U.S. CODE
Rulings
AD/CVD
Notices
HTSUS
U.S. Code
Regs
More
Ports
About
Updates
Apps
Larger font
Smaller font
CustomsMobile Pro
beta now open!
Apply for a FREE beta account. Spaces are limited so apply today.
SIGNUP FOR BETA
SEARCH
Toggle Dropdown
Search US Code
Search Leg. Notes
Sort by Rank
Titles Ascending
Titles Descending
10 per page
25 Result/page
50 Result/page
U.S Code last checked for updates: Nov 22, 2024
All Titles
Title 50
Chapter 44
Subchapter IX
§ 3241. Biennial reports on fore...
§ 3243. Periodic reports on tech...
§ 3241. Biennial reports on fore...
§ 3243. Periodic reports on tech...
U.S. Code
Notes
§ 3242.
Annual reports on certain cyber vulnerabilities procured by intelligence community and foreign commercial providers of cyber vulnerabilities
(a)
Annual reports
(b)
Elements
Each report under subsection (a) shall include, with respect to the period covered by the report, the following:
(1)
A description of each cyber vulnerability procured through a foreign commercial provider, including—
(A)
a description of the vulnerability;
(B)
the date of the procurement;
(C)
whether the procurement consisted of only that vulnerability or included other vulnerabilities;
(D)
the cost of the procurement;
(E)
the identity of the commercial provider and, if the commercial provider was not the original supplier of the vulnerability, a description of the original supplier;
(F)
the country of origin of the vulnerability; and
(G)
an assessment of the ability of the intelligence community to use the vulnerability, including whether such use will be operational or for research and development, and the approximate timeline for such use.
(2)
An assessment of foreign commercial providers that—
(A)
pose a significant threat to the national security of the United States; or
(B)
have provided cyber vulnerabilities to any foreign government that—
(i)
has used the cyber vulnerabilities to target United States persons, the United States Government, journalists, or dissidents; or
(ii)
has an established pattern or practice of violating human rights or suppressing dissent.
(3)
An assessment of whether the intelligence community has conducted business with the foreign commercial providers identified under paragraph (2) during the 5-year period preceding the date of the report.
(c)
Form
(d)
Definitions
In this section:
(1)
Commercial provider
(2)
Cyber vulnerability
(
July 26, 1947, ch. 343
, title XI, § 1112, as added
Pub. L. 117–103, div. X, title VIII, § 822(a)
,
Mar. 15, 2022
,
136 Stat. 1020
.)
cite as:
50 USC 3242
.list_box li,p,.cm-search-info,.cm-search-detail,.abt span,.expand-collapse_top
Get the CustomsMobile app!