SlideShare uma empresa Scribd logo

CISPA-complete draft.

DailyHostNews
DailyHostNews

CISPA-complete draft.

1 de 50
Baixar para ler offline
112th CONGRESS 2d Session } HOUSE OF REPRESENTATIVES f REPORT 112- PROVIDING FOR CONSIDERATION OF THE BILL (H.R. 3523) TO PROVIDE FOR THE SHARING OF CERTAIN CYBER THREAT INTELLIGENCE AND CYBER THREAT INFORMATION BETWEEN THE INTELLIGENCE COMMUNITY AND CYBERSECURITY ENTITIES, AND FOR OTHER PURPOSES; PROVIDING FOR CONSIDERATION OF MOTIONS TO SUSPEND THE RULES; PROVIDING FOR CONSIDERATION OF THE BILL (H.R. 4628) TO EXTEND STUDENT LOAN INTEREST RATES FOR UNDERGRADUATE FEDERAL DIRECT STAFFORD LOANS; AND FOR OTHER PURPOSES April25, 2012.-Referred to the House Calendar and ordered to be printed. MR. NUGENT, from the Committee on Rules, submitted the following REPORT [To accompany H. Res._j The Committee on Rules, having had under consideration House Resolution__ , by a nonrecord vote, report the same to the House with the recommendation that the resolution be adopted. SUMMARY OF PROVISIONS OF THE RESOLUTION The resolution provides for consideration of H.R. 3523, the Cyber Intelligence Sharing and Protection Act of 2011, under a structured rule. The resolution provides one hour of general debate equally divided and controlled by the chair and ranking minority member of the Permanent Select Committee on Intelligence. The resolution waives all points of order against consideration of the bill. The resolution makes in order as original text for purpose of amendment the amendment in the nature of a substitute consisting of the text of Rules Committee Print 112-20 and provides that it shall be considered as read. The resolution waives all points of order against the amendment in the nature of a substitute. The resolution makes in order only those amendments printed in this report. Each such amendment may be offered only in the order printed in this report, may be offered only by a Member designated in this report, shall be considered as read, shall be debatable for the time specified in this report equally divided and controlled
by the proponent and an opponent, shall not be subject to amendment, and shall not be subject to a demand for division of the question in the House or in the Committee of the Whole. The resolution waives all points of order against the amendments printed in this report. The resolution provides one motion to recommit with or without instructions. Section 2 of the resolution provides that it shall be in order at any time through the legislative day of April 27, 2012, for the Speaker to entertain motions that the House suspend the rules, as though under clause 1 of rule XV, relating to the following measures: H.R. 2096, the Cybersecurity Enhancement Act of 2011; H.R. 3834, the Advancing America's Networking and Information Technology Research and Development Act of 2012; and H.R. 4257, the Federal Information Security Amendments Act of 2012. Section 3 of the resolution provides for consideration of H.R. 4628, the Interest Rate Reduction Act, under a closed rule. The resolution provides one hour of debate equally divided and controlled by the chair and ranking minority member of the Committee on Education and the Workforce. The resolution waives all points of order against consideration of the bill and provides that it shall be considered as read. The resolution waives all points of order against provisions in the bill. The resolution provides one motion to recommit. Section 4 of the resolution provides that the Committee on Appropriations may, at any time before 6 p.m. on Wednesday, May 2, 2012, file privileged reports to accompany measures making appropriations for the fiscal year ending September 30, 2013. EXPLANATION OF WAIVERS The waiver of all points .of order against consideration of H.R. 3523 includes a waiver of clause 3(c)(4) of rule XIII, which requires a statement of general performance goals and objectives. The report filed by the Permanent Select Committee on Intelligence did not adequately fulfill this requirement. Although the resolution waives all points of order against the amendment in the nature of a substitute to H.R. 3523 made in order as original text, the Committee is not aware of any points of order. The waiver is prophylactic in nature. Although the resolution waives all points of order against the amendments printed in this report, the Committee is not aware of any points of order. The waiver is prophylactic in nature. The waiver of all points of order against consideration ofH.R. 4628 includes a waiver of clause 10 of rule XXI, prohibiting the consideration of a measure if the provisions of such measure have the net effect of increasing mandatory spending for the period of either the first five-year or ten-year period. While it is expected that H.R. 4628 would be in violation of the rule over the first five-year period, it is expected to have a net decrease in mandatory spending over the ten-year period. The waiver of all points of order against consideration of H.R. 4628 also includes a waiver of section 302(f) of the Congressional Budget Act of 1974, prohibiting the consideration of a measure which causes the applicable allocation of new budget authority under subsections 302(a) or (b) to be exceeded.
IfH.R. 4628 is considered before Friday, April27, 2012~ the waiver of all points of order will include a waiver of clause 11 of rule XXI, prohibiting the consideration of an unreported bill or joint resolution until the third calendar day on which it has been available. Although the resolution waives all points of order against provisions in the H.R. 4628, the Committee is not aware of any points of order. The waiver is prophylactic in nature.
SUMMARY OF THE AMENDMENTS TO H.R. 3523 MADE IN ORDER 1. Langevin (RI), Lungren (CA): Would expand eligibility to participate in the voluntary information sharing program created in the bill to include critical infrastructure owners and operators, which allows entities that are not entirely privately owned, such as airports, utilities, and public transit systems, to receive vital cybersecurity information and better secure their networks against cyber threats. (10 minutes) 2. Conyers (Ml): Would strike the exemption from criminal liability, strike the civil liability exemption for decisions made based upon cyber threat information identified, obtained, or shared under the bill, and ensure that those who negligently cause injury through the use of cybersecurity systems or the sharing of information are not exempt from potential civil liability. (10 minutes) 3. Pompeo (KS): Would make clear in the bill's liability provision that the reference to the use of cybersecurity systems is the use of such systems to identify and obtain cyber threat information. (10 minutes) 4. Rogers, Mike (MI), Ruppersberger (MD), Issa (CA), Langevin (RI): Would make clear that regulatory information already required to be provided remains FOIAable under current law. (10 minutes) 5. Jackson Lee (TX): Would authorize the Secretary to intercept and deploy countermeasure with regard to system traffic for cybersecurity purposes in effect identification of cybersecurity risks to federal systems. (10 minutes) 6. Quayle (AZ), Eshoo (CA), Thompson, Mike (CA), Broun (GA): Would limit government use of shared cyber threat information to only 5 purposes: 1) cybersecurity; 2) investigation and prosecution of cybersecurity crimes; 3) protection of individuals from the danger of death or physical injury; 4) protection of minors from physical or psychological harm; and 5) protection of the national security of the United States. (10 minutes) 7. Amash (MI), Labrador (ID), Paul (TX), Nadler (NY), Polis (CO): Would prohibit the federal government from using, inter alia, library records, firearms sales records, and tax returns that it receives from private entities under CISPA. (10 minutes) 8. Mulvaney (SC), Dicks (WA): Would provide clear authority to the government to create reasonable procedures to protect privacy and civil liberties, consistent with the need of the government to protect federal systems and cybersecurity. Would also prohibit the federal government from retaining or using information shared pursuant to paragraph (b)(1) for anything other than a use permitted under paragraph (cX1). (10 minutes) 9. Flake, Jeff(AZ): Would add a requirement to include a list of all federal agencies receiving information shared with the government in the report by the Inspector General ofthe Intelligence Community required under the legislation. (10 minutes) 10. Richardson (CA): Would make explicit that nothing in the legislation would prohibit a department or agency of the federal government from providing cyber threat information to owners and operators of critical
infrastructure. (10 minutes) 11. Pompeo (KS): Would clarify that nothing in the bill would alter existing authorities or provide new authority to any federal agency, including DOD, NSA, DHS or the Intelligence Community to install, employ, or otherwise use cybersecurity systems on private sector networks. (10 minutes) 12. Woodall (GA): Would ensure that those who choose not to participate in the voluntary program authorized by this bill are not subject to new liabilities. (10 minutes) 13. Goodlatte (VA): Would narrow definitions in the bill regarding what information may be identified, obtained, and shared. (10 minutes) 14. Turner (OH): Would make a technical correction to definitions in Section 2 (g) to provide consistency with other cyber security policies within the Executive branch and the Department of Defense. (10 minutes) 15. Mulvaney (SC): Would sunset the provisions of the bill five years after the date of enactment. (10 minutes) 16. Paulsen (MN): Would encourage international cooperation on cyber security where feasible. (10 minutes)
TEXT OF AMENDMENTS TO H.R. 3523 MADE IN ORDER
1. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE LANGEVIN OF RHODE ISLAND OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
F:M12LANGE AMENDMENT TO THE RULES Co:MMITmE PRINT OF H.R. 3523 OFFERED BY MR. LANGEVIN OF RHODE ISLAND Page 1, line 13, strike "UTILITIES" and insert "CRITICAL INFRASTRUCTURE OWNERS AND OPERA- TORS". Page 2, line 1, strike "utilities" and insert "critical infrastructure owners and operators''. Page 3, line 13, strike "utility" and insert "critical infrastructure owner or operator". Page 3, line 16, strike "utility" each place it ap- pears and insert "critical infrastructure owner or oper- a tor". Page 17, strike lines 12 through 16. f:VHLC042412042412.002.xml (52395012) April24, 2012 (9:15a.m.)
2. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE CONYERS JR. OF MICHIGAN OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
