Interesting People mailing list archives
Georgia Passes Anti-Infosec Legislation
From: "Dave Farber" <dave () farber net>
Date: Sat, 31 Mar 2018 11:06:40 +0000
---------- Forwarded message --------- From: Dewayne Hendricks <dewayne () warpspeed com> Date: Sat, Mar 31, 2018 at 8:05 PM Subject: [Dewayne-Net] Georgia Passes Anti-Infosec Legislation To: Multiple recipients of Dewayne-Net <dewayne-net () warpspeed com> [Note: This item comes from friend Geoff Goodfellow. DLH] Georgia Passes Anti-Infosec Legislation By DAVE MAASS Mar 30 2018 < https://www.eff.org/deeplinks/2018/03/georgia-passes-anti-infosec-legislation
Despite the full-throated objections of the cybersecurity community, the Georgia legislature has passed a bill that would open independent researchers who identify vulnerabilities in computer systems to prosecution and up to a year in jail. EFF calls upon Georgia Gov. Nathan Deal to veto S.B. 315 as soon as it lands on his desk. For months, advocates such as Electronic Frontiers Georgia, have descended on the state Capitol to oppose S.B. 315, which would create a new crime of “unauthorized access” to computer systems. While lawmakers did make a major concession by exempting terms of service violations under the measure—an exception we’ve been asking Congress for years to carve out of the federal Computer Fraud & Abuse Act (CFAA)—the bill stills fall short of ensuring that researchers aren’t targeted by overzealous prosecutors. This has too often been the case under CFAA. “Basically, if you’re looking for vulnerabilities in a non-destructive way, even if you’re ethically reporting them—especially if you’re ethically reporting them—suddenly you’re a criminal if this bill passes into law,” EF Georgia’s Scott Jones told us in February. Andy Green, a lecturer in information security and assurance at Kennesaw State University concurred. “I’m putting research on hold with college undergrad students because it may open them up to criminal penalties,” Green told the Parallax. “It’s definitely giving me pause right now.” Up until this week, Georgia has positioned itself as a hub for cybersecurity research, with well-regarded university departments developing future experts and the state investing $35 million to expand the state’s cybersecurity training complex. That is one reason it’s so unfortunate that lawmakers would pass a bill that would deliberately chill workers in the field. Cybersecurity firms—and other tech companies—considering relocations to Georgia will likely think twice about moving to a state that is so hostile and short-sighted when it comes to security research. [snip] Dewayne-Net RSS Feed: http://dewaynenet.wordpress.com/feed/ Twitter: https://twitter.com/wa8dzp ------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20180331070658:9F4045AC-34D3-11E8-8A20-AAFCECB3C214 Powered by Listbox: http://www.listbox.com
Current thread:
- Georgia Passes Anti-Infosec Legislation Dave Farber (Mar 31)