The publication is reproduced in full below:
MOTION TO SUSPEND THE RULES AND PASS CERTAIN BILLS AND AGREE TO CERTAIN
RESOLUTIONS
Mr. HOYER. Mr. Speaker, pursuant to section 7 of House Resolution 535, I move to suspend the rules and pass the bills: H.R. 678; H.R. 1036; H.R. 1079; H.R. 1158; H.R. 1250; H.R. 1754; H.R. 1833; H.R. 1850; H.R. 1871; H.R. 1877; H.R. 1893; H.R. 1895; H.R. 2118; H.R. 2795; H.R. 2928; H.R. 2980; H.R. 3003; H.R. 3138; H.R. 3223; H.R. 3263; and H.R. 3264, and agree to H. Res. 277; and H. Res. 294.
The Clerk read the title of the bills and the resolutions.
The text of the bills and the resolutions are as follows:
preserving home and office numbers in emergencies act of 2021
H.R. 678
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Preserving Home and Office Numbers in Emergencies Act of 2021'' or the ``PHONE Act of 2021''.
SEC. 2. MORATORIUM ON NUMBER REASSIGNMENT AFTER DISASTER
DECLARATION.
(a) In General.--Section 251(e) of the Communications Act of 1934 (47 U.S.C. 251(e)) is amended by adding at the end the following:
``(5) Moratorium on number reassignment after disaster declaration.--
``(A) In general.--In the case of a number assigned to a subscriber for the provision of fixed wireline voice service at a location in a designated area during a covered period--
``(i) the number may not be reassigned, except at the request of the subscriber; and
``(ii) the assignment of the number may not be rescinded or otherwise modified, except at the request of the subscriber.
``(B) Extension at request of subscriber.--During the covered period, at the request of a subscriber described in subparagraph (A), the prohibition in subparagraph (A) shall be extended for the number for 1 year after the date on which the covered period expires.
``(C) Subscriber right to cancel and resubscribe.--
``(i) In general.--In the case of a number described under subparagraph (A) or (B), if the subscriber assigned to such number demonstrates to the provider of the service (or, under subclause (II), any other provider of fixed wireline voice service that serves the local area) that the residence where the number is located is inaccessible or uninhabitable--
``(I) the provider may not charge the subscriber an early termination or other fee in connection with the cancellation of such service, if cancelled during the covered period or the extension of the period described in subparagraph (B); and
``(II) if the subscriber cancels the service during the covered period or the extension of the period described in subparagraph (B), the provider (or any other provider of fixed wireline voice service that serves the local area)--
``(aa) shall permit the subscriber to subscribe or resubscribe, as the case may be, to fixed wireline voice service with the number at the residence or at a different residence (if such number is available in the location of such different residence); and
``(bb) may not charge the subscriber a connection fee or any other fee relating to the initiation of fixed wireline voice service.
``(ii) Cancellation without demonstration of inaccessibility or uninhabitability.--If a subscriber cancels the provision of service assigned to a number described in subparagraph (A) or (B) and does not demonstrate to the provider of such service that the residence where the number is located is inaccessible or uninhabitable as described under clause (i), the number is no longer subject to the prohibition under subparagraph (A) or (B).
``(D) Identification on commission website.--The Commission shall publicly identify on the website of the Commission each designated area that is in a covered period, not later than 15 days after the submission of a public designation by a State under subparagraph (E)(iii) with respect to such area. In identifying a designated area under subparagraph (E)(iii), a State shall consult with providers of fixed wireline voice service that serve such area and coordinate with the Federal Emergency Management Agency to reasonably limit the designated area to areas that have sustained covered damage.
``(E) Definitions.--In this paragraph:
``(i) Covered damage.--The term `covered damage' means, with respect to an area--
``(I) damage that renders residences in such area inaccessible or uninhabitable; or
``(II) damage that otherwise results in the displacement of subscribers from or within such area.
``(ii) Covered period.--The term `covered period' means a period that--
``(I) begins on the date of a declaration by the President of a major disaster under section 401 of the Robert T. Stafford Disaster Relief and Emergency Assistance Act (42 U.S.C. 5170) with respect to a designated area; and
``(II) ends on the date that is 1 year after such date.
``(iii) Designated area.--The term `designated area' means a geographic area for which a State has submitted a public designation to the Commission, within 15 days after a declaration by the President of a major disaster under section 401 of the Robert T. Stafford Disaster Relief and Emergency Assistance Act (42 U.S.C. 5170) with respect to such area, stipulating that the State has determined that--
``(I) covered damage was sustained in such area; and
``(II) the prohibitions described in this paragraph are necessary and in the public interest.
``(iv) Voice service.--The term `voice service' has the meaning given the term `voice service' in section 227(e)(8).''.
