Hacking the Law- Are Bug Bounties a True Safe Harbor? - USENIX Enigma Conference - 2018
USENIX Enigma Conference via YouTube
Overview
Syllabus
Intro
DJI launches bug bounty program for its software and drones
Who dictates the rules?
Hackers Might be forced into Contractual Breach and Civil and Criminal Liability by the Terms
Hackers care about their legal risk
Eliminate paradoxical terms Researchers should be exempted from general EULA language concerning hacking and employment of security techniques for the purpose of participating in bug bounties
Increase the salience of legal terms Make sure that platforms and companies understand legal incentives matter not less than monetary rewards
Make the Exception of Safe Harbor the Standard
Specific authorization (with clear scope) for the purpose of the CFAA and the DMCA in light of DOJ framework DOJ Framework suggest for example this language: 1. The organization will not to pursue civil action for accidental, good faith
Taught by
USENIX Enigma Conference