Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 113th Congress · S. 2588 (Placed on Calendar Senate) — To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, an... · Sec. 5

Sec. 5. Sharing of cyber threat indicators and countermeasures with the Federal Government

1,830 words·~8 min read·/bill/113/s/2588/pcs/section-5

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 60 days after the date of the enactment of this Act, the Attorney General, in coordination with the heads of the appropriate Federal entities, shall develop, and submit to Congress, interim policies and procedures relating to the receipt of cyber threat indicators and countermeasures by the Federal Government. Not later than 180 days after the date of the enactment of this Act, the Attorney General, in coordination with the heads of the appropriate Federal entities, shall promulgate final policies and procedures relating to the receipt of cyber threat indicators and countermeasures by the Federal Government.
The policies and procedures developed and promulgated under this subsection shall— ensure that cyber threat indicators shared with the Federal Government by any entity pursuant to section 4, and that are received through the process described in subsection (c)— are shared in real time and simultaneous with such receipt with all of the appropriate Federal entities; are not subject to any delay, interference, or any other action that could impede real-time receipt by all of the appropriate Federal entities; and may be provided to other Federal entities; ensure that cyber threat indicators shared with the Federal Government by any entity pursuant to section 4 in a manner other than the process described in subsection (c)— are shared immediately with all of the appropriate Federal entities; are not subject to any unreasonable delay, interference, or any other action that could impede receipt by all of the appropriate Federal entities; and may be provided to other Federal entities; govern, consistent with this Act, any other applicable laws, and the fair information practice principles set forth in appendix A of the document entitled National Strategy for Trusted Identities in Cyberspace and published by the President in April, 2011, the retention, use, and dissemination by the Federal Government of cyber threat indicators shared with the Federal Government under this Act, including the extent, if any, to which such cyber threat indicators may be used by the Federal Government; and ensure there is an audit capability and appropriate sanctions in place for officers, employees, or agents of a Federal entity who knowingly and willfully conduct activities under this Act in an unauthorized manner.
The Attorney General shall, in coordination with the heads of the appropriate Federal agencies and in consultation with officers designated under section 1062 of the National Security Intelligence Reform Act of 2004 ( 42 U.S.C. 2000ee-1 ), develop and periodically review guidelines relating to privacy and civil liberties which shall govern the receipt, retention, use, and dissemination of cyber threat indicators by a Federal entity obtained in connection with activities authorized in this Act.
The guidelines developed and reviewed under paragraph
(1)shall, consistent with the need to protect information systems from cybersecurity threats and mitigate cybersecurity threats— limit the impact on privacy and civil liberties of activities by the Federal Government under this Act; limit the receipt, retention, use, and dissemination of cyber threat indicators containing personal information of or identifying specific persons, including establishing— a process for the timely destruction of information that is known not to be directly related to uses authorized under this Act; and specific limitations on the length of any period in which a cyber threat indicator may be retained; include requirements to safeguard cyber threat indicators containing personal information of or identifying specific persons from unauthorized access or acquisition, including appropriate sanctions for activities by officers, employees, or agents of the Federal Government in contravention of such guidelines; include procedures for notifying entities if information received pursuant to this section is known by a Federal entity receiving the information not to constitute a cyber threat indicator; and protect the confidentiality of cyber threat indicators containing personal information of or identifying specific persons to the greatest extent practicable and require recipients to be informed that such indicators may only be used for purposes authorized under this Act. Not later than 90 days after the date of the enactment of this Act, the Secretary of Homeland Security, in coordination with the heads of the appropriate Federal entities, shall develop and implement a capability and process within the Department of Homeland Security that— shall accept from any entity in real time cyber threat indicators and countermeasures in an electronic format, pursuant to this section; shall, upon submittal of the certification under paragraph
(2)that such capability and process fully and effectively operates as described in such paragraph, be the process by which the Federal Government receives cyber threat indicators and countermeasures under this Act in an electronic format that are shared by a private entity with the Federal Government except— communications between a Federal entity and a private entity regarding a previously shared cyber threat indicator; voluntary or legally compelled participation in an open Federal investigation; information received through an automated malware analysis capability operated by the Federal Bureau of Investigation that is designed to ensure that information received through and analysis produced by such capability is also immediately shared through the capability and process developed by the Secretary of Homeland Security under this paragraph; communications with a Federal regulatory authority by regulated entities regarding a cybersecurity threat; and cyber threat indicators or countermeasures shared with a Federal entity as part of a contractual or statutory requirement; ensures that all of the appropriate Federal entities receive such cyber threat indicators in real time and simultaneous with receipt through the process within the Department of Homeland Security; and is in compliance with the policies, procedures, and guidelines required by this section. Not later than 10 days prior to the implementation of the capability and process required by paragraph (1), the Secretary of Homeland Security shall, in consultation with the heads of the appropriate Federal entities, certify to Congress whether such capability and process fully and effectively operates— as the process by which the Federal Government receives from any entity cyber threat indicators and countermeasures in an electronic format under this Act; and in accordance with the policies, procedures, and guidelines developed under this section. The Secretary of Homeland Security shall ensure there is public notice of, and access to, the capability and process developed and implemented under paragraph
