Sec. 1631. NOTIFICATION REQUIREMENTS FOR SENSITIVE MILITARY CYBER OPERATIONS AND CYBER WEAPONS
1,152 words·~5 min read·
/statute-compilations/comps-13932/sec-1631A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
## SEC. 1631 NOTIFICATION REQUIREMENTS FOR SENSITIVE MILITARY CYBER OPERATIONS AND CYBER WEAPONS ###
(a)Notification Chapter 3 of title 10, United States Code, is amended by adding at the end the following new sections: > > ## “SEC. 130j Notification requirements for sensitive military cyber operations > > **[**[10 U.S.C. 130j](/us/usc/t10/s130j)**]** > > > ### “(a) In General > > Except as provided in subsection (d), the Secretary of Defense shall promptly submit to the congressional defense committees notice in writing of any sensitive military cyber operation conducted under this title no later than 48 hours following such operation. > > > ### “(b) Procedures > > > ####
(1)> > The Secretary of Defense shall establish and submit to the congressional defense committees procedures for complying with the requirements of subsection
(a)consistent with the national security of the United States and the protection of operational integrity. The Secretary shall promptly notify the congressional defense committees in writing of any changes to such procedures at least 14 days prior to the adoption of any such changes. > > > #### “(2) > > The congressional defense committees shall ensure that committee procedures designed to protect from unauthorized disclosure classified information relating to national security of the United States are sufficient to protect the information that is submitted to the committees pursuant to this section. > > > #### “(3) > > In the event of an unauthorized disclosure of a sensitive military cyber operation covered by this section, the Secretary shall ensure, to the maximum extent practicable, that the congressional defense committees are notified immediately of the sensitive military cyber operation concerned. The notification under this paragraph may be verbal or written, but in the event of a verbal notification a written notification shall be provided by not later than 48 hours after the provision of the verbal notification. > > > ### “(c) Sensitive Military Cyber Operation Defined > > > ####
(1)> > In this section, the term ‘sensitive military cyber operation’ means an action described in paragraph
(2)that— > > > ##### “(A) > > is carried out by the armed forces of the United States; and > > > ##### “(B) > > is intended to cause cyber effects outside a geographic location— > > > ###### “(i) > > where the armed forces of the United States are involved in hostilities (as that term is used in section 1543 of title 50, United States Code); or > > > ###### “(ii) > > with respect to which hostilities have been declared by the United States. > > > #### “(2) > > The actions described in this paragraph are the following: > > > ##### “(A) > > An offensive cyber operation. > > > ##### “(B) > > A defensive cyber operation outside the Department of Defense Information Networks to defeat an ongoing or imminent threat. > > > ### “(d) Exceptions > > The notification requirement under subsection
(a)does not apply— > > > #### “(1) > > to a training exercise conducted with the consent of all nations where the intended effects of the exercise will occur; or > > > #### “(2) > > to a covert action (as that term is defined in section 3093 of title 50, United States Code). > > > ### “(e) Rule of Construction > > Nothing in this section shall be construed to provide any new authority or to alter or otherwise affect the War Powers Resolution (50 U.S.C. 1541 et seq.), the Authorization for Use of Military Force (Public Law 107-40; 50 U.S.C. 1541 note), or any requirement under the National Security Act of 1947 (50 U.S.C. 3001 et seq.). > > > ## “SEC. 130k Notification requirements for cyber weapons > > **[**[10 U.S.C. 130k](/us/usc/t10/s130k)**]** > > > ### “(a) In General > > Except as provided in subsection (c), the Secretary of Defense shall promptly submit to the congressional defense committees notice in writing of the following: > > > #### “(1) > > With respect to a cyber capability that is intended for use as a weapon, on a quarterly basis, the aggregated results of all reviews of the capability for legality under international law pursuant to Department of Defense Directive 5000.01 carried out by any military department concerned. > > > #### “(2) > > The use as a weapon of any cyber capability that has been approved for such use under international law by a military department no later than 48 hours following such use. > > > ### “(b) Procedures > > > ####
(1)> > The Secretary of Defense shall establish and submit to the congressional defense committees procedures for complying with the requirements of subsection
(a)consistent with the national security of the United States and the protection of operational integrity. The Secretary shall promptly notify the congressional defense committees in writing of any changes to such procedures at least 14 days prior to the adoption of any such changes. > > > #### “(2) > > The congressional defense committees shall ensure that committee procedures designed to protect from unauthorized disclosure classified information relating to national security of the United States are sufficient to protect the information that is submitted to the committees pursuant to this section. > > > #### “(3) > > In the event of an unauthorized disclosure of a cyber capability covered by this section, the Secretary shall ensure, to the maximum extent practicable, that the congressional defense committees are notified immediately of the cyber capability concerned. The notification under this paragraph may be verbal or written, but in the event of a verbal notification a written notification shall be provided by not later than 48 hours after the provision of the verbal notification. > > > ### “(c) Exceptions > > The notification requirement under subsection
(a)does not apply— > > > #### “(1) > > to a training exercise conducted with the consent of all nations where the intended effects of the exercise will occur; or > > > #### “(2) > > to a covert action (as that term is defined in section 3093 of title 50, United States Code). > > > ### “(d) Rule of Construction > > Nothing in this section shall be construed to provide any new authority or to alter or otherwise affect the War Powers Resolution (50 U.S.C. 1541 et seq.), the Authorization for Use of Military Force (Public Law 107-40; 50 U.S.C. 1541 note), or any requirement under the National Security Act of 1947 (50 U.S.C. 3001 et seq.).” > . ###
(b)Clerical Amendment **[**[10 U.S.C. 121](/us/usc/t10/s121)**]** The table of sections at the beginning of such chapter is amended by adding at the end the following new items:" “130j. Notification requirements for sensitive military cyber operations “130k. Notification requirements for cyber weapons” ".
Connectionstraces to 3
Traces to 3 documents
3 references not yet in our index
- 10 USC 130j
- Pub. L. 107-40
- 10 USC 130k
Citation graph
cites case law
Sec. 1631
NOTIFICATION REQUIREMENTS FOR SENSITIVE MILITARY CYBER OPERATIONS AND CYBER WEAPONS
Cite10 USC 130j
Pub. L.Pub. L. 107-40
Cite10 USC 130k
Cites 6Cited by 0 across 0 sources