Security Operations, Government Regulations, Bug Bounties, Penetration Testing, Vulnerability Management

Portugal updates cybercrime law to protect ethical hackers

According to HackRead, Portugal has enacted a significant update to its cybercrime law, establishing a "safe harbor" for cybersecurity researchers and ethical hackers. This amendment, published on December 4, aims to protect individuals who identify and report vulnerabilities from potential prosecution.

The new law, Article 8-A, carves out exceptions for actions that might otherwise be deemed illegal, such as unauthorized system access, provided the researcher acts solely in the public interest of cybersecurity. Strict conditions apply: researchers must not intend to profit beyond professional compensation, cause harm, or employ aggressive tactics like DoS attacks, phishing, or malware. Findings must be promptly reported to system owners, regulators, and the National Cybersecurity Centre (CNCS), with collected data deleted within 10 days of a fix.

Portugal's move aligns with a growing international trend to foster ethical hacking as a vital component of digital resilience. This legislative shift acknowledges the public interest in cybersecurity and aims to avoid stifling legitimate security research, a sentiment echoed by similar discussions in the UK regarding updates to its Computer Misuse Act.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds