EU law recital

Recital 60

This page is part of LegalViz.EU, a tool that helps readers move through EU legislation more quickly and understand its structure.

Navigate this law: Law overview · Articles · Annexes

Previous recital · Next recital · Start with Article 1

Member States, in cooperation with ENISA, should take measures to facilitate coordinated vulnerability disclosure by establishing a relevant national policy. As part of their national policy, Member States should aim to address, to the extent possible, the challenges faced by vulnerability researchers, including their potential exposure to criminal liability, in accordance with national law. Given that natural and legal persons researching vulnerabilities could in some Member States be exposed to criminal and civil liability, Member States are encouraged to adopt guidelines as regards the non-prosecution of information security researchers and an exemption from civil liability for their activities.