McKenna is an Distinguished Scholar of Cyberlaw and Policy, Dickinson Law, a Penn State Institute for CyberScience co-hire and Professor of Practice, Penn State Institute for CyberScience. She has researched, written extensively about, and taught legal courses about the complex scheme of federal and state computer hacking and electronic surveillance laws, including the Computer Fraud and Abuse Act (CFAA). McKenna’s four-volume Wiretapping & Eavesdropping treatise is cited routinely by federal and state courts across the U.S.
"The implications of the newly reintroduced Active Cyber Defense Certainty Act (the ACDC Act) are complex, but it would definitely upend aspects of the Computer Fraud and Abuse Act -- or CFAA -- along with a vast swath of state laws on computer crime and hacking. The ACDC Act specifically amends provisions of the CFAA that make hacking back unlawful. Under the bill, companies would be permitted to engage in 'active cyber defense measures' (ACDM) when their systems are hacked. But companies can only do so when they give the FBI advance notice of intent to engage in ACDMs, and the ACDM is conducted with certain restrictions. But the ACDC Act, creates an incredibly grey area for companies – when does an ACDM go too far? What’s the flip side? From a U.S. cybersecurity and law enforcement standpoint, the Act harnesses the power of sophisticated companies in private industry to fight hackers, and it requires companies give the FBI advance notice of what they’re doing, which also means they have to tell the government when they’ve been hacked."
You can contact McKenna at: [email protected], or call 410-627-2715 (McKenna cell)