Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 114th Congress · H.R. 1560 (Engrossed in House) — To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, to... · Sec. 110

Sec. 110. Definitions

919 words·~4 min read·/bill/114/hr/1560/eh/section-110·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

In this title: The term agency has the meaning given the term in section 3502 of title 44, United States Code. The term appropriate Federal entities means the following: The Department of Commerce. The Department of Defense. The Department of Energy. The Department of Homeland Security. The Department of Justice. The Department of the Treasury. The Office of the Director of National Intelligence. The term cybersecurity purpose means the purpose of protecting (including through the use of a defensive measure) an information system or information that is stored on, processed by, or transiting an information system from a cybersecurity threat or security vulnerability or identifying the source of a cybersecurity threat.
Except as provided in subparagraph (B), the term cybersecurity threat means an action, not protected by the first amendment to the Constitution of the United States, on or through an information system that may result in an unauthorized effort to adversely impact the security, confidentiality, integrity, or availability of an information system or information that is stored on, processed by, or transiting an information system. The term cybersecurity threat does not include any action that solely involves a violation of a consumer term of service or a consumer licensing agreement.
The term cyber threat indicator means information or a physical object that is necessary to describe or identify— malicious reconnaissance, including anomalous patterns of communications that appear to be transmitted for the purpose of gathering technical information related to a cybersecurity threat or security vulnerability; a method of defeating a security control or exploitation of a security vulnerability; a security vulnerability, including anomalous activity that appears to indicate the existence of a security vulnerability; a method of causing a user with legitimate access to an information system or information that is stored on, processed by, or transiting an information system to unwittingly enable the defeat of a security control or exploitation of a security vulnerability; malicious cyber command and control; the actual or potential harm caused by an incident, including a description of the information exfiltrated as a result of a particular cybersecurity threat; or any other attribute of a cybersecurity threat, if disclosure of such attribute is not otherwise prohibited by law.
The term defensive measure means an action, device, procedure, technique, or other measure executed on an information system or information that is stored on, processed by, or transiting an information system that prevents or mitigates a known or suspected cybersecurity threat or security vulnerability. The term Federal entity means a department or agency of the United States or any component of such department or agency. The term information system — has the meaning given the term in section 3502 of title 44, United States Code; and includes industrial control systems, such as supervisory control and data acquisition systems, distributed control systems, and programmable logic controllers.
The term local government means any borough, city, county, parish, town, township, village, or other political subdivision of a State. The term malicious cyber command and control means a method for unauthorized remote identification of, access to, or use of, an information system or information that is stored on, processed by, or transiting an information system. The term malicious reconnaissance means a method for actively probing or passively monitoring an information system for the purpose of discerning security vulnerabilities of the information system, if such method is associated with a known or suspected cybersecurity threat.
The term monitor means to acquire, identify, scan, or otherwise possess information that is stored on, processed by, or transiting an information system. Except as otherwise provided in this paragraph, the term non-Federal entity means any private entity, non-Federal Government department or agency, or State, tribal, or local government (including a political subdivision, department, officer, employee, or agent thereof). The term non-Federal entity includes a government department or agency (including an officer, employee, or agent thereof) of the District of Columbia, the Commonwealth of Puerto Rico, the Virgin Islands, Guam, American Samoa, the Northern Mariana Islands, and any other territory or possession of the United States.
The term non-Federal entity does not include a foreign power or known agent of a foreign power, as both terms are defined in section 101 of the Foreign Intelligence Surveillance Act of 1978 ( 50 U.S.C. 1801 ). Except as otherwise provided in this paragraph, the term private entity means any person or private group, organization, proprietorship, partnership, trust, cooperative, corporation, or other commercial or nonprofit entity, including an officer, employee, or agent thereof.
The term private entity includes a component of a State, tribal, or local government performing utility services. The term private entity does not include a foreign power as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978 ( 50 U.S.C. 1801 ). The terms real time and real-time mean a process by which an automated, machine-to-machine system processes cyber threat indicators such that the time in which the occurrence of an event and the reporting or recording of it are as simultaneous as technologically and operationally practicable.
The term security control means the management, operational, and technical controls used to protect against an unauthorized effort to adversely impact the security, confidentiality, integrity, and availability of an information system or its information. The term security vulnerability means any attribute of hardware, software, process, or procedure that could enable or facilitate the defeat of a security control. The term tribal has the meaning given the term Indian tribe in section 4 of the Indian Self-Determination and Education Assistance Act ( 25 U.S.C. 450b ).
Connectionstraces to 2
Traces to 2 documents
Citation graph
cites case law
Sec. 110
Definitions
U.S.C.§ 1801
U.S.C.§ 450b
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.