German Law Could Protect Researchers Reporting Vulns

The draft amendment also includes prison time for those who access systems to maliciously spy or intercept data.

Germanys Federal Ministry of Justice has drafted legislation that would protect
security researchers who discover and report security flaws
to vendors.
The draft eliminates criminal liability for people who choose to warn businesses, and ultimately the public, of cyber vulnerabilities. The proposed law amends an existing law that protects IT security researchers, companies, and hackers from punishment.
Certain criteria must be met for the act to be considered security research. The action must aim to identify a vulnerability or security risk in an IT system, and the researcher who discovers the flaw must have the intent of reporting the vulnerability to those responsible for addressing the issue. They should also only be accessing a system to identify a vulnerability.
The draft proposes a penalty of three to five months in prison for severe cases of malicious data spying and data interception that include criminal acts, acts motivated by profit, or those that result in substantial financial damage.
Those who want to close IT security gaps deserve recognition — not a letter from the prosecutor,
stated Marco Buschmann,

the Federal Minister of Justice
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
German Law Could Protect Researchers Reporting Vulns