obligations in the case where the obligation for such disclosure is established by the requirements of the current legislation of the Russian Federation.
• 4. FINAL PROVISIONS
  • 4.1. The Contractor reserves the right to make unilateral changes to these rules. Changes to the terms of these rules come into force after they are published on the Site.

The idea expressed in this post may seem obvious and banal to some, but, as a conversation in a smoking room with colleagues showed, many, even those related to IT, have not even thought about it, not to mention people who are more distant from technology.

When it comes to “What’s bad about public Wi-Fi in transport/cafes/hotels/etc.?” Most often, the first answer is that the main problem is either a complete lack of encryption or the use of the same encryption key for all users. Many will rightly object to this, saying that now almost all sites and services use HTTPS, so an attacker listening to your traffic will not be able to intercept your passwords and personal data.

Those who are tech-savvy or have a healthy amount of paranoia use encrypted VPNs when browsing over public networks, thus adding an additional layer of protection.

But today we will not talk about that.

According to the current legislation of the Russian Federation, the main condition for free access to wi-fi is user authorization. When connecting to a public network, the user must authenticate himself and his device.

List of legislative acts

• Federal Law No. 126 “On Communications”, which came into force on July 7, 2003;
• Government Decree No. 801 “On Amendments to Certain Acts of the Government of the Russian Federation”;
• Federal Law of the Russian Federation of July 27, 2006 No. 149-FZ “On information, information technologies and information protection”;
• Order of the Ministry of Telecom and Mass Communications of Russia No. 83 dated April 16, 2014;
• Federal Law of the Russian Federation of July 27, 2006 N 152-FZ “On Personal Data” as amended and supplemented;
• Rules for the provision of communication services for data transmission, approved by Decree of the Government of the Russian Federation of January 23, 2006 N 32;
• Rules for the provision of telematic communication services, approved by Decree of the Government of the Russian Federation of September 10, 2007 N 575;
• Rules for the provision of universal communication services, approved by Decree of the Government of the Russian Federation of April 21, 2005 N 241;
• Decree of the Government of the Russian Federation of July 31, 2014 N 758.

When you connect to free WiFi for the first time, you are automatically redirected to a login page that might look something like this:

Authorization is usually possible in one or more ways:

• By entering your mobile phone number and receiving a code via SMS or call. According to the adopted amendments to the Law “On Communications”, SIM cards can only be sold at specialized points and with the presence of documents proving the identity of the buyer. Moreover, the corresponding state structures are hatching plans to fight “gray” and “leftist” SIM cards.
• Authorization through the ESIA (“State Services”), creating an account in which similarly requires the presentation of identification documents
• Some Internet providers allow their subscribers to connect to their own public Wi-Fi using a login-password combination from their home Internet, the contract for which, again, is concluded with the indication of passport data.

Almost always, after completing the authorization procedure, a record of the form “MAC address of your device” / “some identifier that clearly indicates your identity” (phone number, login for government services, contract number, etc.) is saved in the service provider’s database. ). This is necessary so that the next time you connect to the same network, you do not have to go through the entire procedure again - the service provider's router will recognize your phone, tablet or laptop by MAC address and automatically apply the necessary access rules. In most cases, the MAC address is the only way the provider identifies you as a user.

Now let's look at a very real situation.

You, as a law-abiding person, came to some public place, for example, a cafe or a subway car, logged in to the public WiFi network using your phone number or any other provided method, used the resources of the World Wide Web, then disconnected from the network and left from this place.

At the same time with you in this place there is a certain not entirely law-abiding citizen who has with him the most ordinary laptop, on which there is the most ordinary WiFi adapter capable of working in monitor mode and utilities from the aircrack-ng package. With the help of all this, a bad person quietly and imperceptibly listens to the broadcast, noting which devices with which MAC addresses appeared on the network, exchanged traffic with the access point, and then disconnected from it. It all looks something like this:

After you have left the place with this WiFi network, the bad person changes the MAC address of the WiFi adapter on his device to the MAC address of your device, connects to the network, the equipment recognizes him as an “old friend” (that is, you) and allows you to access the Internet without any authorization.

It is worth noting that all this may not necessarily be done with evil intentions. Some people ( all personalities and events are fictitious, coincidences are accidental) do this to access the WiFi network in the metro without viewing ads (by finding the MAC address of the device of a person who paid for a premium account without banners).

Having successfully logged into the network, a bad person can do something that goes against the current legislation - write some message on social networks, like someone else’s post or a screenshot from a feature film, in short, do anything that in our time is considered a violation of articles and, and in addition also of the Criminal Code of the Russian Federation.

And this is where all the fun begins.

According to current legislation, telecom operators must store authorization data for at least 6 months. When the prosecutor's office and investigators are activated and a request is made to the service provider from whose Network the “offence” was committed, the logs will point not to the “bad person”, but to you, as the legal owner of the device with the MAC address from which the access was made.

Ideally, everything will fall apart at the pre-investigation stage.
In a good case, you will have to spend time and effort to prove that you have nothing to do with it - attract experts who will prove that the MAC address cannot be an unambiguous identifier of a specific device and a specific user, collect testimony from witnesses and recordings from CCTV cameras (if they will not be removed due to the statute of limitations) that at the time of the event you were no longer in that place, and pray that the judge does not reject your requests to include all this in the case file as “irrelevant.”

You don’t need to look far for examples - Dmitry Bogatov case, the administrator of the TOR node, from whose IP address an unknown person called for riots. Despite the recordings from CCTV cameras, which clearly confirm that Dmitry was in a fitness club at the time of the offense, and not at home at his computer, and expert opinions that an IP address cannot be a personal identifier, Bogatov was arrested, later, under public pressure, was transferred to house arrest, and as a result, the criminal case against him was dropped only a year later. If this story had not received widespread coverage in the media, and human rights organizations from all over the world had not stood up for Dmitry, everything could have ended much worse.

In a bad case... let's not talk about bad cases, everything is clear here.

How can you avoid this? Alas, no way. It all comes down to the imperfection of the authorization and authentication methods themselves of telecom operators, as well as especially the work of our law enforcement and judicial system. At the moment, I don’t see any technical methods to eliminate the possibility of such situations from ordinary users (we are not considering the option of using SIM cards registered to unauthorized persons for the reasons described above). There is only one conclusion: do not use public WiFi networks.

It's also worth noting that it's not just when using public WiFi that you need to be vigilant. Today, the vast majority of home users use the WPA2-PSK encryption protocol on their WiFi routers, which also means that when using simple passwords (and with the further development of computing power - not only simple ones) entails the ability for unauthorized persons to connect to their home WiFi -network and Internet access on behalf of the owner of the router. This problem can be solved using technical methods (for example, you can configure the equipment so that when connecting to a WiFi network, access is only to the VPN server, through which access to the outside world is already provided, or WPA-802.1X - but in both cases, outside support is required iron), but few ordinary people will bother with this, alas.

Tags: Add tags