Security News > 2021 > September > Rapid7 says Computer Misuse Act should include 'good faith' infosec research exemption
Infosec firm Rapid7 has joined the chorus of voices urging reform to the UK's Computer Misuse Act, publishing its detailed proposals intended to change the cobwebby old law for the better.
"It's worth noting that neither the National Crime Agency or the CPS seem to be recklessly pursuing frivolous investigations or prosecutions of good-faith security research. Nonetheless, the current legal language does expose researchers to legal risk and uncertainty, and it would be good to see some clarity on the topic," said Rapid7 in a blog post published over the sleepy summer period.
Rapid7 also proposed a legal exemption for "Good faith" security research, resting on the notion that good faith research can be shown to be carried out "In a manner reasonably designed to minimise and avoid unnecessary damage or loss to property or persons".
We're right behind Computer Misuse Act reforms for busting ransomware gangs, says UK infosec industry.
Computer Misuse Act: Tell the Home Office infosec needs a public interest defence in law, says CyberUp campaign.
Average convicted British computer criminal is young, male, not highly skilled, researcher finds.