PRIA Logo
Title 50War and National DefenseRelease 119-73not60

§3371c Notification of Significant Foreign Cyber Intrusions and Active Measures Campaigns Directed at Elections for Federal Offices

Title 50 › Chapter 45— MISCELLANEOUS INTELLIGENCE COMMUNITY AUTHORITIES › Subchapter IV— COLLECTION, ANALYSIS, AND SHARING OF INTELLIGENCE › § 3371c

Last updated Apr 5, 2026|Official source

Summary

The Director of National Intelligence, the FBI Director, and the Secretary of Homeland Security must work together when they decide that on or after December 20, 2019, a significant foreign cyber attack or a covert foreign influence operation meant to affect an upcoming election for a federal office has happened or is happening, and they have moderate or high confidence it came from a foreign government or a foreign nonstate person or group. Within 14 days of that decision, they must give a classified briefing to congressional leaders (the Senate majority and minority leaders and the Speaker and House minority leader), the congressional intelligence committees, and certain other Congress committees. The briefing must describe the incident, say who it is attributed to, discuss whether the information could or should be made public, and include any other relevant details they choose. If the incident is a cyber intrusion, the Secretary of Homeland Security must offer a briefing to owners or operators of the affected election-related electronic systems about the intrusion and steps to reduce harm. All of this must protect intelligence sources and methods. Key terms: active measures campaign — a covert foreign intelligence operation; candidate, election, political party, and Federal office — defined in 52 U.S.C. 30101; congressional leadership — the four leaders named above; cyber intrusion — an electronic event that harms or risks election systems or the information in them; electronic election infrastructure — electronic systems of the Federal Government, a State or local government, a political party, or a candidate’s campaign related to a federal election; high confidence — based on high-quality information from multiple sources; moderate confidence — credible and plausible but less certain; other appropriate congressional committees — the listed Armed Services, Foreign Relations/Affairs, Homeland Security, and Appropriations committees in both chambers.

Full Legal Text

Title 50, §3371c

War and National Defense — Source: USLM XML via OLRC

(a)In this section:
(1)The term “active measures campaign” means a foreign semi-covert or covert intelligence operation.
(2)The terms “candidate”, “election”, and “political party” have the meanings given those terms in section 30101 of title 52.
(3)The term “congressional leadership” includes the following:
(A)The majority leader of the Senate.
(B)The minority leader of the Senate.
(C)The Speaker of the House of Representatives.
(D)The minority leader of the House of Representatives.
(4)The term “cyber intrusion” means an electronic occurrence that actually or imminently jeopardizes, without lawful authority, electronic election infrastructure, or the integrity, confidentiality, or availability of information within such infrastructure.
(5)The term “electronic election infrastructure” means an electronic information system of any of the following that is related to an election for Federal office:
(A)The Federal Government.
(B)A State or local government.
(C)A political party.
(D)The election campaign of a candidate.
(6)The term “Federal office” has the meaning given that term in section 30101 of title 52.
(7)The term “high confidence”, with respect to a determination, means that the determination is based on high-quality information from multiple sources.
(8)The term “moderate confidence”, with respect to a determination, means that a determination is credibly sourced and plausible but not of sufficient quality or corroborated sufficiently to warrant a higher level of confidence.
(9)The term “other appropriate congressional committees” means—
(A)the Committee on Armed Services, the Committee on Foreign Relations, the Committee on Homeland Security and Governmental Affairs, and the Committee on Appropriations of the Senate; and
(B)the Committee on Armed Services, the Committee on Foreign Affairs, the Committee on Homeland Security, and the Committee on Appropriations of the House of Representatives.
(b)The Director of National Intelligence, the Director of the Federal Bureau of Investigation, and the Secretary of Homeland Security shall jointly carry out subsection (c) if such Directors and the Secretary jointly determine—
(1)that on or after December 20, 2019, a significant foreign cyber intrusion or active measures campaign intended to influence an upcoming election for any Federal office has occurred or is occurring; and
(2)with moderate or high confidence, that such intrusion or campaign can be attributed to a foreign state or to a foreign nonstate person, group, or other entity.
(c)(1)Not later than 14 days after making a determination under subsection (b), the Director of National Intelligence, the Director of the Federal Bureau of Investigation, and the Secretary of Homeland Security shall jointly provide a briefing to the congressional leadership, the congressional intelligence committees and, consistent with the protection of sources and methods, the other appropriate congressional committees. The briefing shall be classified and address, at a minimum, the following:
(A)A description of the significant foreign cyber intrusion or active measures campaign, as the case may be, covered by the determination.
(B)An identification of the foreign state or foreign nonstate person, group, or other entity, to which such intrusion or campaign has been attributed.
(C)The desirability and feasibility of the public release of information about the cyber intrusion or active measures campaign.
(D)Any other information such Directors and the Secretary jointly determine appropriate.
(2)With respect to a significant foreign cyber intrusion covered by a determination under subsection (b), the Secretary of Homeland Security, in consultation with the Director of National Intelligence and the Director of the Federal Bureau of Investigation, shall offer to the owner or operator of any electronic election infrastructure directly affected by such intrusion, a briefing on such intrusion, including steps that may be taken to mitigate such intrusion. Such briefing may be classified and made available only to individuals with appropriate security clearances.
(3)This subsection shall be carried out in a manner that is consistent with the protection of sources and methods.

Legislative History

Notes & Related Subsidiaries

Statutory Notes and Related Subsidiaries

Definitions For definition of “congressional intelligence committees”, referred to in subsec. (c)(1), see section 5003 of div. E of Pub. L. 116–92, set out as a note under section 3003 of this title.

Reference

Citations & Metadata

Citation

50 U.S.C. § 3371c

Title 50War and National Defense

Last Updated

Apr 5, 2026

Release point: 119-73not60