F:PKBINT112 AME ....TT'Io.........-r.oNT TO THE RULES COMMITTEE P / OF H.R. 3523 OFFERED BY M.r_. Cnn3.£f"'S Page 8, beginning on line 11 strike "or criminal". Page 8, strike lines 17 through 23 and insert the following: "good faith for using cybersecurity systems or sharing information in accordance with this section un- less such protected entity, self-protected entity, cyber se- curity provider, or an officer, agent, or employee of a cyber security provider negligently shares information ob- tained in accordance with this section, and that neg- ligence proximately causes injury.". f:VHLC042412042412.622.xml (52371012) April 24, 2012 (5:45 p.m.)
3. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE POMPEO OF KANSAS OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
------ F'PKBUNT112H3523PLR-~ -------- T TO TSE RULES COMMITTEE PRINT OF H.R. 35' 3 2 OFFERED BY M 12.. Pc ge . , heg-inuiuo· n li n l l strike "<H' sharing in- form tion" and in. rt "to id -nti :, or obtain •b ;> r thr at inf'o rmnt ion OJ' for sharin(J' .·uch information" . 1VHLC042412104241 2 .375.xml - : (52357214) April24, 2012 (2:25p.m.)
4. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE ROGERS OF MICHIGAN OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
AMENDMENT TO THE RULES COMMITrEKJlRINT OF H.R. 3523 Page 9, beginning on line 2, strike "affect any" and insert ''affect-". Page 9, strike lines 3 through 5 and insert the fol- lowing: 1 ''(A) any requirement under any other pro- 2 vision of law for a person or entity to provide 3 information to the Federal Government; or 4 "(B) the applicability of other provisions of 5 law, including section 552 of title 5, United 6 States Code (commonly known as the 'Freedom 7 of Information Act'), with respect to informa- 8 tion required to be provided to the Federal Gov- 9 ernment under such other provision of law. f:VHLC042412042412 .149.xml (52359012) April24, 2012 (11 :32 a.m.)
5. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE JACKSON LEE OF TEXAS OR HER DESIGNEE, DEBATABLE FOR lOMINUTES
NDMENT TO THE RULES COMMITTEE PRINT OF H.R. 3523 OFFERED BY Ms. JACKSON LEE OF TEXAS Page 9, after line 5, insert the following: 1 "(c) CYBERSECURITY OPERATIONAL ACTIVITY.- 2 "(1) IN GENERAL.-ln receiving· information 3 authorized to be shared with the Federal Govern- 4 ment under this section, the Secretary of Homeland 5 Security is authorized, notwithstanding any other 6 provision of law, to acquire, intercept, retain, use, 7 and disclose communications and other system traf- 8 fie that are transiting to or from or stored on Fed- 9 eral systems and to deploy countermeasures with re- 10 gard to such communications and system traffic for 11 cybersecurity purposes provided that the Secretary 12 certifies that- 13 ''(A) such acquisitions, interceptions, and 14 countermeasures are reasonable necessary for 15 the purpose of protection Federal systems from 16 cybersecurity threats; 17 "(B) the content of communications will be 18 collected and retained only when the commu- 19 nication is associated with known or reasonably f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
F:Ml2JACKSOJACKS0_375.XML 2 1 suspected cybersecurity threat, and communica- 2 tions and system traffic will not be subject to 3 the operation of a countermeasure unless asso- 4 ciated with such threats; 5 "(C) information obtained pursuant to ac- 6 tivities authorized under this subsection will 7 only be retained, used or disclosed to protect 8 Federal systems from cybersecurity threats, 9 mitigate against such threats, or, with the ap- 10 proval of the Attorney General, for law enforce- 11 ment purposes when the information is evidence 12 of a crime which has been, is being, or is about 13 to be committed; and 14 ''(D) notice has been provided to users of 15 Federal systems concerning· the potential for ac- 16 quisition, interception, retention, use, and dis- 17 closure of communications and other system 18 traffic. 19 "(2) CONTRACTS.- The Secretary may enter 20 into contracts or other agreements, or otherwise re- 21 quest and obtain the assistance of, private entities 22 that provide electronic communication or 23 cybersecurity services to acquire, intercept, retain, 24 use, and disclose communications and other system 25 traffic consistent with paragraph (1). f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
F:M12JACKSOJACKS0_375.XML 3 1 "(3) PRIVILEGED COMJ'vlUNICATIONS.-No oth- 2 erwise privileged communication obtained in accord- 3 ance with, or in violation of, this section shall lose 4 its privileged character. 5 " (4) POLICIES AND PROCEDURES.- The Sec- 6 retary of Homeland Security shall establish policies 7 and procedures that- 8 ''(A) minimize the impact on privacy and 9 civil liberties, consistent with the need to pro- 10 teet Federal systems and critical information 11 infrastructure from cybersecurity threats and 12 mitigate cybersecurity threats; 13 "(B) reasonably limit the acquisition, 14 interception, retention, use, and disclosure of 15 communications, records, system traffic, or 16 other information associated with specific per- 17 sons consistent with the need to carry out the 18 responsibilities of this section, including· estab- 19 lishing a process for the timely destruction on 20 recognition of communications, records, system 21 traffic, or other information that is acquired or 22 intercepted pursuant to this section that does 23 not reasonably appear to be related to pro- 24 tecting Federal systems and critical information f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
F:Ml2VACKSOVACKS0_375.XML 4 1 infrastructure from cybersecurity threats and 2 mitigating cybersecurity threats; 3 "(C) include requirements to safeguard 4 communications, records, system traffic, or 5 other information that can be used to identify 6 specific persons from unauthorized access or ac- 7 quisition; and 8 "(D) protect the confidentiality of dis- 9 closed communications, records, system traffic, 10 or other information associated with specific 11 persons to the greatest extent practicable and 12 require recipients of such information to be in- 13 formed that the communications, records, sys- 14 tem traffic, or other information disclosed may 15 only be used for protecting information systems 16 against cybersecurity threats, mitigating 17 against cybersecurity threats, or law enforce- 18 ment purposes when the information is evidence 19 of a crime that has been, is being, or is about 20 to be committed, as specified by the Secretary. Page 14, after line 24, insert the following: 21 "(2) COUNTERMEASURE.-The term 'counter- 22 measure' means an automated action with defensive 23 intent to modify or block data packets associated 24 with electronic or wire communications, internet f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
F:Ml2JACKS0JACKS0_375.XML 5 1 traffic program od , or oth r ystem tr ffic 2 transiting to or from or stored on an information 3 ystem to counteract a yb r ecm'ity threat." . f:VHLC042412042412,370.xml (52420211) April24, 2012 (2:19p.m.)
6. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE QUAYLE OF ARIZONA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
AMENDMENT TO THE RULES COMMITTEE PRINT OF H.R. 3523 OFFERED BY M(l. . - . ll -___;_----1- lowing: 1 "(1) LIMITATION.-The Federal Government 2 may use cyber threat information shared with the 3 Federal Government in accordance with subsection 4 (b)- 5 ''(A) for cybersecurity purposes; 6 "(B) for the investigation and prosecution 7 of cybersecurity crimes; 8 '' (C) for the protection of individuals from 9 the danger of death or serious bodily harm and 10 the investigation and prosecution of crimes in- 11 volving such danger of death or serious bodily 12 harm; 13 "(D) for the protection of nunors from 14 child pornography, any risk of se},.llal ex:ploi- 15 tation, and serious threats to the physical safe- 16 ty of such minor, including kidnapping and 17 trafficking and the investigation and prosecu- 18 tion of crimes involving child pornography, any f:VHLC042412042412.144.xml (52351312) April 24, 2012 (11 :30 a.m.)
F:PKBIN'I112H3523FLR-FED-USE_OOI .X:ML 2 1 r1 k of A al 'll :A -ploitation, aud s ·non.· tlu·eat. 2 to the 1 hysi a! saf .t-y of minors, in luding kid- 3 napping an 1 tr affickiJtg and an. r r im refen d 4 to in 225 J (a)(2) f t itl 1 , nit d 5 Co 1e; or 6 "(E) ·o } ote t th na.tioual ecurjty of t h lr 7 United ates. a · 16 b fm e lin 1 in 'ert th following: 8 l'13ER E URIT RiliiE. -rrhe tern 9 ' yb r ecurity m·ime' means- 10 ''(A) a crim uud r a ~ ed -ral or tate law 11 tha m olve - 12 '' (i) effort o deoTacle, disrupt, or de- 13 stro. a ystem or network; 14 "(ii) e 'fort. to gain nnat tl 01 iz cl a - 15 cess o a s. stem or 11 ~"' ork; or 16 '(iii) efforts to exfiltra e il forn ation 17 from a sy·tcm or net ork 1.tho It autho r- 18 izati n·I or 19 "(B) the ,rjolation of a 1 rovisiou of Fed ral 20 .law relatiu · to omputer rimes, in luding a 21 violation of a n. prov1S10n of title 1 nit d 22 om- f:VH LC042412042412: 144,xml (52351312) April 24, 2012 (11 :30 a.m.)
F:PKBIN1112H3523FLR-FED-USE_OOI.XML 3 1 puter Fraud and Abuse Act of 1986 (Public 2 Law 99-474).". f:VHLC042412042412.144.xml (52351312) April 24, 2012 (11 :30 a.m.)
7. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE AMASH OF MICHIGAN OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
- AMENDMEN-F-'TO THE RULES COMMITTEE ~.1.-...rrfl -~--- OF H.R. 3523 OFFERED BY MR. AMAsH OF MICHIGAN Page 10, after line 10, insert the following new paragraph: 1 " ( 4) PROTECTION OF SENSITIVE PERSONAL 2 DOCUMENTS.-The Federal Government may not 3 use the following information, containing informa- 4 tion that identifies a person, shared with the Federal 5 Government in accordance with subsection (b): 6 "(A) Library circulation records. 7 "(B) Library patron lists. 8 " (C) Book sales records. 9 "(D) Book customer lists. 10 "(E) Firearms sales records. 11 "(F) Tax return records. 12 "(G) Educational records. 13 "(H) Medical records. f:VHLC042412042412.478.xml (52412014) April24, 2012 (3:56p.m.)
8. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE MULVANEY OF SOUTH CAROLINA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
F:PKBfNT112H3523FLR":~nN-RET-USE_OOI.XML _.... .AMENDMENTTO THE RULES COMMITTEE PRINT ..- Page 10, after line 10 insert the following: 1 "(4) NOTIFICATION' OF N'ON'-CYBER THREAT TN'- 2 FORl1ATTO~.-If a department or agency of the Fed- 3 eral Government receiving information pursuant to 4 . subsection (b)(]) determines that such information 5 is not cyber threat information, such department or 6 agency shall notify the entity or provider sharing 7 such information pursuant to subsection (b)(1). 8 " ( 5) RwrEN'TION AN'D USE OJ<, CYT-3ER THHEAT 9 J~rpoRMATHH.-No department or agency of the 10 Federal Government shall retain or use information 11 shared pursuant to subsection (b)(1) for any use 12 other than a use permitted under subsection (c)(1). 13 "(6) PROTECTTO~ OF TNDT'TDUATj T~'FORMA- 14 TTO:' .-The Federal Government may, consistent 15 Yrith the need to protect Federal systems and critical 16 information infrastn1cture from cybersecurity 17 threats and to mitigate such threats, undertake rea- 18 sonable efforts to limit the impact on privacy and 19 civil liberties of the sharing of cyber threat informa- f:VHLC042412042412 .352.xml (52413712) April 24, 2012 (2:02 p.m.)
