Related Posts

The Vulnerabilities Equities Process: Is Congress Getting Ready to Provide Transparency and Regulation?

The Vulnerabilities Equities Process has been subject to policy debates over the last few years, but this fall Congress may act on the topic for the first time. Despite making incredibly important decisions, the VEP has generally been ignored by Congress, but two new legislative proposals would provide oversight, and in one case, light reforms.

Read More

“The Cyber” Part IV: Are There Appropriate Ethical Limits on Hacking?

How far is too far? We’ve been asking this question over and over again at CDT while conducting interviews of security researchers and in drafting CDT’s new white paper that surveys “hard questions” in the world of computer security research. Through these conversations, we are developing a basic set of ethical spectra – essentially, axes along which security research activities become more or less ethically questionable. In this white paper, we note a few possible options for better mapping the ethical landscape of the security research world.

Read More

“The Cyber:”  Everything You Need to Know About Computer Security Research and More

Of all of this attention to cybersecurity issues, however, too little is being paid to arguably the most important constellation in the cyber universe: the thousands of researchers who toil, often in obscurity, to identify and mitigate cybersecurity vulnerabilities. And yet, this research is more important than many of us not in this world can appreciate. We’ve released a comprehensive white paper that we hope will help frame these conversations going forward. Our paper, titled “The Cyber: Hard Questions in the World of Computer Security Research,” takes a deep dive into four areas of focus.

Read More

Test Driving Privacy and Cybersecurity: Regulation of Smart Cars

Getting privacy, security, and safety policies right for smart cars is crucial and there should be more public cooperation among federal regulators. NHTSA has the subject-matter expertise, while the FTC and FCC have different technical and enforcement capabilities in the realm on privacy and data security. Drivers will benefit by having all three agencies working together and on the same page.

Read More

Improving Section 1201

The Copyright Office has initiated a policy study focused on Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits the circumvention of technological protection measures (TPMs). CDT commented in the initial phase of this study, and recently commented again in response to the Office’s request for additional comments. The Copyright Office is right to take a hard look at Section 1201, which very much needs updating to protect security researchers

Read More