Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers
van der Merwe, ThylaNote: Order does not necessarily reflect citation order of authors.
MetadataShow full item record
CitationEtcovich, Daniel, and Thyla van der Merwe. 2018. Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers. Berkman Klein Center Research Publication No. 2018-4. Assembly Publication Series, Berkman Klein Center for Internet & Society, Harvard University.
AbstractIn our paper, we propose a statutory safe harbor from the CFAA and DMCA §1201 for security research activities. Based on a responsible disclosure model in which a researcher and vendor engage in a carefully constructed communication process and vulnerability classification system, our solution would enable security researchers to have a greater degree of control over the vulnerability research publication timeline, allowing for publication regardless of whether or not the vendor in question has effectuated a patch. Any researcher would be guaranteed safety from legal consequences if they comply with the proposed safe harbor process.
Citable link to this pagehttp://nrs.harvard.edu/urn-3:HUL.InstRepos:37135306