U.S Code last checked for updates: Nov 22, 2024
§ 3330.
Reports to the intelligence community on penetrations of networks and information systems of certain contractors
(a)
Procedures for reporting penetrations
(b)
Networks and information systems subject to reporting
(c)
Procedure requirements
(1)
Rapid reporting
The procedures established pursuant to subsection (a) shall require each cleared intelligence contractor to rapidly report to an element of the intelligence community designated pursuant to subsection (a) of each successful penetration of the network or information systems of such contractor that meet the criteria established pursuant to subsection (b). Each such report shall include the following:
(A)
A description of the technique or method used in such penetration.
(B)
A sample of the malicious software, if discovered and isolated by the contractor, involved in such penetration.
(C)
A summary of information created by or for such element in connection with any program of such element that has been potentially compromised due to such penetration.
(2)
Access to equipment and information by intelligence community personnel
The procedures established pursuant to subsection (a) shall—
(A)
include mechanisms for intelligence community personnel to, upon request, obtain access to equipment or information of a cleared intelligence contractor necessary to conduct forensic analysis in addition to any analysis conducted by such contractor;
(B)
provide that a cleared intelligence contractor is only required to provide access to equipment or information as described in subparagraph (A) to determine whether information created by or for an element of the intelligence community in connection with any intelligence community program was successfully exfiltrated from a network or information system of such contractor and, if so, what information was exfiltrated; and
(C)
provide for the reasonable protection of trade secrets, commercial or financial information, and information that can be used to identify a specific person (other than the name of the suspected perpetrator of the penetration).
(3)
Limitation on dissemination of certain information
The procedures established pursuant to subsection (a) shall prohibit the dissemination outside the intelligence community of information obtained or derived through such procedures that is not created by or for the intelligence community except—
(A)
with the approval of the contractor providing such information;
(B)
to the congressional intelligence committees or the Subcommittees on Defense of the Committees on Appropriations of the House of Representatives and the Senate for such committees and such Subcommittees to perform oversight; or
(C)
to law enforcement agencies to investigate a penetration reported under this section.
(d)
Issuance of procedures and establishment of criteria
(1)
In general
(2)
Applicability date
(e)
Coordination with the Secretary of Defense to prevent duplicate reporting
(f)
Definitions
In this section:
(1)
Cleared intelligence contractor
(2)
Covered network
(g)
Savings clauses
(Pub. L. 113–126, title III, § 325, July 7, 2014, 128 Stat. 1402.)
cite as: 50 USC 3330