We’re from the government and we’re here to help... No, really.

No ratings

Presented at InfoSecSouthWest 2016 by

Leonard Bailey

There is an undeniable intersection between computer security researchers' efforts to identify and disclose security vulnerabilities and federal law enforcement's efforts to counter emerging cyber threats and prevent cybercrime. Both engage in activities intended to eliminate cyber threats and to help secure information systems and the personal, financial, and otherwise sensitive data stored on those systems. But for some researchers, there is an abiding concern that the intersection between their work and federal law enforcement's will become a collision that may subject them to investigation or prosecution. This talk will delve into how federal law enforcement uses Computer Fraud and Abuse Act (CFAA), provide some suggestions to computer security researchers intended to make encounters with law enforcement less likely, and discuss how some recently enacted laws -- and proposed amendments to existing laws -- benefit research. Its goal is to encourage and promote legitimate computer security research.