Sharing your password for subscription services like Netflix and HBO GO may possibly become a federal crime under a new court ruling. The ruling is induced by a trade-secrets case in which the defendant was convicted for violating the Computer Fraud and Abuse Act. In 2013, former Korn/Ferry headhunter David Nosal was sentenced to jail for accessing the company’s database by using the password of an employee, and for utilising that piece of information at his new firm. The appeals court backed the conviction by 2-1.
According to Judge Stephen Reinhardt, however, Nosal’s case was actually not about hacking but rather, password sharing. As a result, the ruling can probably jeopardize the general public’s practice of password sharing. To put it simply, one can get prosecuted for sharing his or her Netflix password with others. As Reinhardt expressed in his dissent:
[The ruling] loses sight of the anti-hacking purpose of the CFAA, and despite our warning, threatens to criminalize all sorts of innocuous conduct engaged in daily by ordinary citizens … The majority does not provide, nor do I see, a workable line which separates the consensual password sharing in this case from the consensual password sharing of millions of legitimate account holders, which may also be contrary to the policies of system owners. There simply is no limiting principle in the majority’s world of lawful and unlawful password sharing.
In response to Reinhardt’s argument, Judge M. Margaret McKeown pointed out that the ruling is not all about criminalizing password sharing. “Nosal is charged with conspiring with former Korn/Ferry employees whose user accounts had been terminated, but who nonetheless accessed trade secrets in a proprietary database through the back door when the front door had been firmly closed,” explained McKeown.
Head over here to read the full ruling if you are curious about the case.