(1)so that any entity may share cyber threat indicators and countermeasures through such process with the Federal Government and that all of the appropriate Federal entities receive such cyber threat indicators and countermeasures in real time and simultaneous with receipt through the process within the Department of Homeland Security. The process developed and implemented under paragraph
(1)shall ensure that other Federal entities receive in a timely manner any cyber threat indicators and countermeasures shared with the Federal Government through the process created in this subsection. Not later than 60 days after the date of the enactment of this Act, the Secretary of Homeland Security shall submit to Congress a report on the development and implementation of the capability and process required by paragraph (1), including a description of such capability and process and the public notice of, and access to, such process. The report required by clause
(i)shall be submitted in unclassified form, but may include a classified annex. Not later than 1 year after the date of the enactment of this Act, the Director of the Federal Bureau of Investigation and the Secretary of Homeland Security shall submit to Congress a report on the implementation of the automated malware analysis capability described in paragraph (1)(B)(iii), including an assessment of the feasibility and advisability of transferring the administration and operation of such capability to the Department of Homeland Security. The provision of cyber threat indicators and countermeasures to the Federal Government under this Act shall not constitute a waiver of any applicable privilege or protection provided by law, including trade secret protection. A cyber threat indicator or countermeasure provided by an entity to the Federal Government under this Act shall be considered the commercial, financial, and proprietary information of such entity when so designated by such entity. Cyber threat indicators and countermeasures provided to the Federal Government under this Act shall be— deemed voluntarily shared information and exempt from disclosure under section 552 of title 5, United States Code, and any State, tribal, or local law requiring disclosure of information or records; and withheld, without discretion, from the public under section 552(b)(3)(B) of title 5, United States Code, and any State, tribal, or local provision of law requiring disclosure of information or records. The provision of cyber threat indicators and countermeasures to the Federal Government under this Act shall not be subject to the rules of any Federal agency or department or any judicial doctrine regarding ex parte communications with a decisionmaking official. Cyber threat indicators and countermeasures provided to the Federal Government under this Act may be disclosed to, retained by, and used by, consistent with otherwise applicable Federal law, any Federal agency or department, component, officer, employee, or agent of the Federal Government solely for— a cybersecurity purpose; the purpose of responding to, or otherwise preventing or mitigating, an imminent threat of death or serious bodily harm; the purpose of responding to, or otherwise preventing or mitigating, a serious threat to a minor, including sexual exploitation and threats to physical safety; or the purpose of preventing, investigating, or prosecuting an offense arising out of a threat described in clause
(ii)or any of the offenses listed in— sections 1028 through 1030 of title 18, United States Code (relating to fraud and identity theft); chapter 37 of such title (relating to espionage and censorship); and chapter 90 of such title (relating to protection of trade secrets). Cyber threat indicators and countermeasures provided to the Federal Government under this Act shall not be disclosed to, retained by, or used by any Federal agency or department for any use not permitted under subparagraph (A). Cyber threat indicators and countermeasures provided to the Federal Government under this Act shall be retained, used, and disseminated by the Federal Government— in accordance with the policies, procedures, and guidelines required by subsections
(a)and (b); in a manner that protects from unauthorized use or disclosure any cyber threat indicators that may contain personal information of or identifying specific persons; and in a manner that protects the confidentiality of cyber threat indicators containing information of, or that identifies, a specific person. Cyber threat indicators and countermeasures provided to the Federal Government under this Act may, consistent with Federal or State regulatory authority specifically relating to the prevention or mitigation of cybersecurity threats to information systems, inform the development or implementation of regulations relating to such information systems. Cyber threat indicators and countermeasures provided to the Federal Government under this Act shall not be directly used by any Federal, State, tribal, or local government department or agency to regulate the lawful activities of an entity, including activities relating to monitoring, operation of countermeasures, or sharing of cyber threat indicators. Procedures developed and implemented under this Act shall not be considered regulations within the meaning of this subparagraph.
Connectionstraces to 1
Citation graph
cites case law
Sec. 5
Sharing of cyber threat indicators and countermeasures with the Federal Government
U.S.C.§ 2000ee–1
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.