Tag Archive for: legal
HackerOne encourages customers to adopt standard policy to protect hackers from legal problems
‘Short, broad, easily-understood safe harbor statement’ offered
HackerOne has revamped its policy guidelines to offer better protection from legal problems for ethical hackers acting in good faith.
The Gold Standard Safe Harbor (GSSH) that customers who run bug bounty programs through HackerOne are asked to agree offers a “short, broad, easily-understood safe harbor statement that’s simple for customers to adopt”.
Both vulnerability disclosure programs and bug bounty programs routinely include safe harbor agreements that explain the legal protections that hackers can expect. These agreements can vary, but by asking its customers to agree to a standard policy, HackerOne is aiming to reduce the bureaucratic overhead for ethical hackers.
‘Reduces the burden’
“While many programs already include safe harbor in their policies, the GSSH is a short, broad, easily-understood safe harbor statement that’s simple for customers to adopt,” according to the crowdsourced security platform. “This standardization also reduces the burden on hackers for parsing numerous different program statements.”
Gold Standard Safe Harbor launched on Wednesday, November 16. Organizations committing to the GSSH will replace their existing safe harbor statement with the GSSH on their program page, which will be marked with a digital badge. Hackers will be able to filter searches for programs based on participation in the GSSH scheme.
KAYAK, GitLab Inc, and Yahoo are among the first customers to opt for the GSSH’s standardized language. The GSSH is available for adoption by HackerOne customers worldwide even though its language most closely aligns with recent US government cybersecurity policy updates, The Daily Swig understands.
Catch up with the latest bug bounty news and analysis
Preliminary findings from HackerOne’s upcoming Hacker Report appear to vindicate efforts to strengthen legal safeguards for hackers.
The report will reveal that more than half of hackers have not reported a vulnerability they have discovered, with 12% ascribing their decision not to disclose to threatening legal language being used by the organization whose code contained the…
Legal Tech Newsletter | Dentons
We tell you about the latest developments and what’s next in telecommunications, cybersecurity, personal data, fintech, and intellectual property.
01 – 15 March 2022
Telecoms
New Subtel’s team. On March 11, the new Undersecretary of Telecommunications, Claudio Araya San Martín, took office, accompanied by his advisory and executive team. The cabinet team is composed of Manuel Luna (chief of staff) and advisors Adolfo Oliva and Felipe Pavez. The executive team is composed of Marco Silva Sandoval (head of the Legal Division), Virginia Reginato (head of the Regulatory Policy and Studies Division), Marcelo Rutte (head of the Telecommunications Development Fund (FDT) Management Division), Raúl Domínguez (head of the Fiscalization Division), Jacob Sandoval (head of the Administration and Finance Division) and Francisco Miranda (deputy head of the Concessions Division). Undersecretary Araya and his team will be responsible for completing the deployment of the 5G network and the National Optical Fiber project, implementing the state-owned telecommunications network company and the National Connectivity Registry. They will also be in charge of the modification of the General Telecommunications Law to transform the FDT into a demand subsidy mechanism and reviewing the concession allocation processes, among other initiatives included in the Government Plan.
Connectivity in border zones. On March 8, Subtel launched a public tender to subsidize the deployment of fiber optic cables in 17 border towns located in the central and northern areas of the country. Of these, 7 correspond to border crossings or complexes. The total amount of the subsidy for the winning companies is USD 15.000.000. This initiative complements the tender already awarded to Telefónica del Sur in August 2021, which is committed to deploy optical infrastructure in ten border towns located in the regions of Los Ríos, Los Lagos, Aysén and Magallanes. Details of the project can be found at the following link: https://www.subtel.gob.cl/subtel-lanza-concurso-publico-para-conectar-pasos-fronterizos-en-zona-norte-y-centro-del-pais/.
Initiatives with no new developments: (i) the bill that allows users to terminate…
Government consults on legal direction to restrict Huawei in UK telecoms networks
A consultation has been launched with telecoms firms on proposed legal instruments to control the use of Huawei in UK networks.
UK telecoms providers have already begun to remove Huawei from the UK’s 5G networks following the government’s announcement in July 2020. As the next step in this process, the government is now required by the new Telecommunications (Security) Act to consult with industry on the proposed measures which would bring these controls on Huawei onto a legal footing.
In November the Act became law – giving the government the legal mechanism to restrict the use of high risk vendor equipment in public networks where deemed necessary and proportionate in the interests of national security. The new powers will ensure UK mobile networks remain safe and secure as 5G becomes progressively more embedded in our national infrastructure, industries and daily lives.
The legal instruments the government is consulting on are known as a ‘designated vendor direction’, which contains requirements that public telecoms providers would need to follow regarding use of Huawei equipment and services; and a ‘designation notice’ which categorises Huawei as a high-risk vendor.
The consultation will last for four weeks and is only open to public communications providers which would receive the direction, and Huawei, as the proposed designated vendor.
The direction, subject to the consultation, legally requires telecoms operators to:
- Remove all Huawei equipment from 5G networks by the end of 2027.
- Not install Huawei equipment in 5G networks, effective immediately upon the issuing of the final direction.
- Remove all Huawei equipment from the core of telecoms networks by 28 January 2023.
- Not install sanctions-affected Huawei equipment in full fibre networks, effective immediately upon the issuing of the direction. This includes any equipment for which the supply chain or manufacturing process has been altered due to the impact of US sanctions.
- Reduce the share of Huawei equipment to 35 per cent of the full fibre and 5G access (i.e. non-core) networks by 31 July 2023, six months later than previously announced due to the difficulties providers have faced during the…