SoylentNews

An Anonymous Coward writes:

https://clinic.cyber.harvard.edu/2020/10/30/cyberlaw-clinic-and-eff-publish-guide-to-legal-risks-of-security-research/ [harvard.edu]

We are excited to announce the release of A Researcher’s Guide to Some Legal Risks of Security Research (pdf), a report authored by Sunoo Park and Kendra Albert, and co-published by the Cyberlaw Clinic and the Electronic Frontier Foundation (EFF). Just last month, over 75 prominent security researchers signed a letter urging the Supreme Court not to interpret the Computer Fraud and Abuse Act (CFAA), the federal anti-hacking / computer crime statute, in a way that would criminalize swaths of valuable security research. The case in question, Van Buren v. United States, is still pending. Meanwhile, security researchers routinely face legal risks and receive legal threats, with documented chilling effects on their work.

This harms security research, which in turn harms the security of the technologies on which we all increasingly rely. Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions (DMCA §1201), electronic privacy law (ECPA), and cryptography export controls, as well as broader legal areas such as contract and trade secret law.

Original Submission