Publication: Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers
Open/View Files
Date
2018
Published Version
Published Version
Journal Title
Journal ISSN
Volume Title
Publisher
Berkman Klein Center for Internet & Society
The Harvard community has made this article openly available. Please share how this access benefits you.
Citation
Etcovich, Daniel, and Thyla van der Merwe. 2018. Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers. Berkman Klein Center Research Publication No. 2018-4. Assembly Publication Series, Berkman Klein Center for Internet & Society, Harvard University.
Research Data
Abstract
In our paper, we propose a statutory safe harbor from the CFAA and DMCA §1201 for security research activities. Based on a responsible disclosure model in which a researcher and vendor engage in a carefully constructed communication process and vulnerability classification system, our solution would enable security researchers to have a greater degree of control over the vulnerability research publication timeline, allowing for publication regardless of whether or not the vendor in question has effectuated a patch. Any researcher would be guaranteed safety from legal consequences if they comply with the proposed safe harbor process.
Description
Other Available Sources
Keywords
Terms of Use
This article is made available under the terms and conditions applicable to Other Posted Material (LAA), as set forth at Terms of Service