Our website is made possible by displaying online advertisements to our visitors.

Please consider supporting us by disabling your ad blocker.
Sign in to follow this  
Followers 0
rbear

Password Sharing Is a Federal Crime, Appeals Court Rules

3 posts in this topic

They just federally criminalized millions...

---
 

One of the nation’s most powerful appeals courts ruled Wednesday that sharing passwords can be a violation of the Computer Fraud and Abuse Act, a catch-all “hacking” law that has been widely used to prosecute behavior that bears no resemblance to hacking.

In this particular instance, the conviction of David Nosal, a former employee of Korn/Ferry International research firm, was upheld by the Ninth Circuit Court of Appeals, who said that Nosal’s use of a former coworker’s password to access one of the firm’s databases was an “unauthorized” use of a computer system under the CFAA.

The decision is a nightmare scenario for civil liberties groups, who say that such a broad interpretation of the CFAA means that millions of Americans are unwittingly violating federal law by sharing accounts on things like Netflix, HBO, Spotify, and Facebook. Stephen Reinhardt, the dissenting judge in the case, noted that the decision “threatens to criminalize all sorts of innocuous conduct engaged in daily by ordinary citizens.”

In the majority opinion, Judge Margaret McKeown wrote that “Nosal and various amici spin hypotheticals about the dire consequences of criminalizing password sharing. But these warnings miss the mark in this case. This appeal is not about password sharing.” She then went on to describe a thoroughly run-of-the-mill password sharing scenario—her argument focuses on the idea that Nosal wasn’t authorized by the company to access the database anymore, so he got a password from a friend—that happens millions of times daily in the United States, leaving little doubt about the thrust of the case.

The argument McKeown made is that the employee who shared the password with Nosal “had no authority from Korn/Ferry to provide her password to former employees.”

At issue is language in the CFAA that makes it illegal to access a computer system “without authorization.” McKeown said that “without authorization” is “an unambiguous, non-technical term that, given its plain and ordinary meaning, means accessing a protected computer without permission.” The question that legal scholars, groups such as the Electronic Frontier Foundation, and dissenting judge Stephen Reinhardt ask is an important one: Authorization from who?

Reinhardt argues that Nosal’s use of the database was unauthorized by the firm, but was authorized by the former employee who shared it with him. For you and me, this case means that unless Netflix specifically authorizes you to share your password with your friend, you’re breaking federal law. cont vice

Share this post


Link to post
Share on other sites

A password is there to protect you and your cyber identity.  If you share a password you defeat the object of having one.  I think people who share passwords should in addition be tried for stupidity as well.

Share this post


Link to post
Share on other sites
6 hours ago, FalkeAuge said:

A password is there to protect you and your cyber identity.  If you share a password you defeat the object of having one.  I think people who share passwords should in addition be tried for stupidity as well.

Not exactly, some have a password just to be able to "login" from those that don't. There are alot of shared passwords, because maybe the objective is just a better connection, not simply trying to hide something or block something. Also sites like bugmenot/others are helpful sometimes because some things are behind a wall and are not able to be loaded without a pw. Ever had to sign up just to read a news article? Often times you do so, and then it doesn't even work, so bugmenot/etc is helpful. Now to make all the users felons, that is just insane. We all know government accountability is not much, but what if since computers have passwords on them, then anyone ever gets into it w/o asking (hacters/gov/etc), and they were all held accountable? Notice how they do things, then later say "its bad, you can't do it, only we can?". What happened to equal protection or even following the law anyways? 

Share this post


Link to post
Share on other sites
Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   You have pasted content with formatting.   Restore formatting

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

Sign in to follow this  
Followers 0

Our website is made possible by displaying online advertisements to our visitors.

Please consider supporting us by disabling your ad blocker.