[WEB4LIB] RE: Wireless APs and Liability

[Genny Engel]

> I'm a bit skeptical as someone grabbing our signal from across the =
> street
> can't reasonably be expected to see our bulletin boards.  Wouldn't
the
> library at least need to have users agree to an AUP?  And even then,
=
> would
> that be enough?  I would hate to get a letter from the MPAA telling
me =
> that
> download activity had been traced to the IP address of our AP.  On
the =
> other
> hand, should I quit being so fretful, plug it in, and hope for the
best? =

We have all our wireless access running through Bluesocket gateways,
which means

a) the user gets a page from the Bluesocket on connect, enabling us to
put any kind of wording we want (although in our case we are not posting
an AUP)

b) we can (and do) prompt for login -- we require a library card for
use; the Bluesocket is ideal because it can authenticate against our
live patron database (so that as soon as a card is issued, it's valid
for wireless access)

c) we can (and do) restrict by protocol both inbound and outbound,
port, and bandwidth per user

Merely requiring authentication wouldn't in itself stop us from getting
a letter from the MPAA, I suppose.  We were, I believe, really more
concerned about drive-by spamming, which is why we restrict by port and
protocol.

I wouldn't tell you to quit being so fretful; it's good to think
through these things before putting up the service in the first place.

We posted info about our service at:
http://www.sonomalibrary.org/wireless/


Genny Engel
Internet Librarian
Sonoma County Library
gengel at sonoma.lib.ca.us
707 545-0831 x581