Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers
View/
Author
van der Merwe, Thyla
Note: Order does not necessarily reflect citation order of authors.
Published Version
https://cyber.harvard.edu/node/100181Metadata
Show full item recordCitation
Etcovich, Daniel, and Thyla van der Merwe. 2018. Coming in from the Cold: A Safe Harbor from the CFAA and the DMCA §1201 for Security Researchers. Berkman Klein Center Research Publication No. 2018-4. Assembly Publication Series, Berkman Klein Center for Internet & Society, Harvard University.Abstract
In our paper, we propose a statutory safe harbor from the CFAA and DMCA §1201 for security research activities. Based on a responsible disclosure model in which a researcher and vendor engage in a carefully constructed communication process and vulnerability classification system, our solution would enable security researchers to have a greater degree of control over the vulnerability research publication timeline, allowing for publication regardless of whether or not the vendor in question has effectuated a patch. Any researcher would be guaranteed safety from legal consequences if they comply with the proposed safe harbor process.Other Sources
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3055814Terms of Use
This article is made available under the terms and conditions applicable to Other Posted Material, as set forth at http://nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of-use#LAACitable link to this page
http://nrs.harvard.edu/urn-3:HUL.InstRepos:37135306
Collections
Contact administrator regarding this item (to report mistakes or request changes)