https://motherboard.vice.com/en_us/article/pa9jbg/feds-expand-security-researchers-ability-to-hack-without-going-to-jail

Friday, the Librarian of Congress and US Copyright Office renewed several key exemptions (and added a few new ones) to the Digital Millennium Copyright Act. This go round, they’ve extended some essential exemptions ensuring that computer security researchers won’t be treated like nefarious criminals for their contributions to society. We’ve long noted how security researchers are frequently treated like criminals by companies that don’t appreciate having security flaws and vulnerabilities in their products exposed or discussed. That’s often not helped by the vague language of the DMCA, which critics argue has been an overreaching mess with near-endless potential for collateral damage.

As part of an effort to keep the DMCA timely, Congress included a so-called “safety valve” dubbed the Section 1201 triennial review process that, every three years, mandates that activists and concerned citizens beg the Copyright Office and the Librarian of Congress to craft explicit exemptions from the law to ensure routine behavior won’t be criminalized.