Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · Consolidated Appropriations Act, 2016 · Sec. 107

Sec. 107. OVERSIGHT OF GOVERNMENT ACTIVITIES

949 words·~4 min read·/statute-compilations/comps-13909/sec-107

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 107 OVERSIGHT OF GOVERNMENT ACTIVITIES **[**[6 U.S.C. 1506](/us/usc/t6/s1506)**]** ###
(a)Report on Implementation ####
(1)In general Not later than 1 year after the date of the enactment of this title, the heads of the appropriate Federal entities shall jointly submit to Congress a detailed report concerning the implementation of this title. ####
(2)Contents The report required by paragraph
(1)may include such recommendations as the heads of the appropriate Federal entities may have for improvements or modifications to the authorities, policies, procedures, and guidelines under this title and shall include the following: #####
(A)An evaluation of the effectiveness of real-time information sharing through the capability and process developed under section 105(c), including any impediments to such real-time sharing. #####
(B)An assessment of whether cyber threat indicators or defensive measures have been properly classified and an accounting of the number of security clearances authorized by the Federal Government for the purpose of sharing cyber threat indicators or defensive measures with the private sector. #####
(C)The number of cyber threat indicators or defensive measures received through the capability and process developed under section 105(c). #####
(D)A list of Federal entities that have received cyber threat indicators or defensive measures under this title. ###
(b)Biennial Report on Compliance ####
(1)In general Not later than 2 years after the date of the enactment of this Act and not less frequently than once every 2 years thereafter, the inspectors general of the appropriate Federal entities, in consultation with the Inspector General of the Intelligence Community and the Council of Inspectors General on Financial Oversight, shall jointly submit to Congress an interagency report on the actions of the executive branch of the Federal Government to carry out this title during the most recent 2-year period. ####
(2)Contents Each report submitted under paragraph
(1)shall include, for the period covered by the report, the following: #####
(A)An assessment of the sufficiency of the policies, procedures, and guidelines relating to the sharing of cyber threat indicators within the Federal Government, including those policies, procedures, and guidelines relating to the removal of information not directly related to a cybersecurity threat that is personal information of a specific individual or information that identifies a specific individual. #####
(B)An assessment of whether cyber threat indicators or defensive measures have been properly classified and an accounting of the number of security clearances authorized by the Federal Government for the purpose of sharing cyber threat indicators or defensive measures with the private sector. #####
(C)A review of the actions taken by the Federal Government based on cyber threat indicators or defensive measures shared with the Federal Government under this title, including a review of the following: ######
(i)The appropriateness of subsequent uses and disseminations of cyber threat indicators or defensive measures. ######
(ii)Whether cyber threat indicators or defensive measures were shared in a timely and adequate manner with appropriate entities, or, if appropriate, were made publicly available. #####
(D)An assessment of the cyber threat indicators or defensive measures shared with the appropriate Federal entities under this title, including the following: ######
(i)The number of cyber threat indicators or defensive measures shared through the capability and process developed under section 105(c). ######
(ii)An assessment of any information not directly related to a cybersecurity threat that is personal information of a specific individual or information identifying a specific individual and was shared by a non-Federal government entity with the Federal government in contravention of this title, or was shared within the Federal Government in contravention of the guidelines required by this title, including a description of any significant violation of this title. ######
(iii)The number of times, according to the Attorney General, that information shared under this title was used by a Federal entity to prosecute an offense listed in section 105(d)(5)(A). ######
(iv)A quantitative and qualitative assessment of the effect of the sharing of cyber threat indicators or defensive measures with the Federal Government on privacy and civil liberties of specific individuals, including the number of notices that were issued with respect to a failure to remove information not directly related to a cybersecurity threat that was personal information of a specific individual or information that identified a specific individual in accordance with the procedures required by section 105(b)(3)(E). ######
(v)The adequacy of any steps taken by the Federal Government to reduce any adverse effect from activities carried out under this title on the privacy and civil liberties of United States persons. #####
(E)An assessment of the sharing of cyber threat indicators or defensive measures among Federal entities to identify inappropriate barriers to sharing information. ####
(3)Recommendations Each report submitted under this subsection may include such recommendations as the inspectors general may have for improvements or modifications to the authorities and processes under this title. ###
(c)Independent Report on Removal of Personal Information Not later than 3 years after the date of the enactment of this Act, the Comptroller General of the United States shall submit to Congress a report on the actions taken by the Federal Government to remove personal information from cyber threat indicators or defensive measures pursuant to this title. Such report shall include an assessment of the sufficiency of the policies, procedures, and guidelines established under this title in addressing concerns relating to privacy and civil liberties. ###
(d)Form of Reports Each report required under this section shall be submitted in an unclassified form, but may include a classified annex. ###
(e)Public Availability of Reports The unclassified portions of the reports required under this section shall be made available to the public.
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 107
OVERSIGHT OF GOVERNMENT ACTIVITIES
U.S.C.§ 1506
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.