F:PKBTNl112113523FLR-MlN-RET-USE_OO 1.XML 2 1 tion with the Fedei'HI GoYemment. pnrsuant. to this 2 ~uhsection. P~1ge 1 ~~ . after l·i11e 1:-3, im;ert t.he following: 3 "( 4) U:-;E ,:'1) HE'l'Ei'TTO:' OF f NFORi l i1'10~. - 4 Nothing in this seetion shall be constmecl to author- S iz.e, or to mocli(v any existing author·ity of, a clepart- 6 ment 01· agency of the F edel'al Government to retain 7 01· nsc information shared pursuant to subsecti o11 8 (b)(l) fm· any use oiher ihau a usc pe11nitled under 9 sui>S<'<'t.ion (c)( 1).". f:VHLC0424 12042412.352.xml (524 13712) April24, 2012 (2:02p.m.)
9. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE FLAKE OF ARIZONA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
F:Ml2FLAKEFLAKE_214'JCMb #~- O:FFJQJJEQ llY MB. ~-OF ARizONA Page 12, after line 18, insert the following new sub- paragraph: 1 "(E) a list of the department o1· agency re- 2 ceiving such information; I:VHL0042012042012.325.xml (52345616) April20, 2012 (5:15p.m.)
10. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE RICHARDSON OF CALIFORNIA OR HER DESIGNEE, DEBATABLE FOR 10 MINUTES
F: MJ2~4. AMENDMENT TO THE RULES COMMI1"l'EE ..- PRJNP QF H.R. 3323 0FFEREn BY Ms. RICHARDSON OF CALIFORNIA P ag 14, after line , ins rt the following new sub- paragTaph: 11 1 ( ) prohibit a d :partment or a · ncy o£ 2 the Federal Government from providing cyber 3 threat informc tion to owners and op rator of 4 cdtical infrastructur · 1:VHLC04·2312042312.037.xml (52362612) Ap ril 23, 2012 (1 0:42 a.m.)
11. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE POMPEO OF KANSAS OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
HE RULES COMMITTEE PRINT OF H.R. 3523 OFFERED BY M~. PoMfeo Page 14, after line 13, insert the following: "( 4) J_;Il'IITATIOK 0:' F'EDERAI1 GOVERNlTEKT 2 nm OF CYBERSECI;RITY SYSTEMS.-Nothing in this 3 section shall be construed to provide additional au- 4 thority to, or modify an existing authority of, any 5 entity to use a cybersecurity system .mvned or con- 6 trolled by the Federal Government on a private-sec- 7 tor system or network to protect such private-sector 8 system or netvi'Ork.". f:VHLC042412042412.282 .xml {52349812) April 24, 2012 (1 :05 p.m.)
12. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE WOODALL OF GEORGIA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
- -- ----- AMENDMENT- TO -THE RULES COMMI'ITEE PRINT . - OF H.R. 3523 OFFERED BY MR. WOODALL OF GEORGIA Page 14, after line 13 insert the following: 1 ' (4) N L ILITY F 1 N-PARTI IP '1'1 I .- 2 Nothing in thi. ction hall be con tru ct t ubject 3 protected ntity self-protected ntity cy er cu- 4 rity rovid r or an officer, employ , or ag nt of a 5 I rotccted entity, lf-prote ted ntit , r yber ·e u- 6 rity provider, to liability for hoo in · not to enoag 7 in the voluntary a tivities au horiz d under thi 8 1 n. f:VHLC042012042012.066.xml (5233361 3) April 20, 2012 (10:52 a.m.)
13. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE GOODLATTE OF VIRGINIA OR HIS DESIGNEE, DEBATABLE FOR lOMINUTES
~ULES COMMITTEE PR- OF H.R. 3523 OFFERED BY Mt2.. ~ Page 14, after line 14 insert the follmving: 1 "(1) AvAILABILI'rY.-The term 'availability' 2 means ensuring timely and reliable access to and use 3 of information. Page 15, strilm lines 1 through 25 and insert the following: 4 "(2) CoN:F'IDENTIALITY.-The term 'confiden- 5 tiality' means preserving authorized restrictions on 6 access and disclosure, including means for protecting 7 personal privacy and proprietary information. 8 "(3) CYBER THREAT 11TFORMATION.- 9 "(A) IN GENERAL.-The term 'cyber 10 threat information' means information directly 11 pertaining to- 12 "(i) a vulnerability of a system or net- 13 work of a government or private entity; 14 "(ii) a threat to the integrity, con- 15 fidentiality, or availability of a system or 16 network of a government or private entity f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
F:PKBINT112H3523FLR-CYBER-DEFS_OOl.XML 2 1 or any information stored on, processed on, 2 or transiting such a system or network; 3 "(iii) efforts to degrade, disrupt, or 4 destroy a system or network of a govern- 5 ment or private entity; or 6 "(iv) efforts to gain unauthorized ac- 7 cess to a system or network of a govern- 8 ment or private entity, including to gain 9 such unauthorized access for the purpose 10 of exfiltrating information stored on, proc- 11 essed on, or transiting a system or network 12 of a government or private entity. 13 "(B) EXCLUSION.- Such term does not 14 include information pertaining to efforts to gain 15 unauthorized access to a system or network of 16 a govenm1ent or private entity that solely in- 17 volve violations of consumer terms of service or 18 consumer licensing agreements and do not oth- 19 erwise constitute unauthorized access. 20 "( 4) CYBER 'fHREAT INTELLIGENCE.- 21 "(A) IN GEl"'ERAL.-The term 'cyber 22 threat intelligence' means intelligence in the 23 possession of an element of the intelligence 24 community directly pertaining to- f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
F:PKBINT112H3523FLR-CYBER-DEFS_OO l.XML 3 1 "(i) a vulnerability of a system or net- 2 ·work of a government or private entity; 3 "(ii) a threat tb the integrity, con- 4 fidentiality, or availability of a system or 5 net,.vork of a government or private entity 6 or any information stored on, processed on, 7 or transiting such a system or network; 8 "(iii) efforts to degrade, disrupt, or 9 destroy a system or network of a govern- 10 mentor private entity; or 11 "(iv) efforts to gain unauthorized ac- 12 cess to a system or network of a govern- 13 ment or private entity, including to gain 14 such unauthorized access for the purpose 15 of exfiltrating information stored on, proc- 16 essed on, or transiting a system or network 17 of a g·overnment or private entity. - 18 "(B) ExcLusroN . - Such term does not 19 include intelligence pertaining to efforts to gain 20 unauthorized access to a system or network of 21 a govenm1ent or private entity that solely in- 22 volve violations of consumer terms of service or 23 consumer licensing agreements and do not oth- 24 e:rwise constitute unauthorized access. f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
F:PKBIN1112H3523FLR-CYBER-DEFS_OO l.XML 4 I ag • J 6, ·trike ln1c 5 and all h a follow. thr ngh pag 17 li11e 2, and insert the fo U 10': owi1 1 cc ( 5) YBERSE IUT PURP E.- 2 I , 'Er-..TER.AL.-The term 3 b 1·s m·ity puq' s ' m ans t he purpo of 4 ensuring the int grity, conf iclentiality, or ava il- 5 abilit. of, or safe 11ardi.J · e: •• r em 1· 11 tv r k, 6 il1 u ding prot ting a m or n tvork 7 fr011 - 8 9 10 "(ii) a tlu~ at t th integTit.r' ·on- 11 fi entia lity or av ila ility of a y tern or 12 netvork or any inf rmation tor l on, 13 pro •esscd n 01· transit i:n · . n 1 a sy · en 14 or 11 t ork; 15 1 (iii) ff rts l oTa l di rup or 16 17 "Uv) ff rt. t ain una 1thorized ac- 18 c to a s. t m r n · ~' ork, in luding to 19 ·< in such unauth riz d a ·ss for th pm·- 20 po of "x.tutrating inform ti n . tor d on, 21 pr es d on, or trausiti.J1 · a r 22 network. f:VHLC042412042412.331.xml (523501 1 3) April24, 2012 (1:43 p.m.)
F:PKBINT112H3523FLR-CYBER-DEFS_OO l.XML 5 1 ''(B) ExcLUSION.- Such term does not 2 include the puq)ose of protecting a system or 3 network from efforts to gain unauthorized ac- 4 cess to such system or network that solely in- 5 volve violations of consumer terms of service or 6 consumer licensing agreements and do not oth- 7 erwise constitute unauthorized access. 8 "(6) CYBERSECURITY SYSTEM.- 9 "(A) IN GE:r--.TERAL.-The term 10 'cybersecurity system' means a system designed 11 or employed to ensure the integTity, confiden- 12 tiality, or availability of, or safeguard, a system 13 or netvvork, including protecting a system or 14 network from- 15 "(i) a vulnerability of a system or net- 16 work· ' 17 "(ii) a threat to the integrity, con- 18 fidentiality, or availability of a system or 19 network or any information stored on, 20 processed on, or transiting such a system 21 or network· ' 22 "(iii) efforts to degrade, disrupt, or 23 destroy a system or netvvork; or 24 "(iv) efforts to gain unauthorized ac- 25 cess to a system or network, including to f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
F:PKBINT112H3523FLR-CYBER-DEFS_OOl.XML 1 2 po ' of ex.5ltrC~ting inf rmatiou s red on 3 proc '. s d n ' or tran itino· a b , tcm or 4 net vork 5 ' ( ) Ex r-' n b erm doc · not 6 in lud a sy 't m design d or n plo. d t pro- 7 •c a r n twork from effort to oam 8 .m auth rize] ace ·t .·u h ) , en or network 9 that ol ly invo1v violation.· of •ou. un cr terms 10 of . crvi e r ou um r li u, in · a.oTe mer ts and 11 d n t th rwis c(mstitute unauthoriz d a ces . Pag 17, after lin 2 il1 ert t.h following: 12 "(7) Ir'rEGI ITY.-Th • tern integrit. ' m an. 13 ouarding ao-ainR im] TO] r infor11 ation moclifi ation 14 or c1 tru tion, includino· en uring information non- 15 repudiation and autheu i ity. I:VHLC042412042412.331.xml (52360113) April24, 2012 (1:43 p.m.)
14. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE TURNER OF OHIO OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
F:Ml2TURNERTURNER_090.XML - AMEND~:NT-TO -n.ULEs COMMITI'EE PRINT OF R.R. 8523 OFFERED BY MR. TURNED. oF Omo Pa ·e 15, line 7 insert d ny ace s to or" b for 'deoTc de". age 5, ill e 20 in ert 'den: , cce to or" b fo r "degrade" . Pag l 6, line 10, insert "deny acces · to or" before 'degrad ' . P age 16, line 21 h sert Hd n access to or' before 'c1 grad ' 1:VHLC042012042012.067 .xml (52340211) April 20, 2012 (1 0:53a.m.)
15. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE MULVANEY OF SOUTH CAROLINA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
AMENDMENT TO THE RULES COMMITTE:E PRINT ~ OF H.R. 3523 OFFERED BY MR. MULVANEY OF SOUTH CAROLINA At the end of the bill, add the following· new section: 1 SEC. 3. SUNSET. 2 Effective on the date that is five years after the date 3 of the enactment of this Act- 4 (1) section 1104 of the National Security Act of 5 19 4 7, as added by section 2 (a) of this Act, is re- 6 pealed; and 7 (2) the table of contents in the first section of 8 the National Security Act of 1947, as amended by 9 section 2(d) of this Act, is amended by striking the 10 item relating to section 1104, as added by such sec- 11 tion 2(d). f:VHLC042412042412.418 .xml (52423811) April 24, 2012 (3:03p.m.)
16. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE PAULSEN OF MINNESOTA OR HIS DESIGNEE, DEBATABLE FOR lOMINUTES
F:M12PAULSEPAULSE_066.XML -·AMENDMENT TO THE RULES CoMMITTEE PRINT . OF H.R. 3523 OFFERED BY MR. PAULSEN OF MINNESOTA At the end of the bill, add the following new section: 1 SEC. 3. INTERNATIONAL COOPERATION. 2 International cooperation with regard to 3 cybersecurity should be encouraged wherever possible 4 under this Act and the amendments made by this Act. f:VHLC041912041912.457.xml (52337711} April19, 2012 (5:38p.m.)

