“The current contract stipulates that Chesterburgh's municipal Wi-Fi infrastructure allows continuous data retention for a minimum of five years, with no explicit provisions limiting access to law enforcement agencies.” — Excerpt from the Chesterburgh Public Network Services Agreement, obtained via FOIA on 2024-04-10.

Chesterburgh’s city-managed Wi-Fi network has quietly become a focal point of concern after a recent review of public records revealed extensive and prolonged data retention policies embedded within the town’s 2022 contract with NetWalk Communications. The clauses discovered in this agreement suggest that metadata and detailed usage logs are being stored far longer than residents might expect, and there is little transparency about who reviews this data and under what circumstances.

The public network was initially launched in late 2021, promising residents free Wi-Fi access in downtown Chesterburgh, the town square, and select public parks. The fostering of digital inclusion was cited as the primary goal, especially in light of growing remote work trends and the town’s aging population’s need for better connectivity. However, a closer examination of the contract obtained through a Freedom of Information Act (FOIA) request shines a different light on the deal.

The 56-page document outlines numerous technical requirements, billing schedules, and service level agreements, but it is the section on “Data Retention and Access” that raises questions. According to the contract, NetWalk Communications is required to maintain detailed records of user connections, including IP addresses, device identifiers, time stamps, connection durations, and browsing metadata. This data is to be held for at least five years from the date of collection. The original public presentation of the network omitted mention of these retention policies.

The contract further specifies that this information is accessible by “authorized city and law enforcement officials” upon request, with no explicit limitations on the scope or frequency of such access. It is not clarified if any warrants or court orders are required prior to inspection of these records. Request forms and access logs involving these data requests are notably absent from the publicly available transparency reports published by Chesterburgh’s municipal administration.

To contextualize the ramifications, this means that anyone using Chesterburgh’s free public Wi-Fi leaves behind a digital trail that is stored in perpetuity. Given that this service is frequently used by vulnerable populations — including students, senior citizens, and low-income residents — the potential for misuse or unregulated surveillance is significant. No community forums, consultations, or public input sessions regarding these data policies appear to have occurred before or after the contract’s ratification, according to meeting minutes and municipal records reviewed.

When approached for comment, the Chesterburgh City Manager's office provided a brief statement emphasizing the utility of the free Wi-Fi program and citing public safety needs as justification for data access provisions: “Our objective is to balance the community’s digital access with responsible oversight in line with local and federal regulations. The data collected is integral for troubleshooting, security, and legitimate law enforcement purposes.”

However, concerns remain about the lack of explicit privacy safeguards embedded within the agreement and the absence of published policy explaining how long data retention is reasonable or how individual privacy is protected. Independent IT and privacy experts consulted by this reporter point out that five years is a