The NYCLU is asking the city and the operator of the new LinkNYC kiosks to strengthen user privacy protections. View Full Caption NYC Dept. of Information Technology and Telecommunications

NEW YORK CITY — A civil-liberties group is asking the operator of the city’s new public WiFi system to make it harder for hackers to access user information and to safeguard against overreach by law enforcement.

The New York Civil Liberties Union on Tuesday sent a letter to CityBridge — operator of the new LinkNYC system of public kiosks and wireless hot spots that began replacing street payphones last month — imploring the firm to strengthen privacy protections and develop stricter policies for deleting user information.

The NYCLU is concerned that information collected about users, which includes email addresses, could be vulnerable to hackers and police if measures aren’t taken to protect their data, according to Mariko Hirose, a senior staff attorney with the group.

“We applaud this much-needed service, but if we want to have New Yorkers use and rely on it there should be robust privacy protections in place,” she said. “A massive database is attractive to hackers as well as to the misuse, abuse, or overreach by government.”

In order to sign up for the service, users must register with an email address and agree to the provider’s terms of service and privacy policy.

LinkNYC does not collect a user’s browsing history when the user is searching the web on their own device, according to a spokeswoman. But the provider does collect page and search history, length of visits to a given website, and other information when users are on the kiosk’s built-in tablets, according to the spokeswoman and the company’s privacy policy.

In order to access LinkNYC’s user data police must present a subpoena, but there is nothing in the privacy policy requiring CityBridge to notify users that police are looking into their info, according to Hirose and a CityBridge spokeswoman.

Investigators frequently have good reason to hide their surveillance from Internet users, especially those suspected of a crime or conspiracy. But due to CityBridge’s lack of a notification requirement, police would not have to get a separate gag order to prevent the provider from notifying users, Hirose said.

“Without notice, users have no idea what kind of requests the law enforcement could be making,” she said. “There are times that with valid judicial order notification can be withheld, but those shouldn’t be indefinite, and when they expire the user should be notified.”

Another concern for the NYCLU is the length of time CityBridge may hold onto the information they gather. According to the company’s privacy policy, user data is deleted after 12 months of inactivity.

That’s fine for a tourist Googling directions to Central Park, but for New Yorkers who might use the kiosks or the WiFi on a daily, monthly or even yearly basis, the information could stay on file indefinitely, Hirose said.

“People shouldn’t have to agree to long-term storage in order to use the Internet,” she said.

LinkNYC, which rolled out in January with the installation of kiosks along Third Avenue in Gramercy, the East Village and the Upper East Side, is intended to grow into a citywide network, with as many as 10,000 kiosks set to replace antiquated telephone booths.

The NYCLU met with Mayor Bill de Blasio’s office before the launch of LinkNYC to discuss privacy, and the existing privacy policy is the best way to protect users, according to Natalie Grybauskas, a City Hall spokeswoman,

“New York City and CityBridge have created customer-first privacy protections to ensure our users’ personal information stays that way — personal. We believe our privacy policy is the best way to protect New Yorkers and LinkNYC users while they safely and securely enjoy free superfast Wi-Fi across the five boroughs. We will continue to work to ensure legitimate concerns are addressed.”