Block on Trump's Asylum Ban Upheld by Supreme Court
When the U.S. Ninth Circuit Court of Appeals handed down a decision this week saying that logging onto a computer network with someone else's credentials constituted criminal hacking under federal law, a wave of panic rippled through the Netflix and chill community. After all, some of us -- and we're not naming names -- are treating a friend's username and password like a free all you can eat buffet, and we don't want the feds kicking in the door in the middle of season three of "Orange Is the New Black."
So is the end of shared streaming access? Are you going to get locked up for logging into HBOGo on mom's account? Probably not, but there are reasons to be careful.
So what did the court actually say? The Ninth Circuit was interpreting the Computer Fraud and Abuse Act, which prohibits accessing a computer without authorization or exceeding authorized access. Having been written in 1986 -- back when Matthew Broderick movies were directing cybersecurity laws -- the CFAA doesn't precisely define every possible permutation of "unauthorized access." So it's been up to courts to sketch the boundaries of the law, and whether using your ex's username and password to stream "House of Cards" should be a federal crime.
And the court said yes, with some caveats. In the case before the court, a former employee used a current employee's login credentials to access his former employer's database. The Ninth Circuit ruled that this access, even though it was with the current employee's consent, was unauthorized:
[O]nce authorization to access a computer has been affirmatively revoked, the user cannot sidestep the statute by going through the back door and accessing the computer through a third party ... Unequivocal revocation of computer access closes both the front door and the back door.
This certainly looks bad for login sharers, even voluntarily ones. After all, those of us watching Netflix without a Netflix account are essentially coming in through the back door. But there are a couple reasons why law enforcement won't be kicking in your door for watching "Game of Thrones" on someone else's dime.
First, the case itself has more to do with economic espionage than "Arrested Development." It only registered on internet advocates' radars because of Judge Stephen Reinhardt's dissent, which argued that now anyone who shared a password could be construed as violating the CFAA.
Second, media companies like HBO, Netflix, and Hulu know that users regularly share account info. (Or they think users can watch "Steel Magnolias" in California and Colorado at the same time.) And, thus far, they haven't shown any impetus to drag these "hackers" into court. Perhaps this is the ruling they need to bring the cops into everyone's living room, but we're not betting on it.
*Crosses fingers; calls dad for the Comcast password again.*
Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.