Portugal updates cybercrime law to exempt security researchers \ stacker news ~Politics_And

pull down to refresh

Portugal updates cybercrime law to exempt security researchers www.bleepingcomputer.com/news/security/portugal-updates-cybercrime-law-to-exempt-security-researchers/

67 sats \ 2 comments \ @0xbitcoiner 7 Dec Politics_And_Law

Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.

First spotted by Daniel Cuthbert, a new provision in Article 8.o-A, titled "Acts not punishable due to public interest in cybersecurity," provides a legal exemption for actions that previously were classified as illegal system access or illegal data interception.

The exemption only applies when security researchers act for the purpose of identifying vulnerabilities and contributing to cybersecurity. The key conditions that must be met to beee safe from criminal liability are:

...read more at bleepingcomputer.com

~security ~devs

view all related items

0 sats \ 0 replies \ @winteryeti 7 Dec

That actually makes a lot of sense. I was considering ITSEC for a long time but decided not to go there because of the inherent risk of being blamed, arrested, accused of hacking when literally being hired to do a legit pentest job for someone else. Even with overt contracting and so on, the way laws are written right now, you still have a lot of grey areas for pen testers who are working as white hats and are authorized to do their job with the target.

0 sats \ 0 replies \ @nitter 7 Dec

https://twiiit.com/dcuthbert/status/1996864068066725976