Title 6 — Domestic SecurityRelease 119-73
§383 National Computer Forensics Institute
Title 6 › Chapter CHAPTER 1— - HOMELAND SECURITY ORGANIZATION › Subchapter SUBCHAPTER VIII— - COORDINATION WITH NON-FEDERAL ENTITIES; INSPECTOR GENERAL; UNITED STATES SECRET SERVICE; COAST GUARD; GENERAL PROVISIONS › Part Part C— - United States Secret Service › § 383
Summary
Creates a National Computer Forensics Institute inside the U.S. Secret Service for fiscal years 2023 through 2028. The Institute must train and equip State, local, territorial, and Tribal law enforcement, prosecutors, and judges, plus certain Secret Service cyber task force members, on how to investigate and stop cybersecurity incidents, electronic crimes, and related threats. All training must follow Federal rules on privacy, civil rights, and civil liberties. Training covers investigating cybercrime (including illegal digital asset use and new trends), doing forensic exams of computers and mobile devices, legal issues for prosecutors and judges, and how to collect, store, and use digital evidence in court. The Institute should share timely, useful information with trainees, and should try to include people from many different places, giving priority to State, local, Tribal, and territorial staff. It may give equipment, software, and tools to trainees and help grow the Secret Service’s Cyber Fraud Task Forces by adding trained members. Activities already run at locations as of the day before November 2, 2017 may continue. The Secret Service Director can pay for some or all training, equipment, and travel costs. The Secretary must report annually (under section 1116 of title 31) on the Institute’s activities, costs, demand, impacts, and nomination process, except items already in the President’s budget under section 1105 of title 31. The terms “cybersecurity threat,” “incident,” and “information system” are used and are defined elsewhere in law.
Full Legal Text
Title 6, §383
Domestic Security — Source: USLM XML via OLRC
(a)There is authorized for fiscal years 2023 through 2028 within the United States Secret Service a National Computer Forensics Institute (in this section referred to as the “Institute”). The Institute’s mission shall be to educate, train, and equip State, local, territorial, and Tribal law enforcement officers, prosecutors, and judges, as well as participants in the United States Secret Service’s network of cyber fraud task forces who are Federal employees, members of the uniformed services, or State, local, Tribal, or territorial employees, regarding the investigation and prevention of cybersecurity incidents, electronic crimes, and related cybersecurity threats, including through the dissemination of homeland security information, in accordance with relevant Federal law regarding privacy, civil rights, and civil liberties protections.
(b)In furtherance of subsection (a), all education and training of the Institute shall be conducted in accordance with relevant Federal law regarding privacy, civil rights, and civil liberties protections. Education and training provided pursuant to subsection (a) shall relate to the following:
(1)Investigating and preventing cybersecurity incidents, electronic crimes, and related cybersecurity threats, including relating to instances involving illicit use of digital assets and emerging trends in cybersecurity and electronic crime.
(2)Conducting forensic examinations of computers, mobile devices, and other information systems.
(3)Prosecutorial and judicial considerations related to cybersecurity incidents, electronic crimes, related cybersecurity threats, and forensic examinations of computers, mobile devices, and other information systems.
(4)Methods to obtain, process, store, and admit digital evidence in court.
(c)In carrying out the functions specified in subsection (b), the Institute shall ensure, to the extent practicable, that timely, actionable, and relevant expertise and information related to cybersecurity incidents, electronic crimes, and related cybersecurity threats is shared with recipients of education and training provided pursuant to subsection (a). When selecting participants for such training, the Institute shall prioritize, to the extent reasonable and practicable, providing education and training to individuals from geographically-diverse jurisdictions throughout the United States, and the Institute shall prioritize, to the extent reasonable and practicable, State, local, tribal, and territorial law enforcement officers, prosecutors, judges, and other employees.
(d)The Institute may provide recipients of education and training provided pursuant to subsection (a) with computer equipment, hardware, software, manuals, and tools for investigating and preventing cybersecurity incidents, electronic crimes, and related cybersecurity threats, and for forensic examinations of computers, mobile devices, and other information systems.
(e)The Institute shall facilitate the expansion of the network of Cyber Fraud Task Forces of the United States Secret Service through the addition of recipients of education and training provided pursuant to subsection (a) educated and trained by the Institute.
(f)All authorized activities and functions carried out by the Institute at any location as of the day before November 2, 2017, are authorized to continue to be carried out at any such location on and after such date.
(g)The Director of the United States Secret Service may pay for all or a part of the education, training, or equipment provided by the Institute, including relating to the travel, transportation, and subsistence expenses of recipients of education and training provided pursuant to subsection (a).
