Surprise UK Government Announcement Says Sharing Netflix Passwords Is a Crime

The supply of a service like a broadband connection or a video streaming channel is governed by a contract, so when the customer of such a service shares access with someone outside of their household this will usually be a civil infraction, with the service provider needing to decide if they should threaten the customer with a lawsuit to discourage continued violation of the contract. However, the UK government’s Intellectual Property Office (IPO) recently surprised everyone by announcing that sharing a password for a service like Netflix should also be considered a crime that could be prosecuted by the state’s lawyers too.

Piracy is a major issue for the entertainment and creative industries. Pasting internet images into your social media, password sharing on streaming services and accessing the latest films, tv series or live sports events through kodi boxes, fire sticks or Apps without paying a subscription all break copyright law.

These comments illustrate the deplorable incompetence of some people employed to update the government’s website. They not only make terribly inaccurate statements about the law; they cannot even follow basic rules of grammar. Kodi is the proper name for a software program, hence capitalized, Fire Stick is the brand name of a product sold by Amazon, hence capitalized, whilst ‘apps’ is a common noun applied to software generally, so should not be capitalized. Using Kodi, Fire Stick or apps to obtain free services is not illegal; using them to fraudulently obtain services without paying is illegal. The distinction between these two scenarios should be clear enough but the UK’s government seems to lack the competence to reliably distinguish between the two. However, there was not much opportunity to correct the English or the legal understanding of the public servant who wrote these sentences because the advice was quickly removed the government’s website, although you can see an archived version of the page here.

To briefly explain the several reasons why the statement was legally inaccurate, the first and most obvious observation is that there are many exceptions to copyright law, as listed elsewhere on the UK government’s website. Then it is worth noting that legitimate businesses like YouTube, Pluto and Plex provide apps and television content which are meant to be watched free of charge. YouTube even has a section where they broadcast live sporting events for free. Kodi is legally available software that may be used to present video content from numerous sources offered free-of-charge by the rightsholders. A good example of the latter would be using Kodi to watch livestreams of the UK Parliament in action. The general point is that the rightsholder has the legal right to decide if a consumer needs to pay to watch their content, which is different to saying copyright has been violated every time someone watches something without paying.

The IPO’s factually inaccurate generalizations were inane for an organization that only exists to explain and encourage compliance with a narrow subset of the law. Nevertheless, it came as a shock that a government function signaled the possibility that state prosecutors could seek to punish anyone sharing a Netflix password instead of letting the rightsholders decide if they want to pursue redress through a civil action. An intense flurry of commentary doubtless led to the IPO deleting the quote given above, then rewording it. The same webpage now reads as follows; I have italicized changes from the original.

Piracy is a major issue for the entertainment and creative industries. Pasting internet images into your social media without permission, or accessing films, tv series or live sports events through Kodi boxes, hacked Fire Sticks or apps without paying a subscription is an infringement of copyright and you may be committing a crime.

The statement is still inaccurate, but at least somebody corrected the grammar as well as toning down the extent to which it misrepresents the law. Instead of dwelling on the IPO’s incompetence (or its desire to mislead) we should concentrate on the promise they make on behalf of the Crown Prosecution Service (CPS), the public prosecutions body in England and Wales. IPO has told the public that CPS will start seeking fines or prison sentences from Brits that share passwords for streaming services. Sharing a password can be a crime when it is also a form of fraud, as there is a law against fraudulently obtaining or providing access to copyrighted content. Signing a contract where you agree only to input your password into devices for your personal use, and then sharing that password so that other people input the same password into their devices would be a relevant example of how both the contract was infringed and a fraud was committed. So it is legally possible for the CPS to prosecute such a crime, but that does not mean this is the kind of fraud that should absorb the resources of law enforcement agencies.

A UK parliamentary committee recently complained that only 2 percent of UK police funding is dedicated to combatting fraud, leaving the justice system ‘ill-equipped’ to tackle the anticipated future rise in levels of fraud, which already represents 40 percent of all reported crime. Any regular reader of Commsrisk can think of many damaging frauds that receive no attention from the police or prosecutors. The IPO went out of their way to draw attention to one particular overlap between criminal law and civil law. But is it appropriate for the IPO to pressure other taxpayer-funded law enforcement agencies into pursuing the interests of a 30 billion dollar foreign corporation like Netflix?

The BBC claims to be an impartial provider of news but they use their enormous resources to lobby for their unique fundraising system despite it criminalizing a large section of the British population. There were consistently well over 100,000 prosecutions each year for television license fee evasion until the pandemic meant inspectors could no longer force their way into people’s homes. The majority of convictions are against women with low incomes. Such a large number of prosecutions also places a great burden on the legal system, so the process has been streamlined, resulting in a majority of court cases now being held in secret, sometimes without the knowledge of the accused. However, it is telling that even the BBC’s journalists can be circumspect about the advantages of using the resources of the state to police the sharing of video streaming passwords too. A recent BBC News article about the new IPO advice concluded with the following analysis.

One interesting part of the IPO’s response is the reference to criminal law – suggesting that people could theoretically face prosecution from the Crown Prosecution Service (CPS) for password sharing.

The CPS did not rule this out.

A spokesperson told the BBC: “Any decision to charge someone for sharing passwords for streaming services would be looked at on a case-by-case basis, with due consideration of the individual context and facts of each case.

“As with all cases, if they are referred to the CPS by an investigator for a charging decision, our duty is to bring prosecutions where there is sufficient evidence to do so and when a prosecution is required in the public interest.”

In other words, before the CPS could take action, there would first need to be a police investigation.

There is no evidence to suggest any police forces in the UK would open an investigation into someone for sharing their password to a streaming service.

If the police does not have the resources to investigate password sharing — and they really should focus their efforts on more serious crimes — then why is a branch of government trying to draw attention to the possibility of criminal prosecutions? Every aspect of this story, from the misleading use of language by the IPO, to the CPS refusing to rule out prosecutions, to the demand for increased police spending on tackling fraud, suggests that these public servants spend more time advertising their own selfish interests than talking to each other about a consistent and efficient approach to law enforcement.

There is no doubt about who should be prosecuted first, if the goal was to make an example of criminals who share Netflix passwords illegally. It is in the public interest to prosecute the people who can least excuse their criminality. In May 2022, Nadine Dorries MP, the former Secretary of State for Digital, Culture, Media and Sport, laughed openly as she told other parliamentarians that she shared her Netflix password with four other people outside of her household; you can see the video below. Where is the public interest in prosecuting many thousands of women who live in poverty for the crime of watching television without a BBC license, but in allowing the former minister who was responsible for overseeing the television industry to remain unpunished after she publicly boasted about breaking the law?

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.