United States v. Nosal, the case that ignited the controversy, did not specifically concern streaming sites. David Nosal was convicted under the Computer Fraud and Abuse Act (CFAA) for using a former coworker's credentials to access information from Nosal's former employer Korn/Ferry after he left to start a competing firm. The court ruled against Nosal, deciding that he knowingly entered "a protected computer...with intend to defraud." Nosal was ordered to pay $827,983.25 in restitution and will spend time in prison.
The confusion stemmed from Judge Reinhardt's dissent, in which he contrasted everyday password sharing behavior to Nosal's conduct. While the dissent expressed "the Computer Fraud and Abuse Act does not make the millions of people who engage in this ubiquitous, useful, and generally harmless conduct into unwitting federal criminals," some readers perceived the contrast as a comparison.
After speculation began swirling, Netflix cleared up the misunderstanding. According to the company, each account allows for five user profiles, meaning passwords at a minimum can be shared between those users. The real problem is selling passwords - according to a Netflix spokesperson, members may use passwords however they see fit as long as they aren't selling them.