Do you stand for principle -- even when it's against your interests? Would you defend the free-speed rights of Nazis, for example? The answer is generally "no", few people stand for principle. We see that in this morning's news story about Marriott jamming (actually deauthing) portable WiFi hotspots in order to force customers to use their own high-priced WiFi.
The principle I want to discuss here is "arbitrary and discriminatory enforcement". It was the principle behind the Aaron Swartz and Andrew "weev" Auernheimer cases. The CFAA is a vague law where it is impossible to distinguish between allowed and forbidden behavior. Swartz and Weev were prosecuted under the CFAA not because what they did was "unauthorized access", but because they pissed off the powerful. Prosecutors then interpreted the laws to suite their purposes.
The same thing is true in the Marriott case. Deauthing Wifi is common practice on large campuses everywhere, at company headquarters, hospitals, and college campuses. They do this for security reasons, to prevent rogue access-points from opening up holes behind the firewall. It's also used at the DefCon conference, to prevent hostile access-points from tricking people by using "DefCon" in their name.
Section 333 of the Communications Act is vague on whether deauths are inherently illegal. That's because they aren't causing "interference" as the word is used in physics and radio communications. "Deauth" is a command you send to the device, not electromagnetic waves that drown out other signals. If the access-point and the client simply ignored the deauth (which they can be configured to do), then they would have no effect on the radio communications. (I configure my systems this way on pentests, btw, it's awesome).
Marriott quite rightly defends itself pointing out there is nothing in the rules that distinguish between the deauths everyone else is doing (which aren't prosecuted by the FCC) and the deauths they were doing. Sure, they are shitty dirtbags for doing it, but there is nothing in the law that distinguishes between "shitty dirtbag deauth" and "cybersecurity deauth".
In discussions on Twitter, I find that nobody cares about the principle of "discriminatory enforcement". Instead, all they cared about was that corporations are evil, and that Marriott was particularly evil in this instance. While nobody could explain what part of the law distinguished permissible deauth from impermissible ones, they frequently argued why deauths can be thought of as violating section 333 of the Communications Act. That's missing the point: if their interpretation of the law is correct, then all deauths need to be prosecuted by the FCC, and all makers of WiFi security products (Cisco, Aruba, etc.) need to be prosecuted for marketing jammers within the United States.
The point isn't whether spooing deauths is illegal. The point is "discriminatory enforcement", and nobody seems to care -- at least when it concerns those who they already hate.
The phrase "two minutes of hate" refers to George Orwell's 1984. The picture above is from the movie. My outpouring of hate on my twitter feed feels like that.