No tax credit for ethical hackers
Definitely, Senator Nathalie Delattre continues to support the hacking community in Parliament. After defending last June, without success, increased legal protection for ethical hackers whistleblowers, the elected representative of the Gironde has just tried to pass a new provision.
This time, the amendment to the finance bill for 2024 by the centrist senator focused on a tax credit for the benefit of ethical hackers. Nathalie Delattre proposed the issuance of a tax receipt for white hats who have reported vulnerabilities related to associations or non-governmental organizations to the Anssi.
Tax receipt
“There is a growing community of digital whistleblowers ready to support and help associations and NGOs to protect themselves against cybersecurity attacks,” explained the senator in this amendment, also signed by seven other senators. The proposed tax receipt, with a maximum value of 1000 euros, aims precisely to “support this dynamic”.
And the elected officials to point out, without specifying their source, that half of the NGOs would be victims of attacks or attempted computer attacks, a way of raising awareness of the urgency of the situation.
However, the Senator’s suggestion flopped, the amendment being finally withdrawn after an unfavorable opinion from the government as well as the general rapporteur. Nathalie Delattre’s previous amendment had also been withdrawn, after the government promised her in session to improve the October 2016 law, which already protects ethical hackers, through the transposition of European texts in France.
Bug bounty
After remaining relatively confidential, the “Bug Bounty” programs are now on the rise. For example, the Ministry of the Interior had called on Yogosha hackers last spring to test the protections of “My Power of Attorney”, an online request service for electoral power of attorney.
The interministerial digital directorate has also just launched a vulnerability hunt on the FranceConnect authentication portal with the company YesWeHack. The program provides for rewards of up to 20,000 euros for discovered flaws that make it possible to connect under a false identity on FranceConnect+, the new, more secure version of the gateway.