The Dutch government’s cyber security center has published guidelines that it hopes will encourage ethical hackers to disclose security vulnerabilities in a responsible way.
“Persons who report an IT vulnerability have an important social responsibility,” the Dutch ministry of Security and Justice said on Thursday, announcing guidelines for ethical hacking that were published by the country’s National Cyber Security Center (NCSC).
While the released guidance does not affect the existing legal framework, it encourages parties to work together to make IT systems safer, the NCSC said.
When an organization decides to follow these guidelines, it should include in its policy that it will not take legal action against ethical hackers who comply with the rules, it added.
The Dutch Public Prosecution Service however will keep the option to prosecute when it suspects that crimes have been committed, the ministry of Security and Justice said.
In other words, you’re still better off dumping the info anonymously on hacker forums. A missed chance.