The article ‘’Are there ethics in intrusion?" by Joana Bernardo, published in ECO, analyses the proposed amendment to the Cybercrime Law as part of the transposition of the NIS 2 Directive into the Portuguese legal system. This change legalises acts that, until now, were considered crimes of undue access and illegitimate interception of computer systems.

The VdA lawyer explains that the new legislation allows intrusion into computer systems without punishment, as long as the hacker claims to have the objective of identifying vulnerabilities and disclosing them responsibly, with no intention of obtaining an economic advantage, acts proportionately and fulfils certain reporting obligations.

The measure aims to protect ethical hackers (white hat hackers), but Joana Bernardo warns of the risks of its application, which could increase legal uncertainty, encourage unauthorised intrusions and make it more difficult to be held accountable for any damage.

• This article is available here.