§4112 — Title 2 The Congress | U.S. Code

Summary

Requires the President to pick, within 30 days after December 23, 2022, two Senate‑confirmed officials to be single points of contact to Congress: one for urgent, tactical cybersecurity threats and vulnerabilities, and one for urgent, tactical counterintelligence. Those two officials must work with executive agencies and, within 90 days after December 23, 2022, make one or more written information‑sharing agreements with these congressional offices: the Sergeant at Arms and Doorkeeper of the Senate (cybersecurity), the Secretary of the Senate (counterintelligence), the Chief Administrative Officer of the House (cybersecurity), and the Sergeant at Arms of the House (counterintelligence). Those agreements need approval by the proper congressional leaders and consultation with the relevant committee chairs and ranking members. The agreements must create fast ways to share operational cyber threat and vulnerability information and planned or ongoing counterintelligence activities with Congress. They must, at least for the Senate agreements, include things like prompt technical indicators and context, counterintelligence trends, who is responsible by job at the operational level, and the option to place House or Senate cybersecurity staff in executive branch cyber operations centers. The two Presidential points of contact must meet with the named congressional officers and certain committee leaders at least twice a year for three years starting December 23, 2022. Definitions: “congressional leadership” = the Senate Majority and Minority Leaders for Senate matters and the Speaker and House Minority Leader for House matters; “cybersecurity threat” and “security vulnerability” are defined in section 650 of title 6.

Title 2, §4112

The Congress — Source: USLM XML via OLRC

(a)This section may be cited as the “Intragovernmental Cybersecurity and Counterintelligence Information Sharing Act”.

(b)Congress finds the following:

(1)The legislative branch, as a separate and equal branch of the United States Government, is a target of adversary cyber actors and intelligence services.

(2)The legislative branch relies on the executive branch to provide timely and urgent tactical and operational information to ensure that Congress can protect the constitutional officers, personnel, and facilities of Congress and the institution of Congress more broadly.

(3)The legislative branch currently is not receiving this information in a timely manner nor as a matter of course.

(c)In this section—

(1)the term “congressional leadership” means—

(A)the Majority and Minority Leader of the Senate with respect to an agreement with the Sergeant at Arms and Doorkeeper of the Senate or the Secretary of the Senate; and

(B)the Speaker and Minority Leader of the House of Representatives with respect to an agreement with the Chief Administrative Officer of the House of Representatives or the Sergeant at Arms of the House of Representatives; and

(2)the terms “cybersecurity threat” and “security vulnerability” have the meanings given those terms in section 650 of title 6, as added by section 5171 11 See References in Text note below. of this division.

(d)(1)(A)Not later than 30 days after December 23, 2022, the President shall designate—

(i)an individual appointed by the President, by and with the advice and consent of the Senate, to serve as a single point of contact to the legislative branch on matters related to tactical and operational cybersecurity threats and security vulnerabilities; and

(ii)an individual appointed by the President, by and with the advice and consent of the Senate, to serve as a single point of contact to the legislative branch on matters related to tactical and operational counterintelligence.

(B)The individuals designated by the President under subparagraph (A) shall coordinate with appropriate Executive agencies (as defined in section 105 of title 5, including the Executive Office of the President) and appropriate officers in the executive branch in entering any agreement described in paragraph (2).

(2)(A)Not later than 90 days after December 23, 2022, the individuals designated by the President under paragraph (1)(A) shall enter into 1 or more information sharing agreements with—

(i)the Sergeant at Arms and Doorkeeper of the Senate with respect to cybersecurity information sharing, subject to the approval of congressional leadership and in consultation with the chairman and the ranking minority member of the Committee on Rules and Administration of the Senate;

(ii)the Secretary of the Senate with respect to counterintelligence information sharing, subject to the approval of congressional leadership and in consultation with the chairman and ranking minority member of the Committee on Rules and Administration of the Senate;

(iii)the Chief Administrative Officer of the House of Representatives with respect to cybersecurity information sharing, subject to the approval of the chair of the Committee on House Administration of the House of Representatives and in consultation with the ranking minority member of the committee and congressional leadership; and

(iv)the Sergeant at Arms of the House of Representatives with respect to counterintelligence information sharing, subject to the approval of the chair of the Committee on House Administration of the House of Representatives and in consultation with the ranking minority member of the committee and congressional leadership.

(B)The agreements described in subparagraph (A) shall establish procedures for timely sharing of tactical and operational cybersecurity threat and security vulnerability information and planned or ongoing counterintelligence operations or targeted collection efforts with the legislative branch.

(3)Not less frequently than semiannually during the 3-year period beginning on December 23, 2022, the individuals designated by the President under paragraph (1)(A) shall meet with the officers referenced in clauses (i), (ii), (iii), and (iv) of paragraph (2)(A), the chairman and ranking minority member of the Committee on Homeland Security and Governmental Affairs of the Senate, with respect to an agreement with the Sergeant at Arms and Doorkeeper of the Senate, and the chair and ranking minority member of the Committee on Oversight and Reform of the House of Representatives, with respect to an agreement with the Chief Administrative Officer of the House of Representatives or the Sergeant at Arms of the House of Representatives, to ensure the agreements with such officers are being implemented in a manner consistent with applicable laws, including this Act.

(e)(1)The parties to an information sharing agreement under subsection (d)(2) shall jointly develop such elements of the agreement as the parties find appropriate, which—

(A)with respect to an agreement covered by subsection (d)(2)(A)(i) or (ii), shall, at a minimum, include the applicable elements specified in paragraph (2); and

(B)with respect to an agreement covered by subsection (d)(2)(A)(iii) or (iv), may include the applicable elements specified in paragraph (2).

(2)The elements specified in this paragraph are—

(A)direct and timely sharing of technical indicators and contextual information on cyber threats and security vulnerabilities, and the means for such sharing;

(B)direct and timely sharing of counterintelligence threats and vulnerabilities, including trends of counterintelligence activity, and the means for such sharing;

(C)identification, by position, of the officials at the operational and tactical level responsible for daily management of the agreement;

(D)the ability to seat cybersecurity personnel of the Office of the Sergeant at Arms and Doorkeeper of the Senate or the Office of the Chief Administrative Officer of the House of Representatives at cybersecurity operations centers within the executive branch; and

(E)any other elements the parties find appropriate.

Notes & Related Subsidiaries

Editorial Notes

References in Text

section 5171 of this division, referred to in subsec. (c)(2), probably should be a reference to section 7143(b)(1) of div. G of Pub. L. 117–263, which added section 650 of Title 6, Domestic Security.

Statutory Notes and Related Subsidiaries

Change of Name

Committee on Oversight and Reform of House of Representatives changed to Committee on Oversight and Accountability of House of Representatives by House Resolution No. 5, One Hundred Eighteenth Congress, Jan. 9, 2023.

§4112 Requirement for Information Sharing Agreements