Recomendados

Senate COVID-19 spending bill and more
Senate COVID-19 spending bill and moreSenate COVID-19 spending bill and more
Senate COVID-19 spending bill and more
EducationNC
 
Senate spending bill after appropriations committee
Senate spending bill after appropriations committeeSenate spending bill after appropriations committee
Senate spending bill after appropriations committee
EducationNC
 
Latest ildmhfy2012mh blockgrant
Latest ildmhfy2012mh blockgrantLatest ildmhfy2012mh blockgrant
Latest ildmhfy2012mh blockgrant
Comprehensive Clinical Services, P.C.
 
JUSTICE Act of 2009
JUSTICE Act of 2009JUSTICE Act of 2009
JUSTICE Act of 2009
Aaron Brazell
 
2015 amendments to the manual for courts martial eo13696
2015 amendments to the manual for courts martial eo136962015 amendments to the manual for courts martial eo13696
2015 amendments to the manual for courts martial eo13696
RepentSinner
 
28-0019 Election Reform Law of 2009
28-0019 Election Reform Law of 200928-0019 Election Reform Law of 2009
28-0019 Election Reform Law of 2009
Genevieve Whitaker
 
Ut hb-164
Ut hb-164Ut hb-164
Ut hb-164
American Lands Council
 
111cyber law sectins cases.docx new
111cyber law sectins cases.docx new111cyber law sectins cases.docx new
111cyber law sectins cases.docx new
Avinash Tegginmani
 

Recomendados

Senate COVID-19 spending bill and more
Senate COVID-19 spending bill and moreSenate COVID-19 spending bill and more
Senate COVID-19 spending bill and more
EducationNC
 
Senate spending bill after appropriations committee
Senate spending bill after appropriations committeeSenate spending bill after appropriations committee
Senate spending bill after appropriations committee
EducationNC
 
Latest ildmhfy2012mh blockgrant
Latest ildmhfy2012mh blockgrantLatest ildmhfy2012mh blockgrant
Latest ildmhfy2012mh blockgrant
Comprehensive Clinical Services, P.C.
 
JUSTICE Act of 2009
JUSTICE Act of 2009JUSTICE Act of 2009
JUSTICE Act of 2009
Aaron Brazell
 
2015 amendments to the manual for courts martial eo13696
2015 amendments to the manual for courts martial eo136962015 amendments to the manual for courts martial eo13696
2015 amendments to the manual for courts martial eo13696
RepentSinner
 
28-0019 Election Reform Law of 2009
28-0019 Election Reform Law of 200928-0019 Election Reform Law of 2009
28-0019 Election Reform Law of 2009
Genevieve Whitaker
 
Ut hb-164
Ut hb-164Ut hb-164
Ut hb-164
American Lands Council
 
111cyber law sectins cases.docx new
111cyber law sectins cases.docx new111cyber law sectins cases.docx new
111cyber law sectins cases.docx new
Avinash Tegginmani
 
Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...
Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...
Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...
Jeh718
 
Wyoming v blm nd mtn to intervene
Wyoming v blm nd mtn to interveneWyoming v blm nd mtn to intervene
Wyoming v blm nd mtn to intervene
Christopher Paris, JD, RL
 
Steven Duesing, Nicole Mathis v. The Attorney General of Canada
Steven Duesing, Nicole Mathis v. The Attorney General of CanadaSteven Duesing, Nicole Mathis v. The Attorney General of Canada
Steven Duesing, Nicole Mathis v. The Attorney General of Canada
Guy Boulianne
 
The dowry prohibition act, 1961
The dowry prohibition act, 1961The dowry prohibition act, 1961
The dowry prohibition act, 1961
Leo Lukose
 
Attorney Ethics: An Update from the 85th Legislative Session
Attorney Ethics: An Update from the 85th Legislative SessionAttorney Ethics: An Update from the 85th Legislative Session
Attorney Ethics: An Update from the 85th Legislative Session
TWCA
 
The Civil Rights Act 1991
The Civil Rights Act 1991The Civil Rights Act 1991
The Civil Rights Act 1991
Chuck Thompson
 
Municipal OWI Prosecution
Municipal OWI ProsecutionMunicipal OWI Prosecution
Municipal OWI Prosecution
Douglas Hoffer
 
Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...
Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...
Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...
Guy Boulianne
 
Union territory and tribal councils
Union territory and tribal councilsUnion territory and tribal councils
Union territory and tribal councils
Shyam Rathod
 
Managers Amendment 12_19_09
Managers Amendment 12_19_09Managers Amendment 12_19_09
Managers Amendment 12_19_09
DocJess
 
Constitutional amendment
Constitutional amendmentConstitutional amendment
Constitutional amendment
Hafizul Mukhlis
 
WV SB 508: Relating to civil claims for private nuisance
WV SB 508: Relating to civil claims for private nuisanceWV SB 508: Relating to civil claims for private nuisance
WV SB 508: Relating to civil claims for private nuisance
Marcellus Drilling News
 
DAP - Justice Antonio Carpio, separate concurring opinion
DAP - Justice Antonio Carpio, separate concurring opinionDAP - Justice Antonio Carpio, separate concurring opinion
DAP - Justice Antonio Carpio, separate concurring opinion
raissarobles
 
Amateur Radio License- Technician Class
Amateur Radio License- Technician ClassAmateur Radio License- Technician Class
Amateur Radio License- Technician Class
Brody Nagy
 
The conservation of foreign exchange and prevention of smuggling activities a...
The conservation of foreign exchange and prevention of smuggling activities a...The conservation of foreign exchange and prevention of smuggling activities a...
The conservation of foreign exchange and prevention of smuggling activities a...
Leo Lukose
 
Hong kong human_rights_and_democracy_act__h.r._3289
Hong kong human_rights_and_democracy_act__h.r._3289Hong kong human_rights_and_democracy_act__h.r._3289
Hong kong human_rights_and_democracy_act__h.r._3289
ikarocampos
 
From Dualism - monism
From Dualism - monismFrom Dualism - monism
From Dualism - monism
Quincy Kiptoo
 
Union and its territory
Union and its territoryUnion and its territory
Union and its territory
ExamSprint
 
US draft sanctions on russia - senate version (Sept 2014)
US draft sanctions on russia - senate version (Sept 2014)US draft sanctions on russia - senate version (Sept 2014)
US draft sanctions on russia - senate version (Sept 2014)
Andrew Gelston
 
COFEPOSA ACT (Act 52 of 1974)
COFEPOSA ACT (Act 52 of 1974)COFEPOSA ACT (Act 52 of 1974)
COFEPOSA ACT (Act 52 of 1974)
Aravind Yadhav
 
Comments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawComments on Draft Philippine FOI Law
Comments on Draft Philippine FOI Law
Arden Chan
 
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky
 

Mais conteúdo relacionado

Mais procurados

The dowry prohibition act, 1961
The dowry prohibition act, 1961The dowry prohibition act, 1961
The dowry prohibition act, 1961
Leo Lukose
 
The Civil Rights Act 1991
The Civil Rights Act 1991The Civil Rights Act 1991
The Civil Rights Act 1991
Chuck Thompson
 
Municipal OWI Prosecution
Municipal OWI ProsecutionMunicipal OWI Prosecution
Municipal OWI Prosecution
Douglas Hoffer
 
Managers Amendment 12_19_09
Managers Amendment 12_19_09Managers Amendment 12_19_09
Managers Amendment 12_19_09
DocJess
 
Constitutional amendment
Constitutional amendmentConstitutional amendment
Constitutional amendment
Hafizul Mukhlis
 
DAP - Justice Antonio Carpio, separate concurring opinion
DAP - Justice Antonio Carpio, separate concurring opinionDAP - Justice Antonio Carpio, separate concurring opinion
DAP - Justice Antonio Carpio, separate concurring opinion
raissarobles
 
The conservation of foreign exchange and prevention of smuggling activities a...
The conservation of foreign exchange and prevention of smuggling activities a...The conservation of foreign exchange and prevention of smuggling activities a...
The conservation of foreign exchange and prevention of smuggling activities a...
Leo Lukose
 
From Dualism - monism
From Dualism - monismFrom Dualism - monism
From Dualism - monism
Quincy Kiptoo
 
US draft sanctions on russia - senate version (Sept 2014)
US draft sanctions on russia - senate version (Sept 2014)US draft sanctions on russia - senate version (Sept 2014)
US draft sanctions on russia - senate version (Sept 2014)
Andrew Gelston
 
COFEPOSA ACT (Act 52 of 1974)
COFEPOSA ACT (Act 52 of 1974)COFEPOSA ACT (Act 52 of 1974)
COFEPOSA ACT (Act 52 of 1974)
Aravind Yadhav
 

Mais procurados (20)

Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...
Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...
Legal Research For The Legal Assistant: How To Find Statutes (Federal & New Y...
 
Wyoming v blm nd mtn to intervene
Wyoming v blm nd mtn to interveneWyoming v blm nd mtn to intervene
Wyoming v blm nd mtn to intervene
 
Steven Duesing, Nicole Mathis v. The Attorney General of Canada
Steven Duesing, Nicole Mathis v. The Attorney General of CanadaSteven Duesing, Nicole Mathis v. The Attorney General of Canada
Steven Duesing, Nicole Mathis v. The Attorney General of Canada
 
The dowry prohibition act, 1961
The dowry prohibition act, 1961The dowry prohibition act, 1961
The dowry prohibition act, 1961
 
Attorney Ethics: An Update from the 85th Legislative Session
Attorney Ethics: An Update from the 85th Legislative SessionAttorney Ethics: An Update from the 85th Legislative Session
Attorney Ethics: An Update from the 85th Legislative Session
 
The Civil Rights Act 1991
The Civil Rights Act 1991The Civil Rights Act 1991
The Civil Rights Act 1991
 
Municipal OWI Prosecution
Municipal OWI ProsecutionMunicipal OWI Prosecution
Municipal OWI Prosecution
 
Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...
Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...
Steven Duesing, Nicole Mathis, Blain Gowing, et. al. v. The Attorney General ...
 
