Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 114th Congress · H.R. 1560 (Reported in House) — To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, an... · Sec. 4

Sec. 4. Sharing of cyber threat indicators and defensive measures with appropriate Federal entities other than the Department of Defense or the National Security Agency

1,591 words·~7 min read·/bill/114/hr/1560/rh/section-4

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Section 111 of the National Security Act of 1947, as inserted by section 2 of this Act, is amended— by redesignating subsection
(b)as subsection (c); and by inserting after subsection
(a)the following new subsection: The President shall develop and submit to Congress policies and procedures relating to the receipt of cyber threat indicators and defensive measures by the Federal Government. The policies and procedures required under paragraph
(1)shall— be developed in accordance with the privacy and civil liberties guidelines required under section 4(b) of the Protecting Cyber Networks Act ; ensure that— a cyber threat indicator shared by a non-Federal entity with an appropriate Federal entity (other than the Department of Defense or any component of the Department, including the National Security Agency) pursuant to section 3 of such Act is shared in real-time with all of the appropriate Federal entities (including all relevant components thereof); the sharing of such cyber threat indicator with appropriate Federal entities is not subject to any delay, modification, or any other action without good cause that could impede receipt by all of the appropriate Federal entities; and such cyber threat indicator is provided to each other Federal entity to which such cyber threat indicator is relevant; and ensure there— is an audit capability; and are appropriate sanctions in place for officers, employees, or agents of a Federal entity who knowingly and willfully use a cyber threat indicator or defense measure shared with the Federal Government by a non-Federal entity under the Protecting Cyber Networks Act other than in accordance with this section and such Act. . The President shall submit to Congress— not later than 90 days after the date of the enactment of this Act, interim policies and procedures required under section 111(b)(1) of the National Security Act of 1947, as inserted by paragraph
(1)of this section; and not later than 180 days after such date, final policies and procedures required under such section 111(b)(1). The Attorney General, in consultation with the heads of the other appropriate Federal agencies and with officers designated under section 1062 of the Intelligence Reform and Terrorism Prevention Act of 2004 ( 42 U.S.C. 2000ee–1 ), shall develop and periodically review guidelines relating to privacy and civil liberties that govern the receipt, retention, use, and dissemination of cyber threat indicators by a Federal entity obtained in accordance with this Act and the amendments made by this Act. The guidelines developed and reviewed under paragraph
(1)shall, consistent with the need to protect information systems from cybersecurity threats and mitigate cybersecurity threats— limit the impact on privacy and civil liberties of activities by the Federal Government under this Act, including guidelines to ensure that personal information of or information identifying specific persons is properly removed from information received, retained, used, or disseminated by a Federal entity in accordance with this Act or the amendments made by this Act; limit the receipt, retention, use, and dissemination of cyber threat indicators containing personal information of or information identifying specific persons, including by establishing— a process for the prompt destruction of such information that is known not to be directly related to a use for a cybersecurity purpose; specific limitations on the length of any period in which a cyber threat indicator may be retained; and a process to inform recipients that such indicators may only be used for a cybersecurity purpose; include requirements to safeguard cyber threat indicators containing personal information of or identifying specific persons from unauthorized access or acquisition, including appropriate sanctions for activities by officers, employees, or agents of the Federal Government in contravention of such guidelines; include procedures for notifying non-Federal entities and Federal entities if information received pursuant to this section is known or determined by a Federal entity receiving such information not to constitute a cyber threat indicator; be consistent with any other applicable provisions of law and the fair information practice principles set forth in appendix A of the document entitled National Strategy for Trusted Identities in Cyberspace and published by the President in April, 2011; and include steps that may be needed so that dissemination of cyber threat indicators is consistent with the protection of classified information and other sensitive national security information. The Attorney General shall submit to Congress— not later than 90 days after the date of the enactment of this Act, interim guidelines required under paragraph (1); and not later than 180 days after such date, final guidelines required under such paragraph. Title I of the National Security Act of 1947 ( 50 U.S.C. 3021 et seq. ), as amended by section 2 of this Act, is further amended— by redesignating section 119B as section 119C; and by inserting after section 119A the following new section: There is within the Office of the