"Yet security researchers who, in an attempt to be helpful, discover vulnerabilities and tell companies about them can face lawsuits or even criminal prosecution for their trouble, said Andrea Matwyshyn, a law professor at the Wharton School and an advisor to the Federal Trade Commission. “Some companies view this information about a mistake in their product as an attack on the product and view it as more cost effective to legally silence the researcher,” she told Risk & Compliance Journal in an interview."
- Date Published:05/05/2014
- Original Publication:The Wall Street Journal