U.S. CODE
Rulings
AD/CVD
Notices
HTSUS
U.S. Code
Regs
More
Ports
About
Updates
Apps
Larger font
Smaller font
CustomsMobile Pro
beta now open!
Apply for a FREE beta account. Spaces are limited so apply today.
SIGNUP FOR BETA
SEARCH
Toggle Dropdown
Search US Code
Search Leg. Notes
Sort by Rank
Titles Ascending
Titles Descending
10 per page
25 Result/page
50 Result/page
U.S Code last checked for updates: Nov 23, 2024
All Titles
Title 6
Chapter 1
Subchapter XVIII
Part D
§ 681d. Noncompliance with requi...
§ 681f. Cyber Incident Reporting...
§ 681d. Noncompliance with requi...
§ 681f. Cyber Incident Reporting...
U.S. Code
§ 681e.
Information shared with or provided to the Federal Government
(a)
Disclosure, retention, and use
(1)
Authorized activities
Information provided to the Agency pursuant to section 681b or 681c of this title may be disclosed to, retained by, and used by, consistent with otherwise applicable provisions of Federal law, any Federal agency or department, component, officer, employee, or agent of the Federal Government solely for—
(A)
a cybersecurity purpose;
(B)
the purpose of identifying—
(i)
a cyber threat, including the source of the cyber threat; or
(ii)
a security vulnerability;
(C)
the purpose of responding to, or otherwise preventing or mitigating, a specific threat of death, a specific threat of serious bodily harm, or a specific threat of serious economic harm, including a terrorist act or use of a weapon of mass destruction;
(D)
the purpose of responding to, investigating, prosecuting, or otherwise preventing or mitigating, a serious threat to a minor, including sexual exploitation and threats to physical safety; or
(E)
the purpose of preventing, investigating, disrupting, or prosecuting an offense arising out of a cyber incident reported pursuant to section 681b or 681c of this title or any of the offenses listed in
section 1504(d)(5)(A)(v) of this title
.
(2)
Agency actions after receipt
(A)
Rapid, confidential sharing of cyber threat indicators
(B)
Principles for sharing security vulnerabilities
(3)
Privacy and civil liberties
(4)
Digital security
(5)
Prohibition on use of information in regulatory actions
(A)
In general
(B)
Clarification
(b)
Protections for reporting entities and information
Reports describing covered cyber incidents or ransom payments submitted to the Agency by entities in accordance with
section 681b of this title
, as well as voluntarily-submitted cyber incident reports submitted to the Agency pursuant to
section 681c of this title
, shall—
(1)
be considered the commercial, financial, and proprietary information of the covered entity when so designated by the covered entity;
(2)
be exempt from disclosure under
section 552(b)(3) of title 5
(commonly known as the “Freedom of Information Act”), as well as any provision of State, Tribal, or local freedom of information law, open government law, open meetings law, open records law, sunshine law, or similar law requiring disclosure of information or records;
(3)
be considered not to constitute a waiver of any applicable privilege or protection provided by law, including trade secret protection; and
(4)
not be subject to a rule of any Federal agency or department or any judicial doctrine regarding ex parte communications with a decision-making official.
(c)
Liability protections
(1)
In general
(2)
Scope
(3)
Restrictions
(d)
Sharing with non-Federal entities
(e)
Stored Communications Act
(
Pub. L. 107–296, title XXII, § 2245
, as added
Pub. L. 117–103, div. Y, § 103(a)(2)
,
Mar. 15, 2022
,
136 Stat. 1051
.)
cite as:
6 USC 681e
.list_box li,p,.cm-search-info,.cm-search-detail,.abt span,.expand-collapse_top
Get the CustomsMobile app!