No, sharing passwords in Austria violates multiple legal frameworks, including the Cybercrime Act (Cybercrimegesetz) and Telecommunications Act (TKG), exposing parties to criminal liability under § 118a StGB for unauthorized access to data systems. The Austrian Data Protection Authority (DSB) enforces GDPR compliance, where password sharing risks unlawful data processing under Art. 5-6 GDPR, particularly if third parties access personal data without explicit consent. Recent 2026 amendments to the Austrian Network and Information Security Act (NISG) further criminalize negligent password disclosure, aligning with EU-wide cybersecurity directives.
Key Regulations for Sharing Passwords in Austria
- § 118a StGB (Cybercrime Act): Criminalizes unauthorized access to computer systems, including password sharing that enables third-party access. Penalties include fines up to €36,000 or imprisonment for up to 6 months.
- GDPR (Art. 5-6) & DSB Enforcement: Mandates strict purpose limitation and lawful basis for data processing. Password sharing without documented consent violates Art. 6(1)(f) (legitimate interest) and risks DSB fines up to €20M or 4% of global turnover.
- NISG 2026 Amendments: Imposes mandatory cybersecurity obligations on critical infrastructure entities, prohibiting password sharing that could compromise network integrity. Non-compliance triggers sanctions under § 20 NISG, including operational restrictions.