Skip to content
Hotels that block personal Wi-Fi hotspots will get busted, says FCC
Naked Security Naked Security

Hotels that block personal Wi-Fi hotspots will get busted, says FCC

So ends Marriott's campaign to block guests' hotspots and force guests to pay for its own Wi-Fi, even though they don't threaten security.

Image of Wi-Fi hotspot courtesy of ShutterstockThe US Federal Communications Commission (FCC) didn’t mince its words: hotels that block Wi-Fi are breaking the law.

From a warning posted on Tuesday:

In the 21st Century, Wi-Fi represents an essential on-ramp to the internet. Personal Wi-Fi networks, or "hotspots", are an important way that consumers connect to the internet. Willful or malicious interference with Wi-Fi hotspots is illegal.

In fact, blocking of guests’ personal hotspots violates Section 333 of the Communications Act, according to the FCC.

In spite of the illegality of such blocking, the Commission’s Enforcement Bureau has seen a “disturbing trend” in which hotels and other commercial establishments block wireless consumers from using personal Wi-Fi hotspots on their premises.

The Bureau has been investigating and taking action against Wi-Fi blocking, most notably with Marriott International Inc.

The hotel chain was investigated in 2014 and then slapped with a $600,000 fine (around £400,000).

But that didn’t stop it from waging a legal and PR battle to get permission to block personal hotspots in its conference and convention areas.

Earlier this month, Marriott threw in the towel on the blocking, though it said it hadn’t given up trying to get the FCC’s blessing on blocking in cases of “clear cybersecurity risk”.

In spite of Marriott’s claims about cybersecurity, the FCC said on Tuesday that the hotel chain had admitted that blocked customers hadn’t posed a security threat to its network.

The “we’re doing it for their own good” argument was hard to swallow, in light of how much Marriott was making from selling internet “on-ramps” to the guests whose internet tires it had slashed: namely, between $250 to $1,000 per device to get onto the internet at one of its properties, according to the Commission.

Or, in the words of one reader,

Security my a**......

The FCC says it will “aggressively” investigate and act upon “unlawful intentional interference”.

Stay tuned: it says its Enforcement Bureau is investigating several complaints.

Hotels, a word to the wise: stop blocking the on-ramps, lest the FCC steamroll you.

Image of Wi-Fi hotspot courtesy of Shutterstock.


Ooh! Ooh! Class-action suit! Class-action suit! What idiot thinks they can actually use ‘cyber-security’ as justification for jamming radio frequencies? If that gets approved, I’ll have loads of fun pissing off my local HAM radio operators when I jam their signals. Those old, Morse-code thumping curmudgeons could be sharing hacking tips on the HF bands, you know??!?


Yes I know your comment was meant to be tongue in cheek but I would like to caution those who may think about what you proposed. FCC imposes about $7,500 for willful interference or misuse of the Ham bands. The hotels excuses are nothing more than not understanding the mechanics of Wi-Fi, Hot-Spots and Cyber Security and it has everything to do with money.


That’s the thing. They weren’t “jamming radio frequencies.” They were just transmitting well-formed but anti-social Wi-Fi packets so that every time you associated with your access point, they’d send a “no, dissociate instead” packet.

So it’s a bit like making bogus bids at an auction and then running away when your bid wins. You don’t actually speak over the auctioneer to prevent the auction, and you don’t every end up acquiring anything fraudulently. But you ruin the experience for the genuine bidders…


Thank you for explaining the technicals of what hotels are doing to prevent Hot-Spots from working Mr. Ducklin. What you describe sound like a Denial of Service attack wouldn’t you say?


You could probably repeat your last sentence without the words “sounds like” :-) Denying service is exactly what was happening. Just not at a radio-jamming level. So Wi-Fi was still working, technically, just wasn’t usable.


I’m glad the FCC is taking action on this. I don’t think it’s Marriott’s place to block everyone and I don’t doubt that their primary concern is losing a revenue stream moreso than protecting their guests. But I was struck by juxtaposition of two articles here on 16 Jan. One was about Marriott no longer blocking personal hotspots; the other was about a rogue access point that was set up as a so-called prank at a security conference in Sweden that at least 100 people connected to. I could see someone here in the States suing Marriott for not protecting them from themselves when they suffered some financial loss after connecting to a rogue access point in the hotel.


Thing is that if you are using a personal hotspot, you could argue that you’re *less* likely to get spoofed than if you’re blocked from using it.

Firstly, your personal hotspot will be set up with a personal password. So an imposter would be unlikely to be able to set up an encrypted Wi-Fi connection with the same name *and* the same password as yours…so you wouldn’t be able to connect to the bogus one, by accident or design.

Secondly, if you turn on your personal hotspot only when you need it, you’ll see it turn up in your Wi-Fi networks list at exactly that moment…so you’ll be pretty sure it’s your access point you’re looking at.

So by blocking people from using their own hotspots, surely a hotel would be reducing the chance of those users connecting to their own access points, and therefore _increasing_ the hotel’s chance of being sued?


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!