How will consumers afford Netflix, Hulu, Amazon Prime, Apple TV+, Disney+, HBO Max, Peacock and on and on? To many industry analysts, the answer is simple: They won’t. Consumers will be selective in deciding which digital services are worthy of their money. Hence, the so-called streaming wars.

But there’s another way to look at the issue. Thanks to rampant free-riding, one account doesn’t mean one viewer. Passwords will be shared, and platforms will be hacked. Under this framework, the streamers aren’t battling with one another. They’ll be teaming up against the grifters to fight Piracy 2.0.

On Oct. 30, just a day after WarnerMedia’s John Stankey previewed HBO Max at a glitzy event, the Alliance for Creativity and Entertainment announced a working group to reduce unauthorized access to content, specifically mentioning “improper password sharing” as a top concern. ACE is basically an antipiracy spinoff of the MPAA. Like the industry lobbying group, it includes big studios (Warner Bros., Disney, Netflix, Sony, Paramount), and smaller ones (AMC, Lionsgate, MGM) along with Amazon. Perhaps most notably, as of October, ACE now includes ISPs Comcast and Charter in yet a further sign of realignment and shifting priorities in the piracy wars.

“We are very pleased that ACE and its coalition of members have committed through this initiative to take on unauthorized password sharing and other content security practices,” says Charter CEO Tom Rutledge.

For much of this century, the content industry’s antipiracy focus has been on file-sharing. First it was Napster and its progeny, then ISPs willfully blinding themselves to copyright infringement. Shorthanded as Hollywood versus Silicon Valley, the digital disrupters wanted to hook users and pushed for compelling new services — old content business models be damned. Then came mergers like Comcast-NBCUniversal and AT&T-Time Warner, plus organic hybrids like Netflix. Vertical integration of production and distribution may be contributing to a need to reassess threats to the business.

Now, streaming hubs are growing while fears of illegal downloads fade. This evolution is sparking a shift in thinking.

Take password sharing. Five years ago, HBO’s then-CEO Richard Plepler said it had “no impact on the business” and is, in many ways, a “terrific marketing vehicle for the next generation of viewers.” Three years ago, Netflix CEO Reed Hastings commented, “Password sharing is something you have to learn to live with.”

Upon its launch in 2017, ACE brought a wave of lawsuits against services like TickBox and Dragon Media, which sold devices preloaded with customized open-source software that enabled viewing of pirated content. (“Get rid of your Premium Channels,” is how Dragon advertised its product. “Stop paying for Netflix and Hulu.”) Now it appears the industry is set to go even further by addressing free riders. The economics of streaming nearly demand it. Platforms are spending billions of dollars annually on both original content and rights to old shows. To become profitable, media companies will need to grow paid subscribers rapidly. AT&T boldly predicted 50 million subs for HBO Max by 2024. As part of that push, it may prove irresistible to target the more than one-fifth of young adults who, according to a Reuters/Ipsos poll, say they borrow passwords from people who do not live with them.

For now, insiders caution that there are no plans to make moves against individuals who share passwords with family and friends. Instead, ACE will work on “best practices,” like, say, technological measures limiting the number of devices that can simultaneously stream via a single account.

That said, there are sure to be uncomfortable discussions ahead. If sharing a password with a friend is not actionable, what about a college dorm sharing a Disney+ account to watch Star Wars? And as pirates become more sophisticated in evading limitations on what any singular streaming account can provide, what will be the legal response?

The industry may press claims in court like violation of the Computer Fraud and Abuse Act, which was enacted in 1986 partly in response to some paranoia following the release of the Matthew Broderick thriller WarGames. The statute, which punishes those who knowingly access a computer without authorization or those who exceed authorized access, hasn't directly been tested with respect to illicit access of streaming platforms. In fact, as seen by what judges wrote in United States of America v. David Nosal — a 2016 decision by the Ninth Circuit Court of Appeals — there's some sensitivity around making federal criminals of the millions of people who engage in password-sharing, even theoretically.

Then, there's the Digital Millennium Copyright Act’s anti-circumvention provision. The entertainment industry is more accustomed to this 1998 statute as it once was an important legal weapon against those breaking encryption on DVDs. Still, like the CFAA, it's applicability to streaming platforms remains fairly untested. But some Hollywood legal insiders are clearly expecting its significance to grow. For example, on Oct. 31 in a court case that challenges the DMCA’s anti-hacking rules on First Amendment grounds (Green v. U.S. Department of Justice), industry groups filed a brief stressing how there “would not be a viable business model” for subscription-based movie and TV digital hubs “without legal protection for access controls.”

The streamers are aware that even the scent of the criminalization of password-sharing has in the past caused a freak-out among consumers. For that reason, most are being extra careful about what they say publicly on this topic. When asked by The Hollywood Reporter, neither Netflix nor HBO would comment on whether their positions on password sharing have evolved. But it looks like ACE and the beginning of court activity on the Piracy 2.0 front might be doing the talking for them.