The growing problem of unauthorised login sharing
Many companies operate using a paid-content subscription-based model. This particular sector relies on the proper use of their content in line with their terms and conditions.
Unauthorised sharing of logins has, and continues to, significantly impact these businesses, especially for organisations who rely purely on their subscribers for revenue. To protect their intellectual property (IP), other’s IP (which may simply have been sub-licensed for use), system integrity (given the risks involved in sharing of credentials) and revenue streams, we’re seeing businesses actively monitor how their platforms are being accessed (for example, from specific addresses) and their content is being used (for example, content copied or screenshots taken).
We’re also increasingly seeing further action being taken to prevent and address unauthorised use. Common actions include increased education and communications around account sharing, increased login security, address monitoring and blocking measures, writing to users suspected of account sharing, and the termination of accounts.
It's important for users to realise that such actions are legitimate and justifiable.
Rights to content
Most subscription-based companies will own the copyright in its website content and have exclusive rights to control who copies, publishes, and publicly displays its content.
When signing up, subscribers must agree to the relevant company’s terms and conditions, which will generally include restrictions on sharing login details.
These terms and conditions form a legally binding agreement between the service provider and the subscriber, and may be enforced through legal channels should infringement occur.
Liability of subscribers who share login information or content without authorisation
Subscribers who share login details, or who share website content without written authorisation, risk breaking the service provider’s terms and conditions and infringing copyright. Although “account sharing” or “password sharing” are the descriptions most often used, some service providers are fairly reframing this as “access without subscription”.
By providing third parties with access to infringing content, subscribers may also put these third parties at risk of secondary copyright infringement. Those third parties are effectively being allowed to access the service for free.
In addition, those who request login information or content from a subscriber may face liability for inducing breach of contract.
We are seeing more and more service providers take steps when subscribers breach their terms and conditions or infringe their intellectual property rights. Examples of these steps include issuing “cease and desist” letters, terminating accounts, and ultimately even initiating infringement proceedings in the New Zealand Courts, often at very short notice.
Tips to help ensure compliance
- We encourage you to carefully read the terms and conditions, which set out exactly what subscribers can and cannot do with the content. Usage rights differ between service providers, so do not assume what you can do on one platform will be permitted on another.
- Refrain from sharing login details with others. Instead, you can let others know that they can register for their own account.
- Do not be tempted to send content to others. Instead, provide third parties with the headline and a link to the content, which they can then register to gain access to.
- If you have already shared your login details, you should immediately change these to minimise any liability by you and the person you have shared your login details with.
- If you are unsure whether your use is legally compliant, we encourage you to seek legal advice.
If you'd like to discuss any of the above, get in touch with our litigation and commercial experts.
