Safe Harbor

When conducting vulnerability research according to this policy, we consider this research conducted under this policy to be:

• Authorized in view of any applicable anti-hacking laws, and we will not initiate or support legal action against you for accidental, good faith violations of this policy;

• Authorized in view of relevant anti-circumvention laws, and we will not bring a claim against you for circumvention of technology controls;

• Exempt from restrictions in our Acceptable Usage Policy that would interfere with conducting security research, and we waive those restrictions on a limited basis; and

• Lawful, helpful to the overall security of the Internet, and conducted in good faith.

• You are expected, as always, to comply with all applicable laws. If legal action is initiated by a third party against you, and you have complied with this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.

If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please submit a report through one of our Official Channels before going any further.