Union territory and tribal councils
Union territory and tribal councilsUnion territory and tribal councils
Union territory and tribal councils
 
Managers Amendment 12_19_09
Managers Amendment 12_19_09Managers Amendment 12_19_09
Managers Amendment 12_19_09
 
Constitutional amendment
Constitutional amendmentConstitutional amendment
Constitutional amendment
 
WV SB 508: Relating to civil claims for private nuisance
WV SB 508: Relating to civil claims for private nuisanceWV SB 508: Relating to civil claims for private nuisance
WV SB 508: Relating to civil claims for private nuisance
 
DAP - Justice Antonio Carpio, separate concurring opinion
DAP - Justice Antonio Carpio, separate concurring opinionDAP - Justice Antonio Carpio, separate concurring opinion
DAP - Justice Antonio Carpio, separate concurring opinion
 
Amateur Radio License- Technician Class
Amateur Radio License- Technician ClassAmateur Radio License- Technician Class
Amateur Radio License- Technician Class
 
The conservation of foreign exchange and prevention of smuggling activities a...
The conservation of foreign exchange and prevention of smuggling activities a...The conservation of foreign exchange and prevention of smuggling activities a...
The conservation of foreign exchange and prevention of smuggling activities a...
 
Hong kong human_rights_and_democracy_act__h.r._3289
Hong kong human_rights_and_democracy_act__h.r._3289Hong kong human_rights_and_democracy_act__h.r._3289
Hong kong human_rights_and_democracy_act__h.r._3289
 
From Dualism - monism
From Dualism - monismFrom Dualism - monism
From Dualism - monism
 
Union and its territory
Union and its territoryUnion and its territory
Union and its territory
 
US draft sanctions on russia - senate version (Sept 2014)
US draft sanctions on russia - senate version (Sept 2014)US draft sanctions on russia - senate version (Sept 2014)
US draft sanctions on russia - senate version (Sept 2014)
 
COFEPOSA ACT (Act 52 of 1974)
COFEPOSA ACT (Act 52 of 1974)COFEPOSA ACT (Act 52 of 1974)
COFEPOSA ACT (Act 52 of 1974)
 

Semelhante a CISPA-complete draft.

1 Center for Writing Excellence © 2014 Apollo Group,.docx
1 Center for Writing Excellence © 2014 Apollo Group,.docx1 Center for Writing Excellence © 2014 Apollo Group,.docx
1 Center for Writing Excellence © 2014 Apollo Group,.docx
karisariddell
 
A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13
A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13
A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13
dbolton007
 
Lindsay_Boyd_Journal_Article
Lindsay_Boyd_Journal_ArticleLindsay_Boyd_Journal_Article
Lindsay_Boyd_Journal_Article
Lindsay Boyd
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
Patton Boggs LLP
 
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAWRESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
Chirine Haddad ?
 
It Amendments Act
It Amendments ActIt Amendments Act
It Amendments Act
anthony4web
 

Semelhante a CISPA-complete draft. (20)

Comments on Draft Philippine FOI Law
Comments on Draft Philippine FOI LawComments on Draft Philippine FOI Law
Comments on Draft Philippine FOI Law
 
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
Yar Chaikovsky ABA Section of Intellectual Property Law Division VII — Infor...
 
1 Center for Writing Excellence © 2014 Apollo Group,.docx
1 Center for Writing Excellence © 2014 Apollo Group,.docx1 Center for Writing Excellence © 2014 Apollo Group,.docx
1 Center for Writing Excellence © 2014 Apollo Group,.docx
 
A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13
A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13
A PRACTICAL GUIDE TO THE FAR MANDATORY DISCLOSURE RULE FAR 52.203-13
 
Lindsay_Boyd_Journal_Article
Lindsay_Boyd_Journal_ArticleLindsay_Boyd_Journal_Article
Lindsay_Boyd_Journal_Article
 
Tools of legal methods & legal reasoning
Tools of legal methods & legal reasoningTools of legal methods & legal reasoning
Tools of legal methods & legal reasoning
 
NEW WHISTLEBLOWER INCENTIVES AND PROTECTION IN THE DODD-FRANK ACT
NEW WHISTLEBLOWER INCENTIVES AND PROTECTION IN THE DODD-FRANK ACTNEW WHISTLEBLOWER INCENTIVES AND PROTECTION IN THE DODD-FRANK ACT
NEW WHISTLEBLOWER INCENTIVES AND PROTECTION IN THE DODD-FRANK ACT
 
Protection and immunity under Cybersecurity Information Sharing Act
Protection and immunity under Cybersecurity Information Sharing ActProtection and immunity under Cybersecurity Information Sharing Act
Protection and immunity under Cybersecurity Information Sharing Act
 
CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law CSI 2008, Legal Developments In Security and Privacy Law
CSI 2008, Legal Developments In Security and Privacy Law
 
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the HorizonALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
ALERT: Health Care Cybersecurity Reform and Regulations on the Horizon
 
4
44
4
 
SC Judgement Striking Down Section 66-A
SC Judgement Striking Down Section 66-ASC Judgement Striking Down Section 66-A
SC Judgement Striking Down Section 66-A
 
Final report of rti
Final report of rtiFinal report of rti
Final report of rti
 
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAWRESEARCH - STUDIES IN CONSTITUTIONAL LAW
RESEARCH - STUDIES IN CONSTITUTIONAL LAW
 
U.s. senate's conditions to ratification of the cwc full text
U.s. senate's conditions to ratification of the cwc full textU.s. senate's conditions to ratification of the cwc full text
U.s. senate's conditions to ratification of the cwc full text
 
It Amendments Act
It Amendments ActIt Amendments Act
It Amendments Act
 
20200724 edpb faqoncjeuc31118
20200724 edpb faqoncjeuc3111820200724 edpb faqoncjeuc31118
20200724 edpb faqoncjeuc31118
 
Nadeem cyber law assignment
Nadeem cyber law assignmentNadeem cyber law assignment
Nadeem cyber law assignment
 
Bail Decision Support System
Bail Decision Support SystemBail Decision Support System
Bail Decision Support System
 
Rti presentation may2013
Rti presentation may2013Rti presentation may2013
Rti presentation may2013
 

Mais de DailyHostNews

Commercial Privacy Bill of Rights PDF
Commercial Privacy Bill of Rights PDFCommercial Privacy Bill of Rights PDF
Commercial Privacy Bill of Rights PDF
DailyHostNews
 
Children’s Online Privacy Protection
Children’s Online Privacy ProtectionChildren’s Online Privacy Protection
Children’s Online Privacy Protection
DailyHostNews
 

Mais de DailyHostNews (9)

GateSecure- "Doing well by doing good. Family freedom as a service"- WHD.Indi...
GateSecure- "Doing well by doing good. Family freedom as a service"- WHD.Indi...GateSecure- "Doing well by doing good. Family freedom as a service"- WHD.Indi...
GateSecure- "Doing well by doing good. Family freedom as a service"- WHD.Indi...
 
Genetic Information Nondiscrimination Act
Genetic Information Nondiscrimination ActGenetic Information Nondiscrimination Act
Genetic Information Nondiscrimination Act
 
Application Privacy, Protection, and Security Act of 2013
Application Privacy, Protection, and Security Act of 2013Application Privacy, Protection, and Security Act of 2013
Application Privacy, Protection, and Security Act of 2013
 
Commercial Privacy Bill of Rights PDF
Commercial Privacy Bill of Rights PDFCommercial Privacy Bill of Rights PDF
Commercial Privacy Bill of Rights PDF
 
The GPS Act
The GPS ActThe GPS Act
The GPS Act
 
Children’s Online Privacy Protection
Children’s Online Privacy ProtectionChildren’s Online Privacy Protection
Children’s Online Privacy Protection
 
Electronic Communications Privacy Act pdf
Electronic Communications Privacy Act pdfElectronic Communications Privacy Act pdf
Electronic Communications Privacy Act pdf
 
The Protecting Children from Internet Pornographers Act of 2011 PDF.
The Protecting Children from Internet Pornographers Act of 2011 PDF.The Protecting Children from Internet Pornographers Act of 2011 PDF.
The Protecting Children from Internet Pornographers Act of 2011 PDF.
 
Importance of Domain Name
Importance of Domain NameImportance of Domain Name
Importance of Domain Name
 

CISPA-complete draft.

