In Canada, the government appears to still have no formal policy or public guidelines, which makes it difficult for those who do find flaws to know what to do, or how the government might respond. “There’s no formal process,” says Imran Ahmad, a partner at the law firm Miller Thomson who works with clients on cybersecurity related issues. In the absence of such a process, he says, those who find flaws “just don’t know how the government’s going to react, and they just want to protect themselves.”
Source: CBC News
Date: December 16th, 2016
1) What sort of mechanisms could the Canadian government put in place to allow hackers to report issues?
2) Could or should the Canadian government reward or pay hackers to report issues?