Director of National Intelligence a Cyber Threat Intelligence Integration Center. There is a Director of the Cyber Threat Intelligence Integration Center, who shall be the head of the Cyber Threat Intelligence Integration Center, and who shall be appointed by the Director of National Intelligence. The Cyber Threat Intelligence Integration Center shall— serve as the primary organization within the Federal Government for analyzing and integrating all intelligence possessed or acquired by the United States pertaining to cyber threats; ensure that appropriate departments and agencies have full access to and receive all-source intelligence support needed to execute the cyber threat intelligence activities of such agencies and to perform independent, alternative analyses; disseminate cyber threat analysis to the President, the appropriate departments and agencies of the Federal Government, and the appropriate committees of Congress; coordinate cyber threat intelligence activities of the departments and agencies of the Federal Government; and conduct strategic cyber threat intelligence planning for the Federal Government. The Cyber Threat Intelligence Integration Center shall— have not more than 50 permanent positions; in carrying out the primary missions of the Center described in subsection (c), may not augment staffing through detailees, assignees, or core contractor personnel or enter into any personal services contracts to exceed the limitation under paragraph (1); and be located in a building owned or operated by an element of the intelligence community as of the date of the enactment of this section. . The table of contents in the first section of the National Security Act of 1947, as amended by section 2 of this Act, is further amended by striking the item relating to section 119B and inserting the following new items: Sec. 119B. Cyber Threat Intelligence Integration Center. Sec. 119C. National intelligence centers. . The provision of a cyber threat indicator or defensive measure to the Federal Government under this Act shall not constitute a waiver of any applicable privilege or protection provided by law, including trade secret protection. Consistent with section 3(c)(2), a cyber threat indicator or defensive measure provided by a non-Federal entity to the Federal Government under this Act shall be considered the commercial, financial, and proprietary information of the non-Federal entity that is the originator of such cyber threat indicator or defensive measure when so designated by such non-Federal entity or a non-Federal entity acting in accordance with the written authorization of the non-Federal entity that is the originator of such cyber threat indicator or defensive measure. A cyber threat indicator or defensive measure provided to the Federal Government under this Act shall be— deemed voluntarily shared information and exempt from disclosure under section 552 of title 5, United States Code, and any State, tribal, or local law requiring disclosure of information or records; and withheld, without discretion, from the public under section 552(b)(3)(B) of title 5, United States Code, and any State, tribal, or local provision of law requiring disclosure of information or records, except as otherwise required by applicable Federal, State, tribal, or local law requiring disclosure in any criminal prosecution. The provision of a cyber threat indicator or defensive measure to the Federal Government under this Act shall not be subject to a rule of any Federal department or agency or any judicial doctrine regarding ex parte communications with a decision-making official. A cyber threat indicator or defensive measure provided to the Federal Government under this Act may be disclosed to, retained by, and used by, consistent with otherwise applicable provisions of Federal law, any department, agency, component, officer, employee, or agent of the Federal Government solely for— a cybersecurity purpose; the purpose of responding to, prosecuting, or otherwise preventing or mitigating a threat of death or serious bodily harm or an offense arising out of such a threat; the purpose of responding to, or otherwise preventing or mitigating, a serious threat to a minor, including sexual exploitation and threats to physical safety; or the purpose of preventing, investigating, disrupting, or prosecuting any of the offenses listed in sections 1028, 1029, 1030, and 3559(c)(2)(F) and chapters 37 and 90 of title 18, United States Code. A cyber threat indicator or defensive measure provided to the Federal Government under this Act shall not be disclosed to, retained by, or used by any Federal department or agency for any use not permitted under subparagraph (A). A cyber threat indicator or defensive measure provided to the Federal Government under this Act shall be retained, used, and disseminated by the Federal Government in accordance with— the policies and procedures relating to the receipt of cyber threat indicators and defensive measures by the Federal Government required by subsection
(b)of section 111 of the National Security Act of 1947, as added by subsection
(a)of this section; and the privacy and civil liberties guidelines required by subsection (b).
Connectionstraces to 1
Traces to 1 document
1 reference not yet in our index
  • 42 USC 2000ee–1
Citation graph
cites case law
Sec. 4
Sharing of cyber threat indicators and defensive measures with appropriate Federal entities other than the Department of Defense or the National Security Agency
U.S.C.§ 3021
Cite42 USC 2000ee–1
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.