Still using your ex’s Netflix password to catch up on the latest season of “Orange Is the New Black” or “The Walking Dead”? No worries. Despite what you may have heard on the news or read online, federal agents are not going to show up at your door because you’re committing a federal crime by password sharing.
A recent appellate court ruling sent the internet into a tizzy earlier this week as people tried to make sense of what United States v. David Nosal means for people who share their passwords for streaming services like Netflix, HBO Go or Hulu.
The U.S. Ninth Circuit Court of Appeals did rule that password sharing is a crime under the Computer Fraud and Abuse Act (CFAA), which was passed in 1986, but the ruling has been widely misunderstood. Says Slate:
It’s true that the case hinged on the illegality of sharing a password (though not a Netflix password), and it’s true that—by a 2–1 majority—the court decided this particular instance of password sharing was a violation of the CFAA. But as is often the case when dealing with CFAA rulings, the implications of the decision are probably not as clear-cut (or as dramatic) as “all password sharing is illegal all the time.”
The court’s decision was about Nosal, a former employee of Korn Ferry International, using a former co-worker’s credentials to gather proprietary information from Korn Ferry that was useful to Nosal in starting a competing firm.
According to the Los Angeles Times, the court’s ruling affirmed that Nosal purposefully stole trade secrets by “accessing a protected computer ‘without authorization'” in violation of both the CFAA and the Economic Espionage Act.
The case — and the subsequent ruling — had nothing to do with video streaming sites. The confusion arose because in his dissenting argument, Circuit Judge Stephen Reinhardt said that, in theory, the ruling could be used to set a precedent in which anyone sharing a password could be in violation of the CFAA.
“This case is about password sharing,” Reinhardt wrote. He went on to say the ruling would “make the millions of people who engage in this ubiquitous, useful, and generally harmless conduct into unwitting federal criminals.”
Meanwhile, the majority opinion in the ruling states: “This appeal is not about password sharing.”
That’s about as clear as mud, right? It certainly makes the confusion on the whole password-sharing issue a lot easier to understand.
According to Slate, the court’s ruling offers no clarification on password sharing for sites like Netflix. Instead, it says, “All it clarifies is that if you resign from an executive search firm to start your own, competing executive search firm — and later ask your former executive assistant to provide her username and password so you can access proprietary information from your former employer — then that’s very probably illegal.”
Phew. Now you can sit back, relax and continue binge-watching.
What have you hear about the password sharing ruling? Do you share password? Share your comments below or on our Facebook page.