By: Francis Cullo Over the summer, the Ninth Circuit handed down an opinion in United States v. Nosal that generated several fear-mongering headlines. At first blush, the Ninth Circuit seemed to outlaw a common digital practice—password sharing. But are you really committing a federal crime if you use someone else’s password when you Netflix and chill? The short answer is no. So what produced this flurry of headlines? The Ninth Circuit wrestles with password sharing. In United States v. Nosal the Ninth Circuit issued an opinion finding that an employee acted “without authorization” when he requested and used a former co-worker’s login despite having that co-worker’s permission. David Nosal was charged under the federal Computer Fraud and Abuse Act (CFAA). The CFAA is an anti-hacking statute. It creates a private right to action, allowing both private individuals and businesses to sue and recover damages when someone “intentionally accesses a computer without authorization or exceeds authorized access.” In 2004, Nosal was a big-wig in Silicon Valley when he left his employer to start a rival executive recruiting company. Two other employees from his former employer joined him a year later at his new firm. After joining Nosal’s new company these employees [read more]