(b) Amendment of FCC Rules Required.--Not later than 180 days after the date of the enactment of this Act, the Federal Communications Commission shall amend its rules to reflect the requirements of paragraph (5) of section 251(e) of the Communications Act of 1934 (47 U.S.C. 251(e)), as added by subsection (a).
(c) Applicability.--Paragraph (5) of section 251(e) of the Communications Act of 1934 (47 U.S.C. 251(e)), as added by subsection (a), shall apply with respect to a major disaster declared by the President under section 401 of the Robert T. Stafford Disaster Relief and Emergency Assistance Act (42 U.S.C. 5170) after the date that is 180 days after the date on which the Commission announces that the Commission is capable of publicly identifying a designated area on the website of the Commission under subparagraph (D) of such paragraph (5).
(d) Order of Amendment Execution.--If this Act is enacted before October 17, 2021, section 3(a) of the National Suicide Hotline Designation Act of 2020 (Public Law 116-172) is amended, effective on the date of the enactment of this Act, by striking ``adding at the end'' and inserting ``inserting after paragraph (3)'', so that the paragraph (4) that is to be added by such section to section 251(e) of the Communications Act of 1934 (47 U.S.C. 251(e)) appears after paragraph (3) of such section 251(e) and before the paragraph
(5) added to such section 251(e) by subsection (a) of this section.
Bassam Barabandi Rewards for Justice Act
H.R. 1036
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Bassam Barabandi Rewards for Justice Act''.
SECTION 2. AMENDMENT TO DEPARTMENT OF STATE REWARDS PROGRAM.
Subsection (b) of section 36 of the State Department Basic Authorities Act of 1956 (22 U.S.C. 2708) is amended--
(1) in paragraph (11), by striking ``or'' after the semicolon at the end;
(2) in paragraph (12), by striking the period at the end and inserting ``; or''; and
(3) by adding at the end the following new paragraph.
``(13) the identification or location of an individual or entity that--
``(A) knowingly, directly or indirectly, imports, exports, or reexports to, into, or from any country any goods, services, or technology controlled for export by the United States because of the use of such goods, services, or technology in contravention of a United States or United Nations sanction; or
``(B) knowingly, directly or indirectly, provides training, advice, or other services or assistance, or engages in significant financial transactions, relating to any such goods, services, or technology in contravention of such sanction.''.
Desert Locust Control Act
H.R. 1079
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Desert Locust Control Act''.
SEC. 2. STATEMENT OF POLICY.
It is the policy of the United States to prioritize efforts to control the ongoing desert locust outbreak in East Africa and other affected regions, mitigate the impacts on food security, economic productivity, and political stability, improve interagency coordination to prevent future outbreaks, and promote resilience in affected countries.
SEC. 3. FINDINGS.
Congress finds the following:
(1) The United States Agency for International Development reports that countries in East Africa are currently suffering the worst desert locust outbreak in decades, which will devour crops and pasture and destroy local livelihoods across the region.
(2) As of December 2020, the Food and Agriculture Organization reported that there were 42 million people experiencing acute food insecurity in East Africa, which numbers are projected to increase if the desert locust outbreak is not controlled.
(3) The desert locust outbreak in East Africa, particularly in Kenya, Ethiopia, and Somalia, is negatively impacting food security, local livelihoods and economic productivity, and may threaten political stability in the region.
(4) Proactive investments now to control the desert locust outbreak could reduce the need for a much larger United States humanitarian response effort later, as well as support economic and political stability and build resilience in affected countries.
(5) In order to optimize the United States response to the desert locust outbreak, an interagency working group should be established to develop and implement a comprehensive, strategic plan to control the desert locust outbreak in East Africa and other affected regions, mitigate impacts on food security, economic productivity, and political stability and prevent future outbreaks.
SEC. 4. INTERAGENCY WORKING GROUP.
(a) Establishment.--The President shall establish an interagency working group to coordinate the United States response to the ongoing desert locust outbreak in East Africa and other affected regions, including the development of a comprehensive, strategic plan to control the outbreak, mitigate the impacts on food security, economic productivity, and political stability, and prevent future outbreaks.
(b) Membership.--
(1) In general.--The interagency working group shall be composed of the following:
(A) Two representatives from the United States Agency for International Development.
(B) One representative from each of the following:
(i) The United States Mission to the United Nations Agencies for Food and Agriculture.
(ii) The National Security Council.
(iii) The Department of State.
(iv) The Department of Defense.
(v) The Department of Agriculture.
(vi) Any other relevant Federal department or agency.
(2) Chair.--The President shall designate one of the representatives from the United States Agency for International Development described in paragraph (1)(A) to serve as chair of the interagency working group.
