Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers

Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers

We propose a statutory safe harbor from the CFAA and DMCA §1201 for security research activities. Based on a responsible disclosure model in which a researcher and vendor engage in a carefully constructed communication process and vulnerability classification system, our solution would enable security researchers to have a greater degree of control over the vulnerability research publication timeline, allowing for publication regardless of whether or not the vendor in question has effectuated a patch. Any researcher would be guaranteed safety from legal consequences if they comply with the proposed safe harbor process.

Daniel Etcovitch and Thyla van der Merwe

Berkman Klein Center

October 20, 2017

I didn't find this helpful.This was helpful. Please let us know if you found this article helpful.
Loading...
By |2019-11-15T18:10:24-08:00January 1st, 2018|Intellectual Property, Reference, Reforms|