PRIA Logo
Title 22Foreign Relations and IntercourseRelease 119-73not60

§10302 International Cyberspace and Digital Policy Strategy

Title 22 › Chapter 110— INFORMATION SECURITY AND CYBER DIPLOMACY › § 10302

Last updated Apr 5, 2026|Official source

Summary

The President must have the Secretary lead a plan for U.S. international cyberspace and digital policy within 1 year after December 23, 2022. The plan must be made with other federal agencies. It must review past actions, explain how the State Department should do diplomacy on cyber issues, and list steps to work with other countries to set responsible rules, cut cyberattacks, protect critical infrastructure, share information and law‑enforcement work, and help civilians and companies be more resilient. The plan must also look at other countries’ ideas about norms, describe new and growing cyber threats to U.S. security, infrastructure, intellectual property, and citizens’ privacy, review tools the President can use to deter or calm cyber tensions and whether those tools have worked, and assess the resources, organization, authorities, and staffing needed. It must include a plan with the Department of Defense about including cyber matters in mutual defense agreements. The strategy must be published for the public in an unclassified form, including in the Federal Register, and may have a classified annex. Within 30 days after the plan is finished, the Secretary must brief the Senate Committees on Foreign Relations, Select Intelligence, and Armed Services, and the House Committees on Foreign Affairs, Permanent Select Intelligence, and Armed Services. The plan must be updated within 90 days of any major policy change and within 1 year after each new President takes office.

Full Legal Text

Title 22, §10302

Foreign Relations and Intercourse — Source: USLM XML via OLRC

(a)Not later than 1 year after December 23, 2022, the President, acting through the Secretary, and in coordination with the heads of other relevant Federal departments and agencies, shall develop an international cyberspace and digital policy strategy.
(b)The strategy required under subsection (a) shall include—
(1)a review of actions and activities undertaken to support the policy described in section 10301(a) of this title;
(2)a plan of action to guide the diplomacy of the Department with regard to foreign countries, including—
(A)conducting bilateral and multilateral activities—
(i)to develop and support the implementation of norms of responsible country behavior in cyberspace consistent with the commitments listed in section 10301(b)(5) of this title;
(ii)to reduce the frequency and severity of cyberattacks on United States individuals, businesses, governmental agencies, and other organizations;
(iii)to reduce cybersecurity risks to United States and allied critical infrastructure;
(iv)to improve allies’ and partners’ collaboration with the United States on cybersecurity issues, including information sharing, regulatory coordination and improvement, and joint investigatory and law enforcement operations related to cybercrime; and
(v)to share best practices and advance proposals to strengthen civilian and private sector resiliency to threats and access to opportunities in cyberspace; and
(B)reviewing the status of existing efforts in relevant multilateral fora, as appropriate, to obtain commitments on international norms regarding cyberspace;
(3)a review of alternative concepts for international norms regarding cyberspace offered by foreign countries;
(4)a detailed description, in consultation with the Office of the National Cyber Director and relevant Federal agencies, of new and evolving threats regarding cyberspace from foreign adversaries, state-sponsored actors, and non-state actors to—
(A)United States national security;
(B)the Federal and private sector cyberspace infrastructure of the United States;
(C)intellectual property in the United States; and
(D)the privacy and security of citizens of the United States;
(5)a review of the policy tools available to the President to deter and de-escalate tensions with foreign countries, state-sponsored actors, and private actors regarding—
(A)threats in cyberspace;
(B)the degree to which such tools have been used; and
(C)whether such tools have been effective deterrents;
(6)a review of resources required to conduct activities to build responsible norms of international cyber behavior;
(7)a review, in coordination with the Office of the National Cyber Director and the Office of Management and Budget, to determine whether the budgetary resources, technical expertise, legal authorities, and personnel available to the Department are adequate to achieve the actions and activities undertaken by the Department to support the policy described in section 10301(a) of this title;
(8)a review to determine whether the Department is properly organized and coordinated with other Federal agencies to achieve the objectives described in section 10301(b) of this title; and
(9)a plan of action, developed in coordination with the Department of Defense and in consultation with other relevant Federal departments and agencies as the President may direct, with respect to the inclusion of cyber issues in mutual defense agreements.
(c)(1)The strategy required under subsection (a) shall be available to the public in unclassified form, including through publication in the Federal Register.
(2)The strategy required under subsection (a) may include a classified annex.
(d)Not later than 30 days after the completion of the strategy required under subsection (a), the Secretary shall brief the Committee on Foreign Relations of the Senate, the Select Committee on Intelligence of the Senate, the Committee on Armed Services of the Senate, the Committee on Foreign Affairs of the House of Representatives, the Permanent Select Committee on Intelligence of the House of Representatives, and the Committee on Armed Services of the House of Representatives regarding the strategy, including any material contained in a classified annex.
(e)The strategy required under subsection (a) shall be updated—
(1)not later than 90 days after any material change to United States policy described in such strategy; and
(2)not later than 1 year after the inauguration of each new President.

Legislative History

Notes & Related Subsidiaries

Statutory Notes and Related Subsidiaries

Definitions “Secretary” and “Department” as used in this section mean the Secretary and Department of State, unless otherwise specified, see section 9002 of Pub. L. 117–263, set out as a note under section 2651 of this title.

Reference

Citations & Metadata

Citation

22 U.S.C. § 10302

Title 22Foreign Relations and Intercourse

Last Updated

Apr 5, 2026

Release point: 119-73not60