Digital Protection

Bilbao WiFi+ is a new WiFi network that incorporates a digital protection service that will allow us to alert you of any security risk or problem that we detect on your computer or phone.

How can I join?

If you want to join, the sign-up process is very easy: just provide us with an email address or mobile phone number so that we can send you alerts when we detect something relevant to your safety.

If you don't want to join, you will still be able to use Bilbao WiFi as before.

How does the service work?

Both networks, Bilbao WiFi and Bilbao WiFi+, are present throughout the city and their capacity and speed are the same. The only difference is that in Bilbao WiFi+ we will warn you of the risks we detect. In Bilbao WiFi we will also block all the risks we detect but we will not be able to warn you.

What about my privacy?

It is important for you to know that for us your privacy is the most important thing, so we do not analyse absolutely nothing you have on your device: photos, files, emails, websites you connect to, ... And when we say nothing, we mean that, nothing. We only analyse the metadata of the connections between your device and the Internet destinations it tries to connect to. This allows us to identify risks and threats, according to the cybersecurity knowledge databases of various international organisations.

The personal data stored by this service is as little as possible: only your email address and the telephone number you give us to notify you of any risks we detect. We also give you the possibility, if you think it is appropriate, to give us some other data such as: gender, age, country where you live, etc... It is useful for us to make aggregate analyses, but it is not compulsory.

All information will be stored in municipal datacenters (data centres). The aim of the service is not to identify you, nor to know who you are, but only and exclusively to help you protect your security on the Internet. We want to be very clear about this.

The data is stored with the highest level of security, according to European and international laws on data protection and the City Council will in no case be able to:

Use the data for another purpose
Share them with third parties (except if required by the judiciary)

The metadata of the connections can be used for the improvement of public services. But no personal or web browsing data will be analysed.

Added for the more tekies:

By now you might be thinking that we act like a Man in the Middle attack, but we don't. We don't because there are basic things we don't do, and never will. It's not because there are basic things we don't do, and never will. For example, we don't break any kind of SSL tunnel. If the traffic is encrypted on an HTTPS, SFTP, ... connection, it is let through as is. We only observe things like DNS query requests launched from the device, user-agent HTTP headers, connection attempts to Netbios services over IP or other unusual and suspicious protocols or connection attempts to IP addresses that are related to IOCs published in official sources. This alone gives a pretty clear picture of the type of malware that is trying to use the network. There is no analysis whatsoever of the content of the pages visited, even if they travel via unencrypted protocols and it would be technically feasible to do so.

How many people will we protect this month? Join us!

Protected people in Bilbao WiFi+

Notifications sent in Bilbao WiFi+

Types of viruses detected