Statutory Notes and Related Subsidiaries
Federal Policy on Sharing of Covered Insider Threat Information Pertaining to Contractor Employees in the Trusted Workforce
[Pub. L. 117–103, div. X, title VIII, § 806], Mar. 15, 2022, [136 Stat. 1014], as amended by [Pub. L. 117–263, div. F, title LXVI, § 6606], Dec. 23, 2022, [136 Stat. 3559], provided that:“(a)
Policy Required.—
Not later than 2 years after the date of the enactment of this Act [Mar. 15, 2022], the Director of National Intelligence, in coordination with the Secretary of Defense, the Director of the Office of Management and Budget, and the Attorney General, shall issue a policy for the Federal Government on sharing covered insider threat information pertaining to contractor employees.
“(b)
Consent Requirement.—
The Director shall ensure that the policy issued under subsection (a) requires, as a condition of obtaining and maintaining a security clearance with the Federal Government, that a contractor employee provide prior written consent for the Federal Government to share covered insider threat information with the senior official responsible for the insider threat program of the contractor that employs the contractor employee. The Director may include in such policy restrictions on the further disclosure of such information.
“(c)
Consultation.—
On a quarterly basis during the period in which the Director is developing the policy under subsection (a), the Director shall consult with Congress and industry partners with respect to such development.
“(d)
Review.—
“(1)
Submission.—
Not later than 1 year after the date of the issuance of the policy under subsection (a), the Director of National Intelligence and the Secretary of Defense shall jointly submit to Congress and make available to such industry partners as the Director and the Secretary consider appropriate a review of the policy.
“(2)
Contents.—
The review under paragraph (1) shall include the following:
“(A)
An assessment of the utility and effectiveness of the policy issued under subsection (a).
“(B)
Such recommendations as the Director and the Secretary determine appropriate with respect to legislative or administrative action relevant to such policy.
“(e)
Definitions.—
In this section:
“(1)
Covered insider threat information.—
The term ‘covered insider threat information’—
“(A)
means information that—
“(i)
is relevant with respect to adjudications relating to determinations of eligibility for access to classified information;
“(ii)
an agency or department of the Federal Government has vetted and verified; and
“(iii)
according to Director of National Intelligence policy, is considered relevant to the ability of a contractor employee to protect against insider threats as required by section 117.7(d) of title 32, Code of Federal Regulations, or successor regulation; and
“(B)
includes pertinent information considered in the counter-threat assessment, as authorized by a provision of Federal law or Executive Order.
“(2)
Contractor employee.—
The term ‘contractor employee’ means an employee of a contractor, subcontractor, grantee, subgrantee, or personal services contractor, of a department or agency of the Federal Government.”
Governance of Trusted Workforce 2.0 Initiative
[Pub. L. 117–103, div. X, title VIII, § 807(a)], Mar. 15, 2022, [136 Stat. 1015], provided that:“(a)
Governance.—
The Director of National Intelligence, acting as the Security Executive Agent, and the Director of the Office of Personnel Management, acting as the Suitability and Credentialing Executive Agent, in coordination with the Deputy Director for Management in the Office of Management and Budget, acting as the chairman of the Performance Accountability Council, and the Under Secretary of Defense for Intelligence and Security shall jointly—
“(1)
not later than 180 days after the date of the enactment of this Act [Mar. 15, 2022], publish, in the Federal Register as appropriate, a policy with guidelines and standards for Federal Government agencies and industry partners to implement the Trusted Workforce 2.0 initiative;
“(2)
not later than 2 years after the date of the enactment of this Act and not less frequently than once every 6 months thereafter, submit to Congress a report on the timing, delivery, and adoption of Federal Government agencies’ policies, products, and services to implement the Trusted Workforce 2.0 initiative, including those associated with the National Background Investigation Service; and
“(3)
not later than 90 days after the date of the enactment of this Act, submit to Congress performance management metrics for the implementation of the Trusted Workforce 2.0 initiative, including performance metrics regarding timeliness, cost, and measures of effectiveness.”
Trusted Information Provider Program for National Security Positions and Positions of Trust
[Pub. L. 115–232, div. A, title IX, § 941], Aug. 13, 2018, [132 Stat. 1941], provided that:“(a)
Program Required.—
Not later than 90 days after the date of the enactment of this Act [Aug. 13, 2018], the Security Executive Agent and the Suitability/Credentialing Executive Agent shall establish and implement a program (to be known as the ‘Trusted Information Provider Program’) to share between and among agencies of the Federal Government and industry partners of the Federal Government relevant background information regarding individuals applying for and currently occupying national security positions and positions of trust, in order to ensure the Federal Government maintains a trusted workforce.
“(b)
Privacy Safeguards.—
The Security Executive Agent and the Suitability/Credentialing Executive Agent shall ensure that the program required by subsection (a) includes such safeguards for privacy as the Security Executive Agent and the Suitability/Credentialing Executive Agent consider appropriate.
“(c)
Provision of Information to the Federal Government.—
The program required by subsection (a) shall include requirements that enable Investigative Service Providers and agencies of the Federal Government to leverage certain pre-employment information gathered during the employment or military recruiting process, and other relevant security or human resources information obtained during employment with or for the Federal Government, that satisfy Federal investigative standards, while safeguarding personnel privacy.
“(d)
Information and Records.—
The information and records considered under the program required by subsection (a) shall include the following:
“(1)
Date and place of birth.
“(2)
Citizenship or immigration and naturalization information.
“(5)
Employment or social references.
“(6)
Military service records.
“(7)
State and local law enforcement checks.
“(8)
Criminal history checks.
“(9)
Financial records or information.
“(10)
Foreign travel, relatives or associations.
“(11)
Social media checks.
“(12)
Any other information or records relevant to obtaining or maintaining national security, suitability, fitness, or credentialing eligibility.
“(e)
Implementation Plan.—
“(1)
In general.—
Not later than 90 days after the date of the enactment of this Act [Aug. 13, 2018], the Security Executive Agent and the Suitability/Credentialing Executive Agent shall jointly submit to Congress a plan for the implementation of the program required by subsection (a).
“(2)
Elements.—
The plan required by paragraph (1) shall include the following:
“(A)
Mechanisms that address privacy, national security, suitability or fitness, credentialing, and human resources or military recruitment processes.
“(B)
Such recommendations for legislative or administrative action as the Security Executive Agent and the Suitability/Credentialing Executive Agent consider appropriate to carry out or improve the program.
“(f)
Definitions.—
In this section:
“(1)
The term ‘Security Executive Agent’ means the Director of National Intelligence acting as the Security Executive Agent in accordance with Executive Order 13467 (73 Fed. Reg. 38103;
50 U.S.C. 3161 note).
“(2)
The term ‘Suitability/Credentialing Executive Agent’ means the Director of the Office of Personnel Management acting as the Suitability/Credentialing Executive Agent in accordance with Executive Order 13467.”
Definitions
For definitions of “Security Executive Agent”, “Suitability and Credentialing Executive Agent”, “appropriate congressional committees”, and “appropriate industry partners”, referred to in text, see section 3352 of this title.