What is the GFCRC?
The Good Faith Cybersecurity Researchers Coalition (GFCRC) advocates for policy reform to protect responsible cybersecurity vulnerability researchers (“white hat hackers”). We help good faith researchers continue to provide information security vulnerability information in a timely, structured, and legally legitimate sheltered manner.
The GFCRC provides resources on technology, law, and ethics, advocates for positive policy change, and shares expertise. We connect academia, industry, NGOs, and independent responsible good-faith hackers across borders. Through this community, we inform and coordinate the activities of our stakeholders to encourage governments to develop and implement public policies to encourage such adoption in line with the OECD Recommendations
GFCRC Focal Activities:
- Encourage, support, and educate good faith cybersecurity researchers
- Advocate for consistent, reasonable, principles-based public policy on vulnerability treatment.
- Mobilise and coordinate stakeholders to work together towards policy reform
- Develop, collect, and share good practices and resources for better, safer coordinated vulnerability disclosure (CVD)
Why was the GFCRC Founded?
Modern society depends on software. Business, politics, and social relationships all function because people trust that computer systems work as they should – and when they break, because people trust that they will be fixed.
Software sometimes has bugs – this is normal. A 100% guaranteed secure system does not exist. What is important is that, how, and how fast bugs are fixed. If criminals and other malicious actors are able to exploit software flaws, people will lose trust in software, and in the processes that use it. E-commerce, electronic voting, news, social media, banking…all these will then no longer be trustworthy.
The GFCRC was formed as a coalition of non-governmental parties interested in ensuring a continued flow of cyber vulnerability information in a way
that minimises the risk of bad actors taking advantage of them. We encourage and support good faith cybersecurity researchers by advocating for robust legal protections around Coordinated Vulnerability Disclosure (CVD), including Safe Harbour provisions. We follow, participate in, and stimulate policy work and public debate around responsible disclosure, provide a collective voice for all stakeholders interested in this topic, and establish and maintain close relationships with influential International Governmental Organisations, including the OECD.
Legal and Contact
N° D’ANNONCE : 1922
NUMÉRO RNA : W751268366
N° DE PARUTION : 20230005
31 Jan 2023
https://www.journal-officiel.gouv.fr/pages/associations-detail-annonce/?q.id=id:202300051922
75011 Paris, France
mailto: info@gfcrc.org