(h)(1)The Secretary shall include in the annual report required under section 1116 of title 31 information regarding the activities of the Institute, including, where possible, the following:
(A)An identification of jurisdictions with recipients of the education and training provided pursuant to subsection (a) during such year.
(B)Information relating to the costs associated with that education and training.
(C)Any information regarding projected future demand for the education and training provided pursuant to subsection (a).
(D)Impacts of the activities of the Institute on the capability of jurisdictions to investigate and prevent cybersecurity incidents, electronic crimes, and related cybersecurity threats.
(E)A description of the nomination process for potential recipients of the information and training provided pursuant to subsection (a).
(F)Any other issues determined relevant by the Secretary.
(2)Any information required under paragraph (1) that is submitted as part of the annual budget submitted by the President to Congress under section 1105 of title 31 is not required to be included in the report required under paragraph (1).
(i)In this section:
(1)The term “cybersecurity threat” has the meaning given such term in section 1501 of this title.
(2)The term “incident” has the meaning given such term in section 659(a) 11 See References in Text note below. of this title.
(3)The term “information system” has the meaning given such term in section 1501(9) of this title.
Legislative History
Notes & Related Subsidiaries
Editorial Notes
References in Text
section 659(a) of this title, referred to in subsec. (i)(2), was amended by Pub. L. 117–263, § 7143(b)(2)(D)(i), and no longer defines the term “incident”. Reference to term “incident” as defined in this chapter deemed to be a reference to that term as defined in section 650(12) of this title, see section 7143(f)(2) of Pub. L. 117–263, set out as a Rule of
Construction
note under section 650 of this title.
Amendments
2022—Subsec. (a). Pub. L. 117–263, § 7123(1), substituted, in heading, “In general; mission” for “In general”, in first sentence, “2023 through 2028” for “2017 through 2022”, and, in second sentence, “The Institute’s mission shall be to educate, train, and equip State, local, territorial, and Tribal law
Enforcement
officers, prosecutors, and judges, as well as participants in the United States Secret Service’s network of cyber fraud task forces who are Federal employees, members of the uniformed services, or State, local, Tribal, or territorial employees, regarding the investigation and prevention of cybersecurity incidents, electronic crimes, and related cybersecurity threats, including through the dissemination of homeland security information, in accordance with relevant Federal law regarding privacy, civil rights, and civil liberties protections.” for “The Institute shall disseminate information related to the investigation and prevention of cyber and electronic crime and related threats, and educate, train, and equip State, local, tribal, and territorial law
Enforcement
officers, prosecutors, and judges.” Subsec. (b). Pub. L. 117–263, § 7123(2), amended subsec. (b) generally. Prior to amendment, subsec. (b) related to the functions of the Institute. Subsec. (c). Pub. L. 117–263, § 7123(3), substituted “cybersecurity incidents, electronic crimes, and related cybersecurity threats is shared with recipients of education and training provided pursuant to subsection (a)” for “cyber and electronic crime and related threats is shared with State, local, tribal, and territorial law
Enforcement
officers and prosecutors” and inserted at end “When selecting participants for such training, the Institute shall prioritize, to the extent reasonable and practicable, providing education and training to individuals from geographically-diverse jurisdictions throughout the United States, and the Institute shall prioritize, to the extent reasonable and practicable, State, local, tribal, and territorial law
Enforcement
officers, prosecutors, judges, and other employees.” Subsec. (d). Pub. L. 117–263, § 7123(4), substituted “recipients of education and training provided pursuant to subsection (a)” for “State, local, tribal, and territorial law
Enforcement
officers” and “for investigating and preventing cybersecurity incidents, electronic crimes, and related cybersecurity threats, and for forensic examinations of computers, mobile devices, and other information systems” for “necessary to conduct cyber and electronic crime and related threat investigations and computer and mobile device forensic examinations”. Subsec. (e). Pub. L. 117–263, § 7123(5), in heading, substituted “Cyber Fraud Task Forces” for “Electronic Crime Task Forces” and, in text, substituted “Cyber Fraud” for “Electronic Crime”, “recipients of education and training provided pursuant to subsection (a)” for “State, local, tribal, and territorial law
Enforcement
officers”, and “by” for “at”. Subsecs. (g) to (i). Pub. L. 117–263, § 7123(6), added subsecs. (g) to (i).
Reference
Citations & Metadata
Citation
6 U.S.C. § 383
Title 6 — Domestic Security
Last Updated
Apr 6, 2026
Release point: 119-73