§4112. Requirement for information sharing agreements
(a) Short title
This section may be cited as the "Intragovernmental Cybersecurity and Counterintelligence Information Sharing Act".
(b) Findings
Congress finds the following:
(1) The legislative branch, as a separate and equal branch of the United States Government, is a target of adversary cyber actors and intelligence services.
(2) The legislative branch relies on the executive branch to provide timely and urgent tactical and operational information to ensure that Congress can protect the constitutional officers, personnel, and facilities of Congress and the institution of Congress more broadly.
(3) The legislative branch currently is not receiving this information in a timely manner nor as a matter of course.
(c) Definitions
In this section-
(1) the term "congressional leadership" means-
(A) the Majority and Minority Leader of the Senate with respect to an agreement with the Sergeant at Arms and Doorkeeper of the Senate or the Secretary of the Senate; and
(B) the Speaker and Minority Leader of the House of Representatives with respect to an agreement with the Chief Administrative Officer of the House of Representatives or the Sergeant at Arms of the House of Representatives; and
(2) the terms "cybersecurity threat" and "security vulnerability" have the meanings given those terms in section 650 of title 6, as added by section 5171 1 of this division.
(d) Requirement
(1) Designation
(A) In general
Not later than 30 days after December 23, 2022, the President shall designate-
(i) an individual appointed by the President, by and with the advice and consent of the Senate, to serve as a single point of contact to the legislative branch on matters related to tactical and operational cybersecurity threats and security vulnerabilities; and
(ii) an individual appointed by the President, by and with the advice and consent of the Senate, to serve as a single point of contact to the legislative branch on matters related to tactical and operational counterintelligence.
(B) Coordination
The individuals designated by the President under subparagraph (A) shall coordinate with appropriate Executive agencies (as defined in section 105 of title 5, including the Executive Office of the President) and appropriate officers in the executive branch in entering any agreement described in paragraph (2).
(2) Information sharing agreements
(A) In general
Not later than 90 days after December 23, 2022, the individuals designated by the President under paragraph (1)(A) shall enter into 1 or more information sharing agreements with-
(i) the Sergeant at Arms and Doorkeeper of the Senate with respect to cybersecurity information sharing, subject to the approval of congressional leadership and in consultation with the chairman and the ranking minority member of the Committee on Rules and Administration of the Senate;
(ii) the Secretary of the Senate with respect to counterintelligence information sharing, subject to the approval of congressional leadership and in consultation with the chairman and ranking minority member of the Committee on Rules and Administration of the Senate;
(iii) the Chief Administrative Officer of the House of Representatives with respect to cybersecurity information sharing, subject to the approval of the chair of the Committee on House Administration of the House of Representatives and in consultation with the ranking minority member of the committee and congressional leadership; and
(iv) the Sergeant at Arms of the House of Representatives with respect to counterintelligence information sharing, subject to the approval of the chair of the Committee on House Administration of the House of Representatives and in consultation with the ranking minority member of the committee and congressional leadership.
(B) Purpose
The agreements described in subparagraph (A) shall establish procedures for timely sharing of tactical and operational cybersecurity threat and security vulnerability information and planned or ongoing counterintelligence operations or targeted collection efforts with the legislative branch.
(3) Implementation
Not less frequently than semiannually during the 3-year period beginning on December 23, 2022, the individuals designated by the President under paragraph (1)(A) shall meet with the officers referenced in clauses (i), (ii), (iii), and (iv) of paragraph (2)(A), the chairman and ranking minority member of the Committee on Homeland Security and Governmental Affairs of the Senate, with respect to an agreement with the Sergeant at Arms and Doorkeeper of the Senate, and the chair and ranking minority member of the Committee on Oversight and Reform of the House of Representatives, with respect to an agreement with the Chief Administrative Officer of the House of Representatives or the Sergeant at Arms of the House of Representatives, to ensure the agreements with such officers are being implemented in a manner consistent with applicable laws, including this Act.
(e) Elements
(1) In general
The parties to an information sharing agreement under subsection (d)(2) shall jointly develop such elements of the agreement as the parties find appropriate, which-
(A) with respect to an agreement covered by subsection (d)(2)(A)(i) or (ii), shall, at a minimum, include the applicable elements specified in paragraph (2); and
(B) with respect to an agreement covered by subsection (d)(2)(A)(iii) or (iv), may include the applicable elements specified in paragraph (2).
(2) Elements specified
The elements specified in this paragraph are-
(A) direct and timely sharing of technical indicators and contextual information on cyber threats and security vulnerabilities, and the means for such sharing;
(B) direct and timely sharing of counterintelligence threats and vulnerabilities, including trends of counterintelligence activity, and the means for such sharing;
(C) identification, by position, of the officials at the operational and tactical level responsible for daily management of the agreement;
(D) the ability to seat cybersecurity personnel of the Office of the Sergeant at Arms and Doorkeeper of the Senate or the Office of the Chief Administrative Officer of the House of Representatives at cybersecurity operations centers within the executive branch; and
(E) any other elements the parties find appropriate.
(
Editorial Notes
References in Text
Section 5171 of this division, referred to in subsec. (c)(2), probably should be a reference to section 7143(b)(1) of div. G of
Statutory Notes and Related Subsidiaries
Change of Name
Committee on Oversight and Reform of House of Representatives changed to Committee on Oversight and Accountability of House of Representatives by House Resolution No. 5, One Hundred Eighteenth Congress, Jan. 9, 2023.