Marriott claims that it was doing so to reduce interference with the operation of their network and to reduce security threats to the users of its network.
The FCC's decision is that there is no credible and specific threat to the Marriott network and that WiFi devices are not allowed to
I understand what the Marriott was trying to do. I get what the FCC is trying to accomplish. I don't think either side is handling the situation the right way. Here are some of my
Inherently, WiFi devices cause interference with each other. Bringing third-party unmanaged devices into a facility with a managed airspace causes unwanted and unpredictable interference within that managed airspace. So, technically, under the same regulation that the FCC is using to fine Marriott, can Marriott now file FCC complaints against its customers who bring in devices that interfere with the Marriott's networks?
Interference is not the same as blocking/jamming/preventing the proper operation of.In facilities where connections to the outside world need to be managed, monitored, and secured, including those where retail transactions occur, where credit card transactions are stored, where PCI-DSS certification is required by law, don't facilities need to be able to deter these foreign, unmonitored connections by whatever means necessary? In a world where these exist, don't the owners of businesses have the right to protect their internal networks and airspaces? If I had penetrated Marriott's network and wanted to exfiltrate credit card info or client purchase records, I would prefer not to ship that data out of Marriott's heavily secured perimeter, trying to circumvent any compliance monitors they may have running on outbound traffic. If I was able to get penetration hardware like a pineapple onto an internal network, I could also easily connect said device to a My-Fi device for exfil. Being able to controls these rogue AP's is actually essential to network security. This is exactly why there are WIPS that perform this type of function.
Generalized disabling of devices just because they're a potential threat is not permissible, particularly in the unlicensed spectrum. Only if there is documented action on a vulnerability can there be corrective action, especially when considering the wording of the Consent Decree. Other methods of mitigating the vulnerabilities must be utilized.
The FCC's interpretation of the situation is that any behavior that interrupts the intended function of the hardware is considered "jamming". But I don't think they got this right. Jamming would render the entire channel useless to all users, regardless of the protocol or SSID. Marriott was not jamming the unlicensed frequencies. It was not rendering all WiFi services useless or preventing usage of the frequency for anyone. It was preventing the use of unauthorized devices that were causing co-channel interference on its existing managed network, not by abusing the radios or the frequencies, but by utilizing the normal function of the protocols.
Reading the language of the applicable FCC regulation, it's the content that can't be interfered with because it exists within the regulated medium.As for Marriott, sure, movie theaters and stadiums usually won't let customers bring in outside food. But in those industries, those are the main sources of profit for the venues. Theaters make almost nothing on ticket sales, but that $18 tub of popcorn cost them $0.85. It's how they keep the lights on. That's the entire business model. The hotel/convention hospitality industry has profit centers in almost every aspect of the business. The margins vary, but charging between $250 and $1000 for internet access is flat out price gouging. Services like local phone access, cable tv, and wireless internet access are utility and should be treated as such. In an ever growing industry, hotels will eventually realize they will lose customers, conferences, and conventions when charging rates like this. I know. I've been a customer. We specifically chose a non-Marriott venue for an upcoming event due to Marriott's tendency to drastically overcharge for services and equipment rentals.
