That thing everyone does? It's now a federal crime. At least, that's the ruling issued by the U.S. Court of Appeals for the 9th Circuit, who said earlier this month that password sharing violates the Computer Fraud and Abuse Act (CFAA). Though, this didn't start as something focused on the kind of password sharing where you're 30 and using your parents' HBO Go password because you're too cheap to get your own account.
It started in 2004 when David Nosal, an employee at the recruiting firm Korn/Ferry, left the company. He stuck around as a contractor and was stealing information from the company using the log-in credentials of a former assistant who was still with the company. Nosal wanted to start his own company with his former company's data. He was also probably planning on not being caught.
Nosal was indicted by the government in 2008 and his appeals came to an end on July 6 of this year. He was charged with conspiracy, theft of trade secrets, and three counts of violating the CFAA.
In its ruling, the Court wrote, "The panel held that the defendant, a former employee whose computer access credentials were revoked, acted ‘without authorization’ in violation of the CFAA when he or his former employee co-conspirators used the login credentials of a current employee to gain access to computer data owned by the former employer and to circumvent the revocation of access."
Determining that Nosal violated the CFAA sets an interesting precedent, one that was not lost on 9th Circuit judge Stephen Reinhardt, who wrote in his dissent that a narrow view on password sharing is a dangerous path to tread.
"In my view, the Computer Fraud and Abuse Act (“CFAA”) does not make the millions of people who engage in this ubiquitous, useful, and generally harmless conduct into unwitting federal criminals," said Reinhardt. "Whatever other liability, criminal or civil, Nosal may have incurred in his improper attempt to compete with his former employer, he has not violated the CFAA."
Thousands of people watching Game of Thrones on someone else's account nodded in agreement.
Are you going to be tried for using a roommate's Netflix password months after they've moved out? Probably not. Both HBO CEO Richard Plepler and Netflix CEO Reed Hastings have said that they're fine with password sharing. Plepler, telling Buzzfeed that he's not concerned about it, said that he's "in the business of creating addicts." Though, that doesn't preclude the possibility that they become concerned about password sharing in the future.