It is now ILLEGAL to share your Netflix, Disney+, other passwords with friends and relatives

Photo by Rowan Heuvel on Unsplash

The UK government body overseeing intellectual property rights in the UK, the Intellectual Property Office (IPO), released new guidance on piracy and online counterfeit goods, a joint campaign with Meta, owner of Facebook.

The issue of piracy is generally about the use of illegal streaming boxes and apps and how these 1) expose children to inappropriate content and 2) risk putting sensitive personal information in the hands of criminals. UK legislation now also flags password sharing as piracy, as TorrentFreak pointed out. It is therefore illegal, and a potential crime, to share your Netflix and/or Disney+ login details with your friends and relatives.

A section of the new piracy guidance from the UK government’s Intellectual Property Office (IPO) (Source: GOV.UK)

TorrentFreak was told by the IPO: "There are a range of provisions in criminal and civil law which may be applicable in the case of password sharing where the intent is to allow a user to access copyright-protected works without payment.

These provisions may include breach of contractual terms, fraud or secondary copyright infringement depending on the circumstances."

Section 11 of the Fraud Act of 2006 in the UK considers it a fraud if someone uses "services of a members' club without paying and without being a member".

It is  not very likely that streaming services will to start dragging to court those who are sharing passwords, or "moochers" (individuals borrowing a subscriber's credentials). Still, the guidance could well serve as a deterrent for people who are sharing their subscription details with friends or relatives.

Risky business

Sharing one’s streaming service login details with others is risky business (security wise) for subscribers and usually yields negative results for the service provider.  These providers lose money as long as they let this password sharing go on. According to a survey from Beyond Identity, streaming service providers lose, on average, some $640 per 'moocher' annually. In some cases they could lose as much as $700 a year!

The cost of piracy, as estimated by Parks Associates, in US alone, was $9.1B in 2019. The amount is estimated to increase to $12.5B by 2024.

No wonder they are cracking down on password sharing!

In October, Netflix announced its intention to start doing just that soon. The company has already introduced features to members in certain Latin American countries where they can share their account details with others safely and legally: a new profile can be added to their account for an added cost. Netflix may well roll out this provision in other countries.

"[Streaming services] don’t necessarily want people to go elsewhere," Paul Erickson, the Research Director of Entertainment and Consumer Technology at Parks Associates, said in an interview. "We'll see them navigate that difficult middle ground where they’re not trying to give the service away, but they’re also not trying to drive people away either."

So be prepared!

It looks like it is going to be more difficult to share you password. Or, at the very least, you may have to pay for doing so. 

There is, off course, the risk of getting a criminal record...

Gone phishing...

Like me, you probably receive loads of 'dodgy' emails purporting to be from a genuine source.

How do you spot a scam, a 'phishing' email?

Phishing emails are designed to appear as real companies or individuals to defraud you by stealing your personal information or enticing you to download attachments that contain viruses or other malware.

How to spot a phishing email:

• Do you have an account with this company or know the individual?
• If so, are you expecting this email?
• Check the email sender address to see if it is legitimate.
• Be wary of attachments, especially if they are oddly named.
• Is the email generic?
• Are the grammar and spelling correct?
• When you hover on any links, it will show the URL. Is this URL linking to a site that you expect and trust?

If you believe that you have received a phishing email, please report the email (in the UK it is as simple as forwarding it to report@phishing.gov.uk), block the sender and delete the email if it has not been removed.

Many trusted companies, especially financial institutions, offer what is called "two factor authentication". 

This is a two-step process that provides an extra layer of security for you when accessing your account. When set up, you will be required to enter an additional password that will be sent to your mobile/cell phone to log into your account.

It is strongly recommended that you enable this two factor authentication, if offered, to ensure that your account can only be accessed by authorized persons, even if your information has been stolen.