(2) Inapplicability to Certain Technological Measures.
This subsection does not apply to a technological measure, or a work it
protects, that does not collect or disseminate personally identifying
information and that is disclosed to a user as not having or using such
capability.
(j) Security Testing.
(1) Definition. For purposes of this subsection, the term "security
testing" means accessing a computer, computer system, or computer
network, solely for the purpose of good faith testing, investigating, or
correcting, a security flaw or vulnerability, with the authorization of
the owner or operator of such computer, computer system, or computer
network.
(2) Permissible Acts of Security Testing. Notwithstanding the provisions
of subsection (a)(1)(A), it is not a violation of that subsection for a
person to engage in an act of security testing, if such act does not
constitute infringement under this title or a violation of applicable
law other than this section, including section 1030 of title 18 and
those provisions of title 18 amended by the Computer Fraud and Abuse Act
of 1986.
(3) Factors in Determining Exemption.
Pages:
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422