Sec. 839. Employment transparency regarding individuals who perform work in, for, or are subject to the laws or control of the People’s Republic of China
508 words·~2 min read·
/bill/118/hr/5009/eah/section-839A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Section 855 of the National Defense Authorization Act for Fiscal Year 2022 ( Public Law 117–81 ; 10 U.S.C. 4651 note prec.) is amended— in subsection (a)— in paragraph (1), by inserting , for, or are subject to the laws or control of after perform work in ; and in paragraph (3)— by redesignating subparagraphs
(A)and
(B)as clauses
(i)and
(ii)and moving such clauses, as so redesignated, two ems to the right; by striking If a covered entity and inserting
(A); In general .—If a covered company by inserting , for, or are subject to the laws or control of after any individual who will perform work in ; in clause (i), as so redesignated, by striking perform work in the People’s Republic of China and inserting perform such work ; and in clause (ii), as so redesignated— by inserting and each other location after China ; and by striking performed. and inserting the following: “performed; and whether an agency or instrumentality of the People’s Republic of China or any other covered entity has requested access to data or otherwise acquired data from the covered entity required to make a disclosure under paragraph
(1)or
(2)pursuant to any law or regulation of the People’s Republic of China. If a covered entity performing a covered contract for services dealing with commercial computer software or noncommercial computer software and is required to make a disclosure under paragraph
(1)or (2), such covered entity shall— describe the process for disclosing a cybersecurity vulnerability, if such covered entity is also required to disclose any cybersecurity vulnerability to the Ministry of Industry and Information Technology or any other agency or instrumentality of the People’s Republic of China; and provide any information related to how a United States affiliate is notified of a vulnerability described in subclause (I). Not later than 180 days after the date of the enactment of this subparagraph, the Secretary shall revise the Defense Federal Acquisition Regulation Supplement to require— a covered entity to require that an individual or entity performing work on a covered contract in the People’s Republic of China on behalf of the covered entity to notify the covered entity within 48 hours of such individual or entity reporting any software vulnerability related to such covered contract to the Ministry of Industry and Information Technology or any other agency or instrumentality of the People’s Republic of China; and the covered entity to retain and furnish to the Department of Defense information regarding any cybersecurity vulnerability reported to the Ministry of Industry and Information Technology or any other agency or instrumentality of the People’s Republic of China with respect to which the covered entity received a notice pursuant to subclause (I). ; and in subsection (d)— in paragraph (1), by striking with a value in excess of $5,000,000, excluding and inserting for, or including, any information and communications technology, including ; and in paragraph (2), by inserting , for, or subject to the laws or control of after a covered contract in .
Connectionstraces to 2
Traces to 2 documents
Citation graph
cites case law
Sec. 839
Employment transparency regarding individuals who perform work in, for, or are subject to the laws or control of the People’s Republic of China
Cites 2Cited by 0 across 0 sources