Vulnerability disclosure policies (VDP) allow for good Samaritans to disclose software bugs to the company. However, a poorly drafted VDP can expose the company to liability and bad press. This session explains what a VDP is, why they are needed, and what lawyers should look out for when drafting VDP.
As cyber security becomes ever more prominent, attorneys need to maintain their understanding of the legal issues related to technology. This panel will give you an overview into the complexities of the Computer Fraud and Abuse Act and how the language in the statute around what actions constitute “hacking” has given rise to significant ambiguity and how a well drafted vulnerability disclosure policy can help address this concern for technology companies and white hat hackers.