Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · John S. McCain National Defense Authorization Act for Fiscal Year 2019 · Sec. 1639

Sec. 1639. PROCEDURES AND REPORTING REQUIREMENT ON CYBERSECURITY BREACHES AND LOSS OF PERSONALLY IDENTIFIABLE INFORMATION AND CONTROLLED UNCLASSIFIED INFORMATION

316 words·~1 min read·/statute-compilations/comps-15483/sec-1639

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 1639 PROCEDURES AND REPORTING REQUIREMENT ON CYBERSECURITY BREACHES AND LOSS OF PERSONALLY IDENTIFIABLE INFORMATION AND CONTROLLED UNCLASSIFIED INFORMATION **[**[10 U.S.C. 2224 note](/us/usc/t10/s2224)**]** ###
(a)In General In the event of a significant loss of personally identifiable information of civilian or uniformed members of the Armed Forces, or a significant loss of controlled unclassified information by a cleared defense contractor, the Secretary of Defense shall promptly submit to the congressional defense committees notice in writing of such loss. Such notice may be submitted in classified or unclassified formats. ###
(b)Procedures Not later than 180 days after the date of the enactment of this Act, the Secretary of Defense shall establish and submit to the congressional defense committees procedures for complying with the requirement of subsection (a). Such procedures shall be consistent with the national security of the United States, the protection of operational integrity, the protection of personally identifiable information of civilian and uniformed members of the Armed Forces, and the protection of controlled unclassified information. ###
(c)Definitions In this section: ####
(1)Significant loss of controlled unclassified information The term “significant loss of controlled unclassified information” means an intentional, accidental, or otherwise known theft, loss, or disclosure of Department of Defense programmatic or technical controlled unclassified information the loss of which would have significant impact or consequence to a program or mission of the Department of Defense, or the loss of which is of substantial volume. ####
(2)Significant loss of personally identifiable information The term “significant loss of personally identifiable information” means an intentional, accidental, or otherwise known disclosure of information that can be used to distinguish or trace an individual’s identity, such as the name, Social Security number, date and place of birth, biometric records, home or other phone numbers, or other demographic, personnel, medical, or financial information, involving 250 or more civilian or uniformed members of the Armed Forces.
Connectionstraces to 1
Citation graph
cites case law
Sec. 1639
PROCEDURES AND REPORTING REQUIREMENT ON CYBERSECURITY BREACHES AND LOSS OF PERSONALLY IDENTIFIABLE INFORMATION AND CONTROLLED UNCLASSIFIED INFORMATION
U.S.C.§ 2224
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.