Unless you’re Ye himself, you’ve got little cause for concern.
Donald Trump and Kanye West met in the White House to discuss prison reform, crime in Chicago, and jobs. In the process, the musician who calls himself Ye also revealed his iPhone password to the world.
West told the reporters present Thursday that he’s complex: “I don’t answer questions in simple sound bites. You are tasting a fine wine. It has multiple notes to it.” Yet despite his declaration of sophistication, his password’s anything but. It’s 000000. And we know because West typed it into his phone while addressing the president.
Kanye just unlocked his iPhone before the TV cameras in the Oval Office. And his password is just 0 repeatedly pic.twitter.com/mOAbhRLr7s— Steve Kopack (@SteveKopack) October 11, 2018
This prompted a flurry of articles and tweets, including a somewhat alarmist warning from BuzzFeed News cybersecurity correspondent Kevin Collier. He noted in “what is the most wet blanket tweet” he’ll ever write that anyone “repeating Kanye’s password is potentially violating the [Computer Fraud and Abuse Act] and in theory could go to prison for up to a decade.”
In what is the most wet blanket tweet I will ever write, everyone incredulously repeating Kanye's password is potentially violating the CFAA and in theory could go to prison for up to a decade.— Kevin Collier (@kevincollier) October 11, 2018
The CFAA is a federal anti-hacking statute that attempts to stymie computer fraud. It’s controversial because it makes it illegal to intentionally access a computer without authorization or “in excess of” authorization yet does not define what “without authorization” actually means.
It is clear, though, that simply knowing or repeating Ye’s password, which he himself visibly let slip, without actually attempting to do anything with it does not count as a criminal act within the meaning of the statute and would not be a chargeable offense.
First, the law applies to “protected computers,” defined as devices that are “exclusively for the use of a financial institution or the United States Government,” ones that affect use by or for a financial institution or the government, or a device used in or affecting interstate or foreign commerce or communication.
It’s highly unlikely that any prosecutor, however creative they may be, would attempt to define Ye’s phone as a qualifying device or charge discussion of his password as a crime under the circumstances. Although the CFAA does protect against the transmission of code, it doesn’t apply to public transmission of personal iPhone passwords.
So rest assured, unless you’re Ye himself, you’ve got little cause for concern. Still, do take this opportunity to change your password if it’s 000000.