Good-faith security researchers no longer have to worry about being prosecuted under the Computer Fraud and Abuse Act (CFAA), the US Justice Department said on Thursday. The federal agency released a new memo, which for the first time clarifies that the 1986 law shouldn’t be used to target white-hat hackers.
“The department has never been interested in prosecuting good-faith computer security research as a crime,” Deputy Attorney General Lisa O. Monaco said in a statement, “and today’s announcement promotes cybersecurity by providing clarity for good-faith security researchers who root out vulnerabilities for the common good.”
Read more…
Source: ZDNet