Portugal updates cybercrime law to exempt security researchers
Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.
First spotted by Daniel Cuthbert, a new provision in Article 8.o-A, titled “Acts not punishable due to public interest in cybersecurity,” provides a legal exemption for actions that previously were classified as illegal system access or illegal data interception.
The exemption only applies when security researchers act for the purpose of identifying vulnerabilities and contributing to cybersecurity.
Read more at Bleeping Computer