by David Z. Morris
JULY 10, 2016, 11:28 AM EDT
Court upholds conviction of ex-employee who shared database access.
On July 5th , the U.S. Ninth Circuit Court of Appeals issued an opinion which found, in part, that sharing passwords is a crime prosecutable under the Computer Fraud and Abuse Act (CFAA). The decision, according to a dissenting opinion on the case, makes millions of people who share passwords for services like Netflix and HBOGo into “unwitting federal criminals.”
The decision came in the case of David Nosal, an employee at the executive search (or headhunter) firm Korn/Ferry International. Nosal left the firm in 2004 after being denied a promotion. Though he stayed on for a year as a contractor, he was simultaneously preparing to launch a competing search firm, along with several co-conspirators. Though all of their computer access was revoked, they continued to access a Korn/Ferry candidate database, known as Searcher, using the login credentials of Nosal’s former assistant, who was still with the firm.