Improperly Sharing Website Login Info Could Be Federal Crime

Sharing or borrowing login credentials to a paid website or online account in a way that is prohibited by the site’s Terms of Service could get you into trouble for violating the Computer Fraud and Abuse Act.

This is what is alleged in the case KWG Partners, LLC v. Jeremy Sigel, JNS Reality, John Does 1-13 that was filed on June 16, 2011. KWG Partners operated a paid website that provided a niche service to management of city buildings. Customers who paid the fee to use the service were assigned usernames and passwords to access the site. The site’s Terms of Service that had to be accepted to use the site prohibited the customers for using the service for anything other than their own business. That is, the TOS prohibited sharing the login credentials.

KWG Partners discovered that Jeremy Sigel’s was being accessed with his username and password from 13 unique IP addresses located in many different places. This indicated that he was sharing his login credentials with others. KWG Partners sued Sigel and several others for, among other things, violation of the Computer Fraud and Abuse Act.

The court hash denied a request for pre-answer, ex parte discovery (ORDER) because there were no exigent circumstances to justify the request. It has not, however, ruled on the substantive merits of the Computer Fraud and Abuse Act claim though this seems to be a pretty clear violation of the CFAA.

LESSON: When it comes to paid websites with Terms of Service that prohibit sharing of login credentials, do not share yours with others and do not borrow others from them.