Skip to content

menu

Reed Smith LLP logo
HomeAboutOur ServicesSubscribeTopicsContact
Search
Close

Technology Law Dispatch

Problems With Passwords, Part I: What Tennessee Did and Did Not Address

By Paul Bond on 7 June 2011
Print:
Email this postLike this postShare this post on LinkedIn

This post was also written by Chris Cwalina.

The theft of services has always been illegal in Tennessee. However, consumers in Tennessee, like those across the country, routinely share their passwords to online subscription-based services like Netflix, Rhapsody, Pandora, and Hulu. The Tennessee General Assembly has addressed this issue by amending the State’s theft of services statute. The newly-revised statute makes it a criminal act to help anyone obtain a service to which he or she is not entitled, including “entertainment subscription service[s]”. The revision has been signed by the Governor, and is immediately effective. See a copy of the enacted law (attached) as well as Legislative commentary.

While the measure was widely reported as making it illegal to share passwords to online services, in fact the word “password” is not used in the revision. Tennessee’s measure is neutral as to the technology used. Whether access to the online entertainment service is based on passwords or tokens or biometric data, now or in the future, paying customers cannot legally share their path to access with non-subscriber friends and family.

The Tennessee measure addresses only the tip of the iceberg when it comes to password sharing (hereafter, a term meant to include all sharing of methods of access online). A person stealing Netflix Instant access is no different from a cable thief, or a thief of physical goods. That much should be uncontroversial. The real, unanswered question is to what extent customers should be allowed to share passwords with third parties for purposes, not of theft, but of agency. More and more, consumers are entrusting third parties with the account numbers and passwords issued to them by their banks, credit card companies, retirement plans, and other holders of consumer accounts and lines of credit. This password-sharing may be for purposes of storing all passwords in one central location (like LastPass), or for purposes of having an agent retrieve financial information from multiple accounts to compile one snapshot for the consumer (like Mint.com or CashEdge), or even to have an agent arrange for automated bill payment. Consumers provide their account passwords to these third parties, who generally have not been vetted or approved by the companies issuing the password and holding the consumer account. The Tennessee statute does not address this circumstance. The next part of our Problems with Passwords series will deal with the privacy and competitive intelligence risks posed by the widespread (and growing) consumer practice of password sharing with third parties for purposes of agency.

Posted in Privacy & Data Protection
Tags: account aggregators, automation, competitive intelligence, Data Security, information security, passwords, Privacy & Management
Related Posts
European Data Protection Board guidance on safeguarding personal data in AI technologies
May 1, 2025
Direct marketing ad profiling: Recent fines
April 14, 2025
Eleventh Circuit vacates FCC one-to-one consent rule
January 29, 2025

Subscribe to Technology Law Dispatch

Updates direct to your inbox
Subscribe by Email

Technology Law Dispatch

View Our Network of Blogs
Published by
Reed Smith LLP logo
RSS Facebook LinkedIn YouTube
Privacy Policy |Disclaimer

About Our Firm

At Reed Smith, everything we do is to apply our global experience in law to drive progress for our clients, for ourselves and for our communities. We are focused on outcomes, are highly collaborative and have deep industry insight. When combined with our local market knowledge and innovative mindset, this allows us to anticipate and address the needs of our clients and help them achieve their goals.

Our team of 3,000 people (including more than 1,700 lawyers) operate across 31 offices in the United States, Europe, the Middle East and Asia.

Read More...

Topics

Archives

Copyright © 2025, Reed Smith LLP. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo