At Boingo, customer privacy has always been our top priority. Boingo is committed to ensuring the data security of our retail customers and venue and wholesale partners.
Is my personal information safe?
Yes. The information that you provide Boingo when signing up for an account is maintained in a central billing system in secure co-location facilities. We implement the latest data security methodologies to protect this data from unauthorized third parties.
Will your share my information?
As an ISP, we are bound by law to respond to subpoenas and warrants from law enforcement agencies about specific users and their online activities as part of an active investigation. Each of these requests is reviewed, documented and responded to in accordance with the laws and our internal policies governing these information requests.
I heard that Boingo cooperated with Canadian intelligence agencies to track customers who used Wi-Fi at airports. Is this true?
No. According to our records, Boingo Wireless has not received nor responded to any requests for information from Canadian authorities in this instance, and subsequently to the best of our knowledge, has not provided any information about any of our users to the Canadian government, law enforcement or intelligence agencies.
What is the difference between privacy and security?
Privacy governs the use of data and establishes a relationship of trust between two parties who agree how that data can be used. Security entails the integrity of the data itself, and can include everything from whether your credit card is encrypted to protect against theft, to ensuring that you use a VPN or SSL services in public hotspots to make sure anything you send over an open Wi-Fi network is protected.
Is my data secure when I log into public hotspots?
Unfortunately, no. Public Wi-Fi by its very nature is insecure, since it is not an encrypted network.
A well-managed network (like those managed by Boingo) can limit the number of threats to users and reduce their exposure to hackers and snoops with active tracking, blocking, and monitoring. By properly configuring a network, maintaining diligence in evaluating the computing environment, and keeping up to date with the latest user threats, a managed service provider can limit threats to users and liabilities to the venue owner, but it cannot eliminate all vectors of attack.
What can I do to keep my data secure when I am using public Wi-Fi?
There are a number of steps that users can take to ensure the security of their own data:
- Use a VPN: Securing all connections on public networks via VPN will encrypt all user communications – indeed this can thwart both man-in-the-middle and Firesheep attacks, among others. Many personal VPN services are available for a small fee, while others, like Boingo’s Wi-Finder app with VPN, are available free for customers.
- Secure connections: Most popular services – like Twitter, Facebook and Gmail – can be configured to connect using a secure method. Five key letters to remember when logging on to a website on a public network: HTTPS. Beyond configuring each of your key web services to default to SSL-encrypted sessions, you can also use third party browser extensions like HTTPS Everywhere from the EFF to force SSL when it’s available.
- Update passwords: Users can improve their odds of staying secure by creating complex temporary trip passwords and changing them every few days while traveling.
- Surf smart: Users should avoid logging into financial, healthcare or other personal sites on public networks, period. Rule of thumb: if you wouldn’t want a person sitting next to you on a bus to see what you’re looking at online, don’t look it up on a public Wi-Fi hotspot.
- Use a trusted Wi-Fi provider: If possible, users should try to connect to a network managed by a trusted Wi-Fi provider, who is actively monitoring and managing the network for rogue activity.
Why aren’t public Wi-Fi networks more secure?
In order to make the network available to everyone, the network has to be open. Some countries – like Japan – previously regulated that public Wi-Fi had to be WEP protected, but in order to access the network, the owner had to publish the WEP key, which meant that everyone had the key to decrypt traffic on the network. The good news is that new technologies coming to market – most notably Passpoint-enabled Next Generation Hotspots – include enterprise-grade encryption as part of the login process. This can be applied to commercial, free or enterprise networks, but the user will need a profile on their phone that helps the network identify them to create this trusted, encrypted connection. Boingo launched the first Next Generation Hotspot at O’Hare Airport in 2013, and will deploy more in 2014.
Have more questions? Our award-winning Customer Care team is available 24 hours a day, 7 days a week, 365 days a year by phone, email and via social media to provide quick and complete responses: