The city’s new public Wi-Fi network LinkNYC raises several privacy concerns for users, the New York Civil Liberties Union announced today after sending a letter to the Office of the Mayor on Tuesday. CityBridge, the company behind the LinkNYC kiosks that have begun replacing phone booths in Manhattan, retains a vast amount of information about users – often indefinitely – building a massive database that carries a risk of security breaches and unwarranted NYPD surveillance.

“New Yorkers’ private online activities shouldn’t be used to create a massive database that’s within the ready grasp of the NYPD,” said Donna Lieberman, executive director of the NYCLU. “Free public Wi-Fi can be an invaluable resource for this city, but New Yorkers need to know there are too many strings attached.”

The majority of Americans believe that their Internet browsing history -- which can reveal their political views, religious affiliations, medical or family problems -- is sensitive. The national public outcry after Apple was ordered to help unlock a phone from the San Bernardino terrorist attacks made it clear how seriously Americans take threats to their security and privacy.

LinkNYC, which was publicly launched in January, will eventually become a network of as many as 7,500 to 10,000 public kiosks offering fast and free Wi-Fi throughout all five boroughs. The sheer volume of information gathered by this powerful network will create a massive database of information that will present attractive opportunities for hackers and for law enforcement surveillance, and will carry an undue risk of abuse, misuse and unauthorized access.

“Internet access is not a choice, it’s a modern-life necessity,” said Mariko Hirose, senior staff attorney at the NYCLU. “The city’s public Wi-Fi network should set the bar for privacy and security to help ensure that New Yorkers do not have to sacrifice their rights and freedoms to sign online.”

In order to register for LinkNYC, users must submit their e-mail addresses and agree to allow CityBridge to collect information about what websites they visit on their devices, where and how long they linger on certain information on a webpage, and what links they click on. CityBridge’s privacy policy only offers to make “reasonable efforts” to clear out this massive amount of personally identifiable user information, and even then, only if there have been 12 months of user inactivity. New Yorkers who use LinkNYC regularly will have their personally identifiable information stored for a lifetime and beyond.

Mayor Bill de Blasio’s launch of LinkNYC, that occurred at the same time that NYPD Commissioner Bratton spoke about the Apple controversy, also raised concerns that the NYPD will be requesting information from CityBridge and that CityBridge will be cooperating – troubling because LinkNYC users are not guaranteed notification if the NYPD requests to access their information. And according to its privacy policy, data collected by environmental sensors or cameras at the LinkNYC kiosks may be available to the city or NYPD. In its letter, the NYCLU requests to know if the environmental sensors and cameras will be routinely feeding into any city or NYPD systems, including the controversial Domain Awareness System, and contends that users must be specifically notified if this is the case.