Hacking back

To amend title 18, United States Code, to provide a defense to prosecution for fraud and related activity in connection with computers for persons defending against unauthorized intrusions into their computers, and for other purposes. Namely, Section 4: Exclusion from prosecution for certain computer crimes for those taking active cyber defense measures.

The term ‘active cyber defense measure’— means any measure— undertaken by, or at the direction of, a defender; and consisting of accessing without authorization the computer of the attacker to the defender’s own network to gather information in order to— establish attribution of criminal activity to share with law enforcement and other United States Government agencies responsible for cybersecurity; disrupt continued unauthorized activity against the defender’s own network; or monitor the behavior of an attacker to assist in developing future intrusion prevention or cyber defense techniques.

The term ‘defender’ means a person or an entity that is a victim of a persistent unauthorized intrusion of the individual entity’s computer.

GENERALLY.— A defender who uses an active cyber defense measure under the preceding section must notify the FBI National Cyber Investigative Joint Task Force and receive a response from the FBI acknowledging receipt of the notification prior to using the measure.

REQUIRED INFORMATION.— Notification must include the type of cyber breach that the person or entity was a victim of, the intended target of the active cyber defense measure, the steps the defender plans to take to preserve evidence of the attacker’s criminal cyber intrusion, as well as the steps they plan to prevent damage to intermediary computers not under the ownership of the attacker and other information requested by the FBI to assist with oversight.

• Lahmann, Henning (2020). "Hacking Back and International Law: An Irreconcilable Pair?". Verfassungsblog: On Matters Constitutional. doi:10.17176/20200716-235806-0. Retrieved 2022-09-25.