Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · U.S. Code · Title 50 - WAR AND NATIONAL DEFENSE · CHAPTER 45— MISCELLANEOUS INTELLIGENCE COMMUNITY AUTHORITIES · SUBCHAPTER I— BUDGET AND OVERSIGHT · § 3316a

§ 3316a. Reports on intelligence community participation in vulnerabilities equities process of Federal Government

661 words·~3 min read·/usc/title-50/section-3316a

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

(a)Definitions In this section:
(1)Vulnerabilities Equities Policy and Process document The term “Vulnerabilities Equities Policy and Process document” means the executive branch document entitled “Vulnerabilities Equities Policy and Process” dated November 15, 2017.
(2)Vulnerabilities Equities Process The term “Vulnerabilities Equities Process” means the interagency review of vulnerabilities, pursuant to the Vulnerabilities Equities Policy and Process document or any successor document.
(3)Vulnerability The term “vulnerability” means a weakness in an information system or its components (for example, system security procedures, hardware design, and internal controls) that could be exploited or could affect confidentiality, integrity, or availability of information.
(b)Reports on process and criteria under Vulnerabilities Equities Policy and Process
(1)In general Not later than 90 days after December 20, 2019, the Director of National Intelligence shall submit to the congressional intelligence committees a written report describing—
(A)with respect to each element of the intelligence community—
(i)the title of the official or officials responsible for determining whether, pursuant to criteria contained in the Vulnerabilities Equities Policy and Process document or any successor document, a vulnerability must be submitted for review under the Vulnerabilities Equities Process; and
(ii)the process used by such element to make such determination; and
(B)the roles or responsibilities of that element during a review of a vulnerability submitted to the Vulnerabilities Equities Process.
(2)Changes to process or criteria Not later than 30 days after any significant change is made to the process and criteria used by any element of the intelligence community for determining whether to submit a vulnerability for review under the Vulnerabilities Equities Process, such element shall submit to the congressional intelligence committees a report describing such change.
(3)Form of reports Each report submitted under this subsection shall be submitted in unclassified form, but may include a classified annex.
(c)Annual reports
(1)In general Not less frequently than once each calendar year, the Director of National Intelligence shall submit to the congressional intelligence committees a classified report containing, with respect to the previous year—
(A)the number of vulnerabilities submitted for review under the Vulnerabilities Equities Process;
(B)the number of vulnerabilities described in subparagraph
(A)disclosed to each vendor responsible for correcting the vulnerability, or to the public, pursuant to the Vulnerabilities Equities Process; and
(C)the aggregate number, by category, of the vulnerabilities excluded from review under the Vulnerabilities Equities Process, as described in paragraph 5.4 of the Vulnerabilities Equities Policy and Process document.
(2)Unclassified information Each report submitted under paragraph
(1)shall include an unclassified appendix that contains—
(A)the aggregate number of vulnerabilities disclosed to vendors or the public pursuant to the Vulnerabilities Equities Process; and
(B)the aggregate number of vulnerabilities disclosed to vendors or the public pursuant to the Vulnerabilities Equities Process known to have been patched.
(3)Nonduplication The Director of National Intelligence may forgo submission of an annual report required under this subsection for a calendar year, if the Director notifies the intelligence committees in writing that, with respect to the same calendar year, an annual report required by paragraph 4.3 of the Vulnerabilities Equities Policy and Process document already has been submitted to Congress, and such annual report contains the information that would otherwise be required to be included in an annual report under this subsection.
(4)Publication The Director of National Intelligence shall make available to the public each unclassified appendix submitted with a report under paragraph
(1)pursuant to paragraph (2).
(Pub. L. 116–92, div. E, title LXVII, § 6720, Dec. 20, 2019, 133 Stat. 2230; Pub. L. 117–103, div. X, title III, § 307, Mar. 15, 2022, 136 Stat. 966.)
Connections8 cite this · traces to 3
Cited by 8 sections
2 references not yet in our index
  • 133 Stat. 2230
  • 136 Stat. 966
Citation graph
cites case law
§ 3316a
Reports on intelligence community participation in vulnerabilities equities process of Federal Government
Bills×3
Pub. L.×2
Stat.×2
Stat. Comp.×1
Pub. L.Public Law 116-92
Pub. L.Public Law 117-103
U.S.C.§ 3003
Stat.133 Stat. 2230
Stat.136 Stat. 966
Cites 5Cited by 8 across 4 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.