Why TSA Warns Do Not Use These Networks On Your Phone

Why the TSA warning?

SOPA Images/LightRocket via Getty Images

It’s a fiery debate. When America’s Transportation Security Administration (TSA) told smartphone users “don’t use free public WiFi,” it was always sure to prompt a response. Public WiFi safety is contentious. But while a backlash from the cyber community was inevitable, the U.S. government has seemingly stepped into the debate.

The advice to avoid airport WiFi is one of TSA’s 2025 “two best tips for staying cyber safe at airports while you’re traveling.” The other is the equally controversial juice jacking, with the advice to avoid public charging points as well.”

TSA stresses its WiFi advice is most critical “if you’re planning to make any online purchases,” and whatever you’re doing online, warns “do not ever enter any sensitive info while using unsecured WiFi.” But unsecured WiFi and unsecured connections are not the same thing. And now the FTC has reissued its reality check.

ForbesFBI Warning—Do Not Call Any Of These Phone NumbersBy Zak Doffman

“Public Wi-Fi networks, or hotspots, in coffee shops, malls, airports, hotels, and other places are convenient,” the Federal Trade Commission says in an updated advisory. And while “in the early days of the internet, they often weren’t secure, things have changed.”

The FTC’s sense check is welcome — it’s short and simple and makes the key point without ambiguity. “In the past, if you used a public Wi-Fi network to get online, your information was at risk. That’s because most websites didn’t use encryption to scramble the data and protect it from hackers snooping on the network.”

But that’s not the case now. “Today, most websites do use encryption to protect your information. Because of the widespread use of encryption, connecting through a public Wi-Fi network is usually safe.” As long as you stick to your usual apps and websites, you’re fine. Clearly, don’t install apps from or provide data to the network itself.

The FTC says this applies even to “sensitive data like the login information for your financial, email, or social media accounts,” and while “it can be hard to tell if a mobile app uses encryption,” it reassures that “the majority do.”

ForbesMicrosoft Warns PC Users—If You Get This Message, It’s An AttackBy Zak Doffman

There are “over 5 Million Public Unsecured Global Wi-Fi networks,” and more than 33% of users connect to public unsecured networks. But website encryption is now the default and you should be warned if a website is not secure by whichever browser you’re using. Look in your browser’s address bar for a lock symbol or https before the URL.

So why the TSA advice? It may be outdated but it’s very common and needs to be contextualized. While public and even unsecured WiFi connections can betray the identity of your device, your location and the websites you visit, it cannot compromise any of the encrypted content you send or receive without some form of device attack or socially engineered trickery to convince you into doing something you shouldn’t.

Airport WiFi should be fine. And if you have any concerns you can use a VPN to fully secure your traffic. Just make sure it’s a western, paid or subscribed offering from a mainstream provider. A free VPN from a suspect developer is far more dangerous than any public WiFi network you might choose to connect your phone to.