Sec. 7. Oversight of Government activities
793 words·~4 min read·
/bill/114/s/754/pcs/section-7A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Not later than 1 year after the date of the enactment of this Act, and not less frequently than once every 2 years thereafter, the heads of the appropriate Federal entities shall jointly submit and the Inspector General of the Department of Homeland Security, the Inspector General of the Intelligence Community, the Inspector General of the Department of Justice, the Inspector General of the Department of Defense, and the Inspector General of the Department of Energy, in consultation with the Council of Inspectors General on Financial Oversight, shall jointly submit to Congress a detailed report concerning the implementation of this Act. Each report submitted under paragraph
(1)shall include the following: An assessment of the sufficiency of the policies, procedures, and guidelines required by section 5 in ensuring that cyber threat indicators are shared effectively and responsibly within the Federal Government. An evaluation of the effectiveness of real-time information sharing through the capability and process developed under section 5(c), including any impediments to such real-time sharing. An assessment of the sufficiency of the procedures developed under section 3 in ensuring that cyber threat indicators in the possession of the Federal Government are shared in a timely and adequate manner with appropriate entities, or, if appropriate, are made publicly available. An assessment of whether cyber threat indicators have been properly classified and an accounting of the number of security clearances authorized by the Federal Government for the purposes of this Act. A review of the type of cyber threat indicators shared with the Federal Government under this Act, including the following: The degree to which such information may impact the privacy and civil liberties of specific persons. A quantitative and qualitative assessment of the impact of the sharing of such cyber threat indicators with the Federal Government on privacy and civil liberties of specific persons. The adequacy of any steps taken by the Federal Government to reduce such impact. A review of actions taken by the Federal Government based on cyber threat indicators shared with the Federal Government under this Act, including the appropriateness of any subsequent use or dissemination of such cyber threat indicators by a Federal entity under section 5. A description of any significant violations of the requirements of this Act by the Federal Government. A summary of the number and type of entities that received classified cyber threat indicators from the Federal Government under this Act and an evaluation of the risks and benefits of sharing such cyber threat indicators. Each report submitted under paragraph
(1)may include recommendations for improvements or modifications to the authorities and processes under this Act. Each report required by paragraph
(1)shall be submitted in unclassified form, but may include a classified annex. Not later than 2 years after the date of the enactment of this Act and not less frequently than once every 2 years thereafter, the Privacy and Civil Liberties Oversight Board shall submit to Congress and the President a report providing— an assessment of the effect on privacy and civil liberties by the type of activities carried out under this Act; and an assessment of the sufficiency of the policies, procedures, and guidelines established pursuant to section 5 in addressing concerns relating to privacy and civil liberties. Not later than 2 years after the date of the enactment of this Act and not less frequently than once every 2 years thereafter, the Inspector General of the Department of Homeland Security, the Inspector General of the Intelligence Community, the Inspector General of the Department of Justice, the Inspector General of the Department of Defense, and the Inspector General of the Department of Energy shall, in consultation with the Council of Inspectors General on Financial Oversight, jointly submit to Congress a report on the receipt, use, and dissemination of cyber threat indicators and defensive measures that have been shared with Federal entities under this Act. Each report submitted under subparagraph
(A)shall include the following: A review of the types of cyber threat indicators shared with Federal entities. A review of the actions taken by Federal entities as a result of the receipt of such cyber threat indicators. A list of Federal entities receiving such cyber threat indicators. A review of the sharing of such cyber threat indicators among Federal entities to identify inappropriate barriers to sharing information. Each report submitted under this subsection may include such recommendations as the Privacy and Civil Liberties Oversight Board, with respect to a report submitted under paragraph (1), or the Inspectors General referred to in paragraph (2)(A), with respect to a report submitted under paragraph (2), may have for improvements or modifications to the authorities under this Act. Each report required under this subsection shall be submitted in unclassified form, but may include a classified annex.