Jason Koebler, writing for Motherboard:
One of the nation’s most powerful appeals courts ruled Wednesday that sharing passwords can be a violation of the Computer Fraud and Abuse Act, a catch-all “hacking” law that has been widely used to prosecute behavior that bears no resemblance to hacking.
In this particular instance, the conviction of David Nosal, a former employee of Korn/Ferry International research firm, was upheld by the Ninth Circuit Court of Appeals, who said that Nosal’s use of a former coworker’s password to access one of the firm’s databases was an “unauthorized” use of a computer system under the CFAA.
The decision is a nightmare scenario for civil liberties groups, who say that such a broad interpretation of the CFAA means that millions of Americans are unwittingly violating federal law by sharing accounts on things like Netflix, HBO, Spotify, and Facebook. Stephen Reinhardt, the dissenting judge in the case, noted that the decision “threatens to criminalize all sorts of innocuous conduct engaged in daily by ordinary citizens.”
This is going to ruffle a lot of feathers.