• Login
View Item 
  • DASH Home
  • Harvard Central Administration and University Research Centers
  • Berkman Klein Center for Internet & Society Scholarly Articles
  • View Item
  • DASH Home
  • Harvard Central Administration and University Research Centers
  • Berkman Klein Center for Internet & Society Scholarly Articles
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Browse

All of DASH
  • Communities & Collections
  • By Issue Date
  • Author
  • Title
  • Keyword
  • FAS Department
This Collection
  • By Issue Date
  • Author
  • Title
  • Keyword

Submitters

  • Login
  • Quick submit
  • Waiver Generator

About

  • About DASH
  • DASH Stories
  • DASH FAQs
  • Accessibility
  • COVID-related Research
  • Terms of Use
  • Privacy Policy

Statistics

  • By Schools
  • By Collections
  • By Departments
  • By Items
  • By Country
  • By Authors

Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers

 
Thumbnail
View/Open
ComingOutoftheCold_FINAL.pdf (696.7Kb)
Author
Etcovitch, DanielHARVARD
van der Merwe, Thyla
Note: Order does not necessarily reflect citation order of authors.
Published Version
https://cyber.harvard.edu/node/100181
Metadata
Show full item record
Citation
Etcovich, Daniel, and Thyla van der Merwe. 2018. Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers. Berkman Klein Center Research Publication No. 2018-4. Assembly Publication Series, Berkman Klein Center for Internet & Society, Harvard University.
Abstract
In our paper, we propose a statutory safe harbor from the CFAA and DMCA §1201 for security research activities. Based on a responsible disclosure model in which a researcher and vendor engage in a carefully constructed communication process and vulnerability classification system, our solution would enable security researchers to have a greater degree of control over the vulnerability research publication timeline, allowing for publication regardless of whether or not the vendor in question has effectuated a patch. Any researcher would be guaranteed safety from legal consequences if they comply with the proposed safe harbor process.
Other Sources
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3055814
Terms of Use
This article is made available under the terms and conditions applicable to Other Posted Material, as set forth at http://nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of-use#LAA
Citable link to this page
http://nrs.harvard.edu/urn-3:HUL.InstRepos:37135306

Collections
  • Berkman Klein Center for Internet & Society Scholarly Articles [96]

Contact administrator regarding this item (to report mistakes or request changes)

Follow us on TwitterFollow us on FacebookFollow us on Google+

e: osc@harvard.edu

t: +1 (617) 495 4089

f: +1 (617) 495 0370

© 2018 President and Fellows of Harvard College
  • DASH
  • ETDs@Harvard
  • Copyright First Responders
  • HOPE
  • Contact
  • Harvard Library
  • Harvard University