Laptop at cafe (194834)
Credit: Pixabay

According to the New York Civil Liberties Union, residents should approach New York City’s new public Wi-Fi network with caution.

Last week, NYCLU officials cited several privacy concerns they have about LinkNYC, which was launched in January. NYCLU officials sent a letter to the New York City Mayor Bill de Blasio’s office citing the fact that CityBridge, the company behind the LinkNYC kiosks replacing public phone booths, retains information about users indefinitely, building a significant database that could possibly result in security breaches and unwarranted surveillance from the New York Police Department.

“New Yorkers’ private online activities shouldn’t be used to create a massive database that’s within the ready grasp of the NYPD,” said Donna Lieberman, executive director of the NYCLU, in a statement. “Free public Wi-Fi can be an invaluable resource for this city, but New Yorkers need to know there are too many strings attached.”

To register for LinkNYC, user have to submit their email addresses and agree to CityBridge collecting information about what websites they visit, where they visit them, what links they click on and how long they linger on certain information on a webpage.

The goal for LinkNYC is to become a network of between 7,500 and 10,000 public kiosks offering fast and free Wi-Fi throughout all five boroughs.

“Internet access is not a choice, it’s a modern-life necessity,” said Mariko Hirose, senior staff attorney at the NYCLU. “The city’s public Wi-Fi network should set the bar for privacy and security to help ensure that New Yorkers do not have to sacrifice their rights and freedoms to sign online.”

According to CityBridge officials, their privacy policy offers to make “reasonable efforts” to clear out information only if there’s been user inactivity for 12 months.

“Public Wi-Fi users should not have to agree to this unlimited collection of information in order to connect to the Internet—one of the basic necessities of modern life in New York City. While we appreciate that the privacy policy provides that this private information will be encrypted in storage and that it will not be sold or shared to third parties for their use, a massive database of this type creates an undue risk of abuse, misuse, and unauthorized access,” read the letter sent to the mayor’s office. “The best practice, which we urge you to incorporate into the privacy policy, is to minimize the collection and retention of this private information to what is operationally necessary and to set a destruction policy with a fixed retention period that is tied to operational needs.”