Portugal Updates Cybercrime Law to Exempt Security Researchers Acting in Good Faith

Portugal has recently amended its cybercrime law to include a legal exemption for security researchers who act in good faith. This reform is designed to make hacking activities non-punishable when conducted to identify vulnerabilities without malicious intent. The move aims to clarify the legal framework for cybersecurity professionals, distinguishing between ethical security research and malicious hacking. However, the article does not specify an exact date for the law's enforcement nor provide additional technical details. This legal exemption is significant as it allows security researchers to conduct essential activities such as penetration testing and vulnerability disclosure without fear of legal repercussions, provided they adhere to the stipulated conditions. This development is expected to foster a more collaborative environment for cybersecurity professionals and could serve as a model for other countries. However, the lack of specific details about the implementation date and technical conditions may leave some uncertainties. Security researchers and organizations in Portugal should stay informed about further developments to fully understand the implications and ensure compliance with the new law.