  • 1. 112th CONGRESS 2d Session } HOUSE OF REPRESENTATIVES f REPORT 112- PROVIDING FOR CONSIDERATION OF THE BILL (H.R. 3523) TO PROVIDE FOR THE SHARING OF CERTAIN CYBER THREAT INTELLIGENCE AND CYBER THREAT INFORMATION BETWEEN THE INTELLIGENCE COMMUNITY AND CYBERSECURITY ENTITIES, AND FOR OTHER PURPOSES; PROVIDING FOR CONSIDERATION OF MOTIONS TO SUSPEND THE RULES; PROVIDING FOR CONSIDERATION OF THE BILL (H.R. 4628) TO EXTEND STUDENT LOAN INTEREST RATES FOR UNDERGRADUATE FEDERAL DIRECT STAFFORD LOANS; AND FOR OTHER PURPOSES April25, 2012.-Referred to the House Calendar and ordered to be printed. MR. NUGENT, from the Committee on Rules, submitted the following REPORT [To accompany H. Res._j The Committee on Rules, having had under consideration House Resolution__ , by a nonrecord vote, report the same to the House with the recommendation that the resolution be adopted. SUMMARY OF PROVISIONS OF THE RESOLUTION The resolution provides for consideration of H.R. 3523, the Cyber Intelligence Sharing and Protection Act of 2011, under a structured rule. The resolution provides one hour of general debate equally divided and controlled by the chair and ranking minority member of the Permanent Select Committee on Intelligence. The resolution waives all points of order against consideration of the bill. The resolution makes in order as original text for purpose of amendment the amendment in the nature of a substitute consisting of the text of Rules Committee Print 112-20 and provides that it shall be considered as read. The resolution waives all points of order against the amendment in the nature of a substitute. The resolution makes in order only those amendments printed in this report. Each such amendment may be offered only in the order printed in this report, may be offered only by a Member designated in this report, shall be considered as read, shall be debatable for the time specified in this report equally divided and controlled
  • 2. by the proponent and an opponent, shall not be subject to amendment, and shall not be subject to a demand for division of the question in the House or in the Committee of the Whole. The resolution waives all points of order against the amendments printed in this report. The resolution provides one motion to recommit with or without instructions. Section 2 of the resolution provides that it shall be in order at any time through the legislative day of April 27, 2012, for the Speaker to entertain motions that the House suspend the rules, as though under clause 1 of rule XV, relating to the following measures: H.R. 2096, the Cybersecurity Enhancement Act of 2011; H.R. 3834, the Advancing America's Networking and Information Technology Research and Development Act of 2012; and H.R. 4257, the Federal Information Security Amendments Act of 2012. Section 3 of the resolution provides for consideration of H.R. 4628, the Interest Rate Reduction Act, under a closed rule. The resolution provides one hour of debate equally divided and controlled by the chair and ranking minority member of the Committee on Education and the Workforce. The resolution waives all points of order against consideration of the bill and provides that it shall be considered as read. The resolution waives all points of order against provisions in the bill. The resolution provides one motion to recommit. Section 4 of the resolution provides that the Committee on Appropriations may, at any time before 6 p.m. on Wednesday, May 2, 2012, file privileged reports to accompany measures making appropriations for the fiscal year ending September 30, 2013. EXPLANATION OF WAIVERS The waiver of all points .of order against consideration of H.R. 3523 includes a waiver of clause 3(c)(4) of rule XIII, which requires a statement of general performance goals and objectives. The report filed by the Permanent Select Committee on Intelligence did not adequately fulfill this requirement. Although the resolution waives all points of order against the amendment in the nature of a substitute to H.R. 3523 made in order as original text, the Committee is not aware of any points of order. The waiver is prophylactic in nature. Although the resolution waives all points of order against the amendments printed in this report, the Committee is not aware of any points of order. The waiver is prophylactic in nature. The waiver of all points of order against consideration ofH.R. 4628 includes a waiver of clause 10 of rule XXI, prohibiting the consideration of a measure if the provisions of such measure have the net effect of increasing mandatory spending for the period of either the first five-year or ten-year period. While it is expected that H.R. 4628 would be in violation of the rule over the first five-year period, it is expected to have a net decrease in mandatory spending over the ten-year period. The waiver of all points of order against consideration of H.R. 4628 also includes a waiver of section 302(f) of the Congressional Budget Act of 1974, prohibiting the consideration of a measure which causes the applicable allocation of new budget authority under subsections 302(a) or (b) to be exceeded.
  • 3. IfH.R. 4628 is considered before Friday, April27, 2012~ the waiver of all points of order will include a waiver of clause 11 of rule XXI, prohibiting the consideration of an unreported bill or joint resolution until the third calendar day on which it has been available. Although the resolution waives all points of order against provisions in the H.R. 4628, the Committee is not aware of any points of order. The waiver is prophylactic in nature.
  • 4. SUMMARY OF THE AMENDMENTS TO H.R. 3523 MADE IN ORDER 1. Langevin (RI), Lungren (CA): Would expand eligibility to participate in the voluntary information sharing program created in the bill to include critical infrastructure owners and operators, which allows entities that are not entirely privately owned, such as airports, utilities, and public transit systems, to receive vital cybersecurity information and better secure their networks against cyber threats. (10 minutes) 2. Conyers (Ml): Would strike the exemption from criminal liability, strike the civil liability exemption for decisions made based upon cyber threat information identified, obtained, or shared under the bill, and ensure that those who negligently cause injury through the use of cybersecurity systems or the sharing of information are not exempt from potential civil liability. (10 minutes) 3. Pompeo (KS): Would make clear in the bill's liability provision that the reference to the use of cybersecurity systems is the use of such systems to identify and obtain cyber threat information. (10 minutes) 4. Rogers, Mike (MI), Ruppersberger (MD), Issa (CA), Langevin (RI): Would make clear that regulatory information already required to be provided remains FOIAable under current law. (10 minutes) 5. Jackson Lee (TX): Would authorize the Secretary to intercept and deploy countermeasure with regard to system traffic for cybersecurity purposes in effect identification of cybersecurity risks to federal systems. (10 minutes) 6. Quayle (AZ), Eshoo (CA), Thompson, Mike (CA), Broun (GA): Would limit government use of shared cyber threat information to only 5 purposes: 1) cybersecurity; 2) investigation and prosecution of cybersecurity crimes; 3) protection of individuals from the danger of death or physical injury; 4) protection of minors from physical or psychological harm; and 5) protection of the national security of the United States. (10 minutes) 7. Amash (MI), Labrador (ID), Paul (TX), Nadler (NY), Polis (CO): Would prohibit the federal government from using, inter alia, library records, firearms sales records, and tax returns that it receives from private entities under CISPA. (10 minutes) 8. Mulvaney (SC), Dicks (WA): Would provide clear authority to the government to create reasonable procedures to protect privacy and civil liberties, consistent with the need of the government to protect federal systems and cybersecurity. Would also prohibit the federal government from retaining or using information shared pursuant to paragraph (b)(1) for anything other than a use permitted under paragraph (cX1). (10 minutes) 9. Flake, Jeff(AZ): Would add a requirement to include a list of all federal agencies receiving information shared with the government in the report by the Inspector General ofthe Intelligence Community required under the legislation. (10 minutes) 10. Richardson (CA): Would make explicit that nothing in the legislation would prohibit a department or agency of the federal government from providing cyber threat information to owners and operators of critical
  • 5. infrastructure. (10 minutes) 11. Pompeo (KS): Would clarify that nothing in the bill would alter existing authorities or provide new authority to any federal agency, including DOD, NSA, DHS or the Intelligence Community to install, employ, or otherwise use cybersecurity systems on private sector networks. (10 minutes) 12. Woodall (GA): Would ensure that those who choose not to participate in the voluntary program authorized by this bill are not subject to new liabilities. (10 minutes) 13. Goodlatte (VA): Would narrow definitions in the bill regarding what information may be identified, obtained, and shared. (10 minutes) 14. Turner (OH): Would make a technical correction to definitions in Section 2 (g) to provide consistency with other cyber security policies within the Executive branch and the Department of Defense. (10 minutes) 15. Mulvaney (SC): Would sunset the provisions of the bill five years after the date of enactment. (10 minutes) 16. Paulsen (MN): Would encourage international cooperation on cyber security where feasible. (10 minutes)
  • 6. TEXT OF AMENDMENTS TO H.R. 3523 MADE IN ORDER
  • 7. 1. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE LANGEVIN OF RHODE ISLAND OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 8. F:M12LANGE AMENDMENT TO THE RULES Co:MMITmE PRINT OF H.R. 3523 OFFERED BY MR. LANGEVIN OF RHODE ISLAND Page 1, line 13, strike "UTILITIES" and insert "CRITICAL INFRASTRUCTURE OWNERS AND OPERA- TORS". Page 2, line 1, strike "utilities" and insert "critical infrastructure owners and operators''. Page 3, line 13, strike "utility" and insert "critical infrastructure owner or operator". Page 3, line 16, strike "utility" each place it ap- pears and insert "critical infrastructure owner or oper- a tor". Page 17, strike lines 12 through 16. f:VHLC042412042412.002.xml (52395012) April24, 2012 (9:15a.m.)
  • 9. 2. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE CONYERS JR. OF MICHIGAN OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 10. F:PKBINT112 AME ....TT'Io.........-r.oNT TO THE RULES COMMITTEE P / OF H.R. 3523 OFFERED BY M.r_. Cnn3.£f"'S Page 8, beginning on line 11 strike "or criminal". Page 8, strike lines 17 through 23 and insert the following: "good faith for using cybersecurity systems or sharing information in accordance with this section un- less such protected entity, self-protected entity, cyber se- curity provider, or an officer, agent, or employee of a cyber security provider negligently shares information ob- tained in accordance with this section, and that neg- ligence proximately causes injury.". f:VHLC042412042412.622.xml (52371012) April 24, 2012 (5:45 p.m.)
