http://www.foxnews.com/politics/2016/07/11/ruling-could-make-sharing-passwords-for-subscription-services-federal-crime.html
Ruling could make sharing passwords for subscription services a federal crime
A new federal court ruling could make sharing your passwords for subscription
services -- covering everything from Netflix to HBO GO -- a federal crime
punishable by prison time, according to a judge who opposed the decision.
The ruling, issued by the Ninth Circuit Court of Appeals last week, pertained
to a trade-secrets case and found that certain instances of sharing passwords
are prosecutable under the Computer Fraud and Abuse Act (CFAA) – legislation
predominantly concerned with hacking.
The case involved David Nosal, a headhunter who left his former company
Korn/Ferry and then used the password of an employee to access the company’s
database and use that information at his new firm. According to Fusion, the
defendant was convicted of hacking charges in 2013 and sentenced to one year
and one day in prison. The appeals court upheld the conviction by 2-1.
“This access falls squarely within the CFAA’s prohibition on access 'without
authorization,' and thus we affirm Nosal’s conviction for violations of ... the
CFAA,” Judge M. Margaret McKeown said in the opinion.
However, Judge Stephen Reinhardt, writing in his dissent, argued that the case
was not about hacking but password sharing. Consequently, he argued, the ruling
jeopardizes password sharing for the general public.
“[The ruling] loses sight of the anti-hacking purpose of the CFAA, and despite
our warning, threatens to criminalize all sorts of innocuous conduct engaged in
daily by ordinary citizens,” he wrote.
“The majority does not provide, nor do I see, a workable line which separates
the consensual password sharing in this case from the consensual password
sharing of millions of legitimate account holders, which may also be contrary
to the policies of system owners. There simply is no limiting principle in the
majority’s world of lawful and unlawful password sharing,” he argued.
If Reinhardt is right, it could make users of popular streaming sites like HBO
GO and Netflix who share their passwords in breach of the CPAA -- and open to
federal prosecution.
McKeown disagreed with Reinhardt’s interpretation, saying the conduct in the
case was very different from password sharing, and pointed to the specifics of
the case.
“Nosal and various amici spin hypotheticals about the dire consequences of
criminalizing password sharing. But these warnings miss the mark in this case,”
she wrote.
"Nosal is charged with conspiring with former Korn/Ferry employees whose user
accounts had been terminated, but who nonetheless accessed trade secrets in a
proprietary database through the back door when the front door had been firmly
closed," she said.
