Last week, the Department of Justice announced it would no longer prosecute hackers doing “good faith” cybersecurity research like testing or investigating a system to help correct a security flaw or vulnerability. It’s a change in how the DOJ enforces the 1986 Computer Fraud and Abuse Act following a ruling last year by the Supreme Court in Van Buren v. United States that limited the scope of the CFAA. Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, spoke with Marketplace’s Kimberly Adams about how this is part of an ongoing policy shift for the Justice Department over the last few years.

Your donation powers the journalism you rely on. Give today to support Marketplace Tech.