In one of the weirdest arrests of the year, at least five bar and cafe managers from the French city of Grenoble were taken into custody last week for running open WiFi networks at their establishments and not keeping logs of past connected users.
The bar and cafe owners were arrested for allegedly breaking a 14-year-old French law that dictates that all internet service providers must keep logs on all their users for at least one year.
According to local media reports [1, 2, 3], the bar and cafe owners claimed they were not aware that such a law even existed, let alone that it applied to them as they had not received notifications from their union, which usually sends alerts of industry-wide legal requirements.
Nonetheless, French media pointed out that the law’s text didn’t only apply to internet service providers (ISPs) in the broad meaning of the word — as in telecommunications providers — but also to any “persons” who provide internet access, may it be free of charge or via password-protected networks.
The bar and cafe owners were eventually released after questioning.
According to French law number 2006-64, they now risk up to one year in prison, a personal fine of up to €75,000, and a business fine of up to €375,000.
Connection logging is a feature supported on most commercial routers and has been added for this specific reason, as countries around the world began introducing data logging laws for their local ISPs.
Law enforcement agencies often rely on these logs to track down malicious behavior or details about suspects using public WiFi networks to commit crimes.