ZeroTrace AirLeak Pro
Privacy & Legal
What the Pro captures, the line between passive and active use, and responsible practice
AirLeak Pro has two very different modes of operation, and they sit in very different legal places:
- Passive survey (Wi-Fi + BLE scanning) reads only what devices publicly broadcast.
- Active Ops (the Ops Suite) transmit and interact with other devices.
The first is broadly comparable to any wireless-survey tool. The second is only lawful with explicit authorization. Read both sections below.
We aren't lawyers. Laws differ by country and change over time. When in doubt, get advice for your jurisdiction and engagement.
Passive survey
What it captures
- Wi-Fi, access-point beacons (name, security, band, channel, signal) and client probe requests (which name remembered networks). These are broadcast in the clear as part of Wi-Fi's discovery layer.
- Bluetooth LE, advertisements and scan responses (the BLE discovery layer).
What it does NOT do
- No decryption, only unencrypted broadcast discovery data. Protected traffic and the contents of connections are never captured.
- No intrusion during survey, passive scanning doesn't join networks or pair with devices.
- No cloud exfiltration, captured data streams to your phone. The unit doesn't phone home on its own.
Legal context for passive capture
The common thread across the US, EU/UK, and comparable jurisdictions: receiving broadcast signals is generally lawful; the use, retention, and sharing of identifiable data is what's regulated. MAC addresses and network names can be personal data (GDPR treats them so when linkable to a person). Personal-use survey in a space you occupy or are authorized to assess is the clean scenario; deploying in public spaces and retaining or sharing identifiable data is regulated.
Unlike the BLE-only AirLeak, the Pro also captures Wi-Fi client probe requests, which can reveal the networks a person's device remembers. Treat that as personal data: don't retain or publish it beyond what your purpose needs.
Active Ops
The Ops Suite is a different world. Transmitting deauth frames, standing up a captive portal, capturing handshakes, or interacting with someone else's device is unauthorized access / interference in most jurisdictions unless you have permission.
Only run Ops against infrastructure and devices you own or are contracted to test, within a defined scope, with authorization on file. Running them against third parties, or outside scope, can be a criminal offense (e.g. Computer Fraud and Abuse Act in the US, Computer Misuse Act in the UK, and equivalents elsewhere).
Practical rules for Ops:
- Scope everything. Know exactly which SSIDs, BSSIDs, and devices are in scope, and stay inside it.
- Handle captured credentials carefully. A captive portal can collect what people type; treat any capture as sensitive, store it per your engagement rules, and destroy it when done.
- Handshake / pcap files are evidence-grade. Protect them like any assessment artifact.
- Don't disrupt production you weren't cleared to touch. Deauth and beacon Ops affect real users.
Recommended practices
Use spaces and targets you control or are authorized for
Your own lab, your own devices, or an engagement with signed authorization is the clean scenario for both survey and Ops.
Limit retention
Drive exports (WiGLE CSV), .pcap captures, and any portal data accumulate. Delete what you no longer need, and keep survey exports only as long as your purpose requires.
Don't publish identifiable data
Captured MACs, SSIDs, BLE names and client probe data are identifying. If you publish results (research, a report, vendor disclosure), aggregate and anonymize, replace identifiers with index numbers, redact names.
Switch to Setup when idle
When you're not surveying, use Setup so the radios stop and you're not accumulating data you'll never use.
Tracker-following detection
The Pro's tracker alerts (separated Find My, repeated followers, unwanted-tracking signals) are a genuine safety feature. If an alert fires and you don't recognize the tracker:
- Don't panic, forgotten trackers in public places are common.
- Verify with the app's Hunt workflow, does it follow you across locations?
- Locate it, modern trackers can often be made to play a sound.
- Document the identifiers and timestamps.
- Contact authorities in genuine stalking scenarios, they can compel the vendor for owner identity.
Data we encourage you not to retain
Some captures are sensitive even when technically broadcast, medical devices, hearing aids, children's devices. If they're present in a space you're surveying, prefer not to retain that data.
Reporting
Found a privacy or security concern with AirLeak Pro itself? Report it to security@zerotrace.pw, we treat privacy bugs the same as security bugs.
The capability that maps a network for a legitimate assessment, or finds a stalker's tracker in your bag, can be misused. Survey only what you're authorized to, transmit only with permission, retain only what you need, and never publish identifiable data about people who haven't consented.