  • 11. 3. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE POMPEO OF KANSAS OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 12. ------ F'PKBUNT112H3523PLR-~ -------- T TO TSE RULES COMMITTEE PRINT OF H.R. 35' 3 2 OFFERED BY M 12.. Pc ge . , heg-inuiuo· n li n l l strike "<H' sharing in- form tion" and in. rt "to id -nti :, or obtain •b ;> r thr at inf'o rmnt ion OJ' for sharin(J' .·uch information" . 1VHLC042412104241 2 .375.xml - : (52357214) April24, 2012 (2:25p.m.)
  • 13. 4. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE ROGERS OF MICHIGAN OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 14. AMENDMENT TO THE RULES COMMITrEKJlRINT OF H.R. 3523 Page 9, beginning on line 2, strike "affect any" and insert ''affect-". Page 9, strike lines 3 through 5 and insert the fol- lowing: 1 ''(A) any requirement under any other pro- 2 vision of law for a person or entity to provide 3 information to the Federal Government; or 4 "(B) the applicability of other provisions of 5 law, including section 552 of title 5, United 6 States Code (commonly known as the 'Freedom 7 of Information Act'), with respect to informa- 8 tion required to be provided to the Federal Gov- 9 ernment under such other provision of law. f:VHLC042412042412 .149.xml (52359012) April24, 2012 (11 :32 a.m.)
  • 15. 5. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE JACKSON LEE OF TEXAS OR HER DESIGNEE, DEBATABLE FOR lOMINUTES
  • 16. NDMENT TO THE RULES COMMITTEE PRINT OF H.R. 3523 OFFERED BY Ms. JACKSON LEE OF TEXAS Page 9, after line 5, insert the following: 1 "(c) CYBERSECURITY OPERATIONAL ACTIVITY.- 2 "(1) IN GENERAL.-ln receiving· information 3 authorized to be shared with the Federal Govern- 4 ment under this section, the Secretary of Homeland 5 Security is authorized, notwithstanding any other 6 provision of law, to acquire, intercept, retain, use, 7 and disclose communications and other system traf- 8 fie that are transiting to or from or stored on Fed- 9 eral systems and to deploy countermeasures with re- 10 gard to such communications and system traffic for 11 cybersecurity purposes provided that the Secretary 12 certifies that- 13 ''(A) such acquisitions, interceptions, and 14 countermeasures are reasonable necessary for 15 the purpose of protection Federal systems from 16 cybersecurity threats; 17 "(B) the content of communications will be 18 collected and retained only when the commu- 19 nication is associated with known or reasonably f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
  • 17. F:Ml2JACKSOJACKS0_375.XML 2 1 suspected cybersecurity threat, and communica- 2 tions and system traffic will not be subject to 3 the operation of a countermeasure unless asso- 4 ciated with such threats; 5 "(C) information obtained pursuant to ac- 6 tivities authorized under this subsection will 7 only be retained, used or disclosed to protect 8 Federal systems from cybersecurity threats, 9 mitigate against such threats, or, with the ap- 10 proval of the Attorney General, for law enforce- 11 ment purposes when the information is evidence 12 of a crime which has been, is being, or is about 13 to be committed; and 14 ''(D) notice has been provided to users of 15 Federal systems concerning· the potential for ac- 16 quisition, interception, retention, use, and dis- 17 closure of communications and other system 18 traffic. 19 "(2) CONTRACTS.- The Secretary may enter 20 into contracts or other agreements, or otherwise re- 21 quest and obtain the assistance of, private entities 22 that provide electronic communication or 23 cybersecurity services to acquire, intercept, retain, 24 use, and disclose communications and other system 25 traffic consistent with paragraph (1). f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
  • 18. F:M12JACKSOJACKS0_375.XML 3 1 "(3) PRIVILEGED COMJ'vlUNICATIONS.-No oth- 2 erwise privileged communication obtained in accord- 3 ance with, or in violation of, this section shall lose 4 its privileged character. 5 " (4) POLICIES AND PROCEDURES.- The Sec- 6 retary of Homeland Security shall establish policies 7 and procedures that- 8 ''(A) minimize the impact on privacy and 9 civil liberties, consistent with the need to pro- 10 teet Federal systems and critical information 11 infrastructure from cybersecurity threats and 12 mitigate cybersecurity threats; 13 "(B) reasonably limit the acquisition, 14 interception, retention, use, and disclosure of 15 communications, records, system traffic, or 16 other information associated with specific per- 17 sons consistent with the need to carry out the 18 responsibilities of this section, including· estab- 19 lishing a process for the timely destruction on 20 recognition of communications, records, system 21 traffic, or other information that is acquired or 22 intercepted pursuant to this section that does 23 not reasonably appear to be related to pro- 24 tecting Federal systems and critical information f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
  • 19. F:Ml2VACKSOVACKS0_375.XML 4 1 infrastructure from cybersecurity threats and 2 mitigating cybersecurity threats; 3 "(C) include requirements to safeguard 4 communications, records, system traffic, or 5 other information that can be used to identify 6 specific persons from unauthorized access or ac- 7 quisition; and 8 "(D) protect the confidentiality of dis- 9 closed communications, records, system traffic, 10 or other information associated with specific 11 persons to the greatest extent practicable and 12 require recipients of such information to be in- 13 formed that the communications, records, sys- 14 tem traffic, or other information disclosed may 15 only be used for protecting information systems 16 against cybersecurity threats, mitigating 17 against cybersecurity threats, or law enforce- 18 ment purposes when the information is evidence 19 of a crime that has been, is being, or is about 20 to be committed, as specified by the Secretary. Page 14, after line 24, insert the following: 21 "(2) COUNTERMEASURE.-The term 'counter- 22 measure' means an automated action with defensive 23 intent to modify or block data packets associated 24 with electronic or wire communications, internet f:VHLC042412042412.370.xml (52420211) April24, 2012 (2:19p.m.)
  • 20. F:Ml2JACKS0JACKS0_375.XML 5 1 traffic program od , or oth r ystem tr ffic 2 transiting to or from or stored on an information 3 ystem to counteract a yb r ecm'ity threat." . f:VHLC042412042412,370.xml (52420211) April24, 2012 (2:19p.m.)
  • 21. 6. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE QUAYLE OF ARIZONA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 22. AMENDMENT TO THE RULES COMMITTEE PRINT OF H.R. 3523 OFFERED BY M(l. . - . ll -___;_----1- lowing: 1 "(1) LIMITATION.-The Federal Government 2 may use cyber threat information shared with the 3 Federal Government in accordance with subsection 4 (b)- 5 ''(A) for cybersecurity purposes; 6 "(B) for the investigation and prosecution 7 of cybersecurity crimes; 8 '' (C) for the protection of individuals from 9 the danger of death or serious bodily harm and 10 the investigation and prosecution of crimes in- 11 volving such danger of death or serious bodily 12 harm; 13 "(D) for the protection of nunors from 14 child pornography, any risk of se},.llal ex:ploi- 15 tation, and serious threats to the physical safe- 16 ty of such minor, including kidnapping and 17 trafficking and the investigation and prosecu- 18 tion of crimes involving child pornography, any f:VHLC042412042412.144.xml (52351312) April 24, 2012 (11 :30 a.m.)
  • 23. F:PKBIN'I112H3523FLR-FED-USE_OOI .X:ML 2 1 r1 k of A al 'll :A -ploitation, aud s ·non.· tlu·eat. 2 to the 1 hysi a! saf .t-y of minors, in luding kid- 3 napping an 1 tr affickiJtg and an. r r im refen d 4 to in 225 J (a)(2) f t itl 1 , nit d 5 Co 1e; or 6 "(E) ·o } ote t th na.tioual ecurjty of t h lr 7 United ates. a · 16 b fm e lin 1 in 'ert th following: 8 l'13ER E URIT RiliiE. -rrhe tern 9 ' yb r ecurity m·ime' means- 10 ''(A) a crim uud r a ~ ed -ral or tate law 11 tha m olve - 12 '' (i) effort o deoTacle, disrupt, or de- 13 stro. a ystem or network; 14 "(ii) e 'fort. to gain nnat tl 01 iz cl a - 15 cess o a s. stem or 11 ~"' ork; or 16 '(iii) efforts to exfiltra e il forn ation 17 from a sy·tcm or net ork 1.tho It autho r- 18 izati n·I or 19 "(B) the ,rjolation of a 1 rovisiou of Fed ral 20 .law relatiu · to omputer rimes, in luding a 21 violation of a n. prov1S10n of title 1 nit d 22 om- f:VH LC042412042412: 144,xml (52351312) April 24, 2012 (11 :30 a.m.)
  • 24. F:PKBIN1112H3523FLR-FED-USE_OOI.XML 3 1 puter Fraud and Abuse Act of 1986 (Public 2 Law 99-474).". f:VHLC042412042412.144.xml (52351312) April 24, 2012 (11 :30 a.m.)
  • 25. 7. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE AMASH OF MICHIGAN OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 26. - AMENDMEN-F-'TO THE RULES COMMITTEE ~.1.-...rrfl -~--- OF H.R. 3523 OFFERED BY MR. AMAsH OF MICHIGAN Page 10, after line 10, insert the following new paragraph: 1 " ( 4) PROTECTION OF SENSITIVE PERSONAL 2 DOCUMENTS.-The Federal Government may not 3 use the following information, containing informa- 4 tion that identifies a person, shared with the Federal 5 Government in accordance with subsection (b): 6 "(A) Library circulation records. 7 "(B) Library patron lists. 8 " (C) Book sales records. 9 "(D) Book customer lists. 10 "(E) Firearms sales records. 11 "(F) Tax return records. 12 "(G) Educational records. 13 "(H) Medical records. f:VHLC042412042412.478.xml (52412014) April24, 2012 (3:56p.m.)
  • 27. 8. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE MULVANEY OF SOUTH CAROLINA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 28. F:PKBfNT112H3523FLR":~nN-RET-USE_OOI.XML _.... .AMENDMENTTO THE RULES COMMITTEE PRINT ..- Page 10, after line 10 insert the following: 1 "(4) NOTIFICATION' OF N'ON'-CYBER THREAT TN'- 2 FORl1ATTO~.-If a department or agency of the Fed- 3 eral Government receiving information pursuant to 4 . subsection (b)(]) determines that such information 5 is not cyber threat information, such department or 6 agency shall notify the entity or provider sharing 7 such information pursuant to subsection (b)(1). 8 " ( 5) RwrEN'TION AN'D USE OJ<, CYT-3ER THHEAT 9 J~rpoRMATHH.-No department or agency of the 10 Federal Government shall retain or use information 11 shared pursuant to subsection (b)(1) for any use 12 other than a use permitted under subsection (c)(1). 13 "(6) PROTECTTO~ OF TNDT'TDUATj T~'FORMA- 14 TTO:' .-The Federal Government may, consistent 15 Yrith the need to protect Federal systems and critical 16 information infrastn1cture from cybersecurity 17 threats and to mitigate such threats, undertake rea- 18 sonable efforts to limit the impact on privacy and 19 civil liberties of the sharing of cyber threat informa- f:VHLC042412042412 .352.xml (52413712) April 24, 2012 (2:02 p.m.)
