Georgia's governor has vetoed a bill that would have criminalized unauthorized computer access after receiving blowback from the state's booming cybersecurity industry.
The bill, vetoed by Republican Gov. Nathan Deal on Tuesday, would have made it a misdemeanor punishable by up to a year in jail to intentionally access a computer or network without authorization. The proposal passed the Georgia legislature in March amid the final chaotic hours of the legislative session.
The bill was designed to give law enforcement the ability to prosecute "online snoopers" — hackers who probe computer systems for vulnerabilities but don't disrupt or steal data. It follows the recent discovery by unauthorized independent cybersecurity experts of a vulnerability in the computer network where Georgia's elections are managed.
But a group of more than 50 academics, researchers, cybersecurity experts and technologists wrote Deal recently urging him to veto the bill, saying the legislation would chill security research and harm the state's cybersecurity industry.
The group said that, as a result of the bill, "security vulnerabilities in important computer systems will not be uncovered and disclosed responsibly, which will only make it easier for bad actors to exploit them." They said that the bill was problematic because it created new criminal liabilities for security researchers who identify and disclose weaknesses to improve cybersecurity....