  • 29. F:PKBTNl112113523FLR-MlN-RET-USE_OO 1.XML 2 1 tion with the Fedei'HI GoYemment. pnrsuant. to this 2 ~uhsection. P~1ge 1 ~~ . after l·i11e 1:-3, im;ert t.he following: 3 "( 4) U:-;E ,:'1) HE'l'Ei'TTO:' OF f NFORi l i1'10~. - 4 Nothing in this seetion shall be constmecl to author- S iz.e, or to mocli(v any existing author·ity of, a clepart- 6 ment 01· agency of the F edel'al Government to retain 7 01· nsc information shared pursuant to subsecti o11 8 (b)(l) fm· any use oiher ihau a usc pe11nitled under 9 sui>S<'<'t.ion (c)( 1).". f:VHLC0424 12042412.352.xml (524 13712) April24, 2012 (2:02p.m.)
  • 30. 9. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE FLAKE OF ARIZONA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 31. F:Ml2FLAKEFLAKE_214'JCMb #~- O:FFJQJJEQ llY MB. ~-OF ARizONA Page 12, after line 18, insert the following new sub- paragraph: 1 "(E) a list of the department o1· agency re- 2 ceiving such information; I:VHL0042012042012.325.xml (52345616) April20, 2012 (5:15p.m.)
  • 32. 10. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE RICHARDSON OF CALIFORNIA OR HER DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 33. F: MJ2~4. AMENDMENT TO THE RULES COMMI1"l'EE ..- PRJNP QF H.R. 3323 0FFEREn BY Ms. RICHARDSON OF CALIFORNIA P ag 14, after line , ins rt the following new sub- paragTaph: 11 1 ( ) prohibit a d :partment or a · ncy o£ 2 the Federal Government from providing cyber 3 threat informc tion to owners and op rator of 4 cdtical infrastructur · 1:VHLC04·2312042312.037.xml (52362612) Ap ril 23, 2012 (1 0:42 a.m.)
  • 34. 11. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE POMPEO OF KANSAS OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 35. HE RULES COMMITTEE PRINT OF H.R. 3523 OFFERED BY M~. PoMfeo Page 14, after line 13, insert the following: "( 4) J_;Il'IITATIOK 0:' F'EDERAI1 GOVERNlTEKT 2 nm OF CYBERSECI;RITY SYSTEMS.-Nothing in this 3 section shall be construed to provide additional au- 4 thority to, or modify an existing authority of, any 5 entity to use a cybersecurity system .mvned or con- 6 trolled by the Federal Government on a private-sec- 7 tor system or network to protect such private-sector 8 system or netvi'Ork.". f:VHLC042412042412.282 .xml {52349812) April 24, 2012 (1 :05 p.m.)
  • 36. 12. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE WOODALL OF GEORGIA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 37. - -- ----- AMENDMENT- TO -THE RULES COMMI'ITEE PRINT . - OF H.R. 3523 OFFERED BY MR. WOODALL OF GEORGIA Page 14, after line 13 insert the following: 1 ' (4) N L ILITY F 1 N-PARTI IP '1'1 I .- 2 Nothing in thi. ction hall be con tru ct t ubject 3 protected ntity self-protected ntity cy er cu- 4 rity rovid r or an officer, employ , or ag nt of a 5 I rotccted entity, lf-prote ted ntit , r yber ·e u- 6 rity provider, to liability for hoo in · not to enoag 7 in the voluntary a tivities au horiz d under thi 8 1 n. f:VHLC042012042012.066.xml (5233361 3) April 20, 2012 (10:52 a.m.)
  • 38. 13. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE GOODLATTE OF VIRGINIA OR HIS DESIGNEE, DEBATABLE FOR lOMINUTES
  • 39. ~ULES COMMITTEE PR- OF H.R. 3523 OFFERED BY Mt2.. ~ Page 14, after line 14 insert the follmving: 1 "(1) AvAILABILI'rY.-The term 'availability' 2 means ensuring timely and reliable access to and use 3 of information. Page 15, strilm lines 1 through 25 and insert the following: 4 "(2) CoN:F'IDENTIALITY.-The term 'confiden- 5 tiality' means preserving authorized restrictions on 6 access and disclosure, including means for protecting 7 personal privacy and proprietary information. 8 "(3) CYBER THREAT 11TFORMATION.- 9 "(A) IN GENERAL.-The term 'cyber 10 threat information' means information directly 11 pertaining to- 12 "(i) a vulnerability of a system or net- 13 work of a government or private entity; 14 "(ii) a threat to the integrity, con- 15 fidentiality, or availability of a system or 16 network of a government or private entity f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
  • 40. F:PKBINT112H3523FLR-CYBER-DEFS_OOl.XML 2 1 or any information stored on, processed on, 2 or transiting such a system or network; 3 "(iii) efforts to degrade, disrupt, or 4 destroy a system or network of a govern- 5 ment or private entity; or 6 "(iv) efforts to gain unauthorized ac- 7 cess to a system or network of a govern- 8 ment or private entity, including to gain 9 such unauthorized access for the purpose 10 of exfiltrating information stored on, proc- 11 essed on, or transiting a system or network 12 of a government or private entity. 13 "(B) EXCLUSION.- Such term does not 14 include information pertaining to efforts to gain 15 unauthorized access to a system or network of 16 a govenm1ent or private entity that solely in- 17 volve violations of consumer terms of service or 18 consumer licensing agreements and do not oth- 19 erwise constitute unauthorized access. 20 "( 4) CYBER 'fHREAT INTELLIGENCE.- 21 "(A) IN GEl"'ERAL.-The term 'cyber 22 threat intelligence' means intelligence in the 23 possession of an element of the intelligence 24 community directly pertaining to- f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
  • 41. F:PKBINT112H3523FLR-CYBER-DEFS_OO l.XML 3 1 "(i) a vulnerability of a system or net- 2 ·work of a government or private entity; 3 "(ii) a threat tb the integrity, con- 4 fidentiality, or availability of a system or 5 net,.vork of a government or private entity 6 or any information stored on, processed on, 7 or transiting such a system or network; 8 "(iii) efforts to degrade, disrupt, or 9 destroy a system or network of a govern- 10 mentor private entity; or 11 "(iv) efforts to gain unauthorized ac- 12 cess to a system or network of a govern- 13 ment or private entity, including to gain 14 such unauthorized access for the purpose 15 of exfiltrating information stored on, proc- 16 essed on, or transiting a system or network 17 of a g·overnment or private entity. - 18 "(B) ExcLusroN . - Such term does not 19 include intelligence pertaining to efforts to gain 20 unauthorized access to a system or network of 21 a govenm1ent or private entity that solely in- 22 volve violations of consumer terms of service or 23 consumer licensing agreements and do not oth- 24 e:rwise constitute unauthorized access. f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
  • 42. F:PKBIN1112H3523FLR-CYBER-DEFS_OO l.XML 4 I ag • J 6, ·trike ln1c 5 and all h a follow. thr ngh pag 17 li11e 2, and insert the fo U 10': owi1 1 cc ( 5) YBERSE IUT PURP E.- 2 I , 'Er-..TER.AL.-The term 3 b 1·s m·ity puq' s ' m ans t he purpo of 4 ensuring the int grity, conf iclentiality, or ava il- 5 abilit. of, or safe 11ardi.J · e: •• r em 1· 11 tv r k, 6 il1 u ding prot ting a m or n tvork 7 fr011 - 8 9 10 "(ii) a tlu~ at t th integTit.r' ·on- 11 fi entia lity or av ila ility of a y tern or 12 netvork or any inf rmation tor l on, 13 pro •esscd n 01· transit i:n · . n 1 a sy · en 14 or 11 t ork; 15 1 (iii) ff rts l oTa l di rup or 16 17 "Uv) ff rt. t ain una 1thorized ac- 18 c to a s. t m r n · ~' ork, in luding to 19 ·< in such unauth riz d a ·ss for th pm·- 20 po of "x.tutrating inform ti n . tor d on, 21 pr es d on, or trausiti.J1 · a r 22 network. f:VHLC042412042412.331.xml (523501 1 3) April24, 2012 (1:43 p.m.)
  • 43. F:PKBINT112H3523FLR-CYBER-DEFS_OO l.XML 5 1 ''(B) ExcLUSION.- Such term does not 2 include the puq)ose of protecting a system or 3 network from efforts to gain unauthorized ac- 4 cess to such system or network that solely in- 5 volve violations of consumer terms of service or 6 consumer licensing agreements and do not oth- 7 erwise constitute unauthorized access. 8 "(6) CYBERSECURITY SYSTEM.- 9 "(A) IN GE:r--.TERAL.-The term 10 'cybersecurity system' means a system designed 11 or employed to ensure the integTity, confiden- 12 tiality, or availability of, or safeguard, a system 13 or netvvork, including protecting a system or 14 network from- 15 "(i) a vulnerability of a system or net- 16 work· ' 17 "(ii) a threat to the integrity, con- 18 fidentiality, or availability of a system or 19 network or any information stored on, 20 processed on, or transiting such a system 21 or network· ' 22 "(iii) efforts to degrade, disrupt, or 23 destroy a system or netvvork; or 24 "(iv) efforts to gain unauthorized ac- 25 cess to a system or network, including to f:VHLC042412042412.331.xml (52350113) April 24, 2012 (1 :43 p.m.)
  • 44. F:PKBINT112H3523FLR-CYBER-DEFS_OOl.XML 1 2 po ' of ex.5ltrC~ting inf rmatiou s red on 3 proc '. s d n ' or tran itino· a b , tcm or 4 net vork 5 ' ( ) Ex r-' n b erm doc · not 6 in lud a sy 't m design d or n plo. d t pro- 7 •c a r n twork from effort to oam 8 .m auth rize] ace ·t .·u h ) , en or network 9 that ol ly invo1v violation.· of •ou. un cr terms 10 of . crvi e r ou um r li u, in · a.oTe mer ts and 11 d n t th rwis c(mstitute unauthoriz d a ces . Pag 17, after lin 2 il1 ert t.h following: 12 "(7) Ir'rEGI ITY.-Th • tern integrit. ' m an. 13 ouarding ao-ainR im] TO] r infor11 ation moclifi ation 14 or c1 tru tion, includino· en uring information non- 15 repudiation and autheu i ity. I:VHLC042412042412.331.xml (52360113) April24, 2012 (1:43 p.m.)
  • 45. 14. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE TURNER OF OHIO OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 46. F:Ml2TURNERTURNER_090.XML - AMEND~:NT-TO -n.ULEs COMMITI'EE PRINT OF R.R. 8523 OFFERED BY MR. TURNED. oF Omo Pa ·e 15, line 7 insert d ny ace s to or" b for 'deoTc de". age 5, ill e 20 in ert 'den: , cce to or" b fo r "degrade" . Pag l 6, line 10, insert "deny acces · to or" before 'degrad ' . P age 16, line 21 h sert Hd n access to or' before 'c1 grad ' 1:VHLC042012042012.067 .xml (52340211) April 20, 2012 (1 0:53a.m.)
  • 47. 15. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE MULVANEY OF SOUTH CAROLINA OR HIS DESIGNEE, DEBATABLE FOR 10 MINUTES
  • 48. AMENDMENT TO THE RULES COMMITTE:E PRINT ~ OF H.R. 3523 OFFERED BY MR. MULVANEY OF SOUTH CAROLINA At the end of the bill, add the following· new section: 1 SEC. 3. SUNSET. 2 Effective on the date that is five years after the date 3 of the enactment of this Act- 4 (1) section 1104 of the National Security Act of 5 19 4 7, as added by section 2 (a) of this Act, is re- 6 pealed; and 7 (2) the table of contents in the first section of 8 the National Security Act of 1947, as amended by 9 section 2(d) of this Act, is amended by striking the 10 item relating to section 1104, as added by such sec- 11 tion 2(d). f:VHLC042412042412.418 .xml (52423811) April 24, 2012 (3:03p.m.)
  • 49. 16. AN AMENDMENT TO BE OFFERED BY REPRESENTATIVE PAULSEN OF MINNESOTA OR HIS DESIGNEE, DEBATABLE FOR lOMINUTES
  • 50. F:M12PAULSEPAULSE_066.XML -·AMENDMENT TO THE RULES CoMMITTEE PRINT . OF H.R. 3523 OFFERED BY MR. PAULSEN OF MINNESOTA At the end of the bill, add the following new section: 1 SEC. 3. INTERNATIONAL COOPERATION. 2 International cooperation with regard to 3 cybersecurity should be encouraged wherever possible 4 under this Act and the amendments made by this Act. f:VHLC041912041912.457.xml (52337711} April19, 2012 (5:38p.m.)