(c) Duties.--The interagency working group shall--
(1) assess the scope of the desert locust outbreak in East Africa and other affected regions, including its impact on food security, economic productivity, and political stability in affected countries;
(2) assess the impacts of restrictions relating to the coronavirus disease 2019 (commonly referred to as ``COVID- 19'') pandemic on efforts to control the desert locust outbreak and mitigate its impacts and in exacerbating food insecurity;
(3) monitor the effectiveness of ongoing assistance efforts to control the desert locust outbreak and mitigate its impacts and identify gaps and opportunities for additional support to such programs;
(4) review the effectiveness of regional and multilateral efforts to control the desert locust outbreak and the coordination among relevant United States Government agencies, regional governments, and international organizations, including the World Food Programme and the United Nations Food and Agriculture Organization; and
(5) not later than 90 days after the establishment of the interagency working group under subsection (a), develop and submit to the President and the appropriate congressional committees a comprehensive, strategic plan to control the desert locust outbreak, including a description of efforts to--
(A) improve coordination among relevant United States Government agencies, regional governments, and international organizations, including the World Food Programme and the United Nations Food and Agriculture Organization;
(B) ensure delivery of necessary assets control the desert locust outbreak and humanitarian and development assistance to address and mitigate impacts to food security, economic productivity, and political stability; and
(C) to the extent practicable, prevent and mitigate future desert locust and other, similar destructive insect outbreaks
(such as Fall Armyworm) in Africa and other parts of the world, which require a humanitarian response.
(d) Interagency Working Group Support.--The interagency working group shall continue to meet not less than semi- annually to facilitate implementation of the comprehensive, strategic plan required by subsection (c)(5).
(e) Sunset.--This Act shall terminate on the date that is 2 years after the date of the enactment of this Act, or at such time as there is no longer an upsurge in the desert locust outbreak in East Africa, whichever occurs earlier.
(g) Appropriate Congressional Committees Defined.--In this section, the term ``appropriate congressional committees'' means--
(1) the Committee on Foreign Affairs and the Committee on Appropriations of the House of Representatives; and
(2) the Committee on Foreign Relations and the Committee on Appropriations of the Senate.
Refugee Sanitation Facility Safety Act of 2021
H.R. 1158
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Refugee Sanitation Facility Safety Act of 2021''.
SEC. 2. SECURE ACCESS TO SANITATION FACILITIES FOR WOMEN AND
GIRLS.
Subsection (a) of section 501 of the Foreign Relations Authorization Act, Fiscal Years 1994 and 1995 (22 U.S.C. 2601 note) is amended--
(1) by redesignating paragraphs (6) through (11) as paragraphs (7) through (12), respectively; and
(2) by inserting after paragraph (5) the following new paragraph:
``(6) the provision of safe and secure access to sanitation facilities, with a special emphasis on women, girls, and vulnerable populations.''.
Emergency Reporting Act
H.R. 1250
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Emergency Reporting Act''.
SEC. 2. REPORTS AFTER ACTIVATION OF DISASTER INFORMATION
REPORTING SYSTEM; IMPROVEMENTS TO NETWORK
OUTAGE REPORTING.
(a) Reports After Activation of Disaster Information Reporting System.--
(1) Preliminary report.--
(A) In general.--Not later than 6 weeks after the deactivation of the Disaster Information Reporting System with respect to an event for which the System was activated for at least 7 days, the Commission shall issue a preliminary report on, with respect to such event and to the extent known--
(i) the number and duration of any outages of--
(I) broadband internet access service;
(II) interconnected VoIP service;
(III) commercial mobile service; and
(IV) commercial mobile data service;
(ii) the approximate number of users or the amount of communications infrastructure potentially affected by an outage described in clause (i);
(iii) the number and duration of any outages at public safety answering points that prevent public safety answering points from receiving emergency calls and routing such calls to emergency service personnel; and
(iv) any additional information determined appropriate by the Commission.
(B) Development of report.--The Commission shall develop the report required by subparagraph (A) using information collected by the Commission, including information collected by the Commission through the System.
(2) Public field hearings.--
(A) Requirement.--Not later than 8 months after the deactivation of the Disaster Information Reporting System with respect to an event for which the System was activated for at least 7 days, the Commission shall hold at least 1 public field hearing in the area affected by such event.
(B) Inclusion of certain individuals in hearings.--For each public field hearing held under subparagraph (A), the Commission shall consider including--
(i) representatives of State government, local government, or Indian Tribal governments in areas affected by such event;
(ii) residents of the areas affected by such event, or consumer advocates;
(iii) providers of communications services affected by such event;
(iv) faculty of institutions of higher education;
(v) representatives of other Federal agencies;
(vi) electric utility providers;
(vii) communications infrastructure companies; and
(viii) first responders, emergency managers, or 9-1-1 directors in areas affected by such event.
(3) Final report.--Not later than 12 months after the deactivation of the Disaster Information Reporting System with respect to an event for which the System was activated for at least 7 days, the Commission shall issue a final report that includes, with respect to such event--
(A) the information described under paragraph (1)(A); and
(B) any recommendations of the Commission on how to improve the resiliency of affected communications or networks recovery efforts.
(4) Development of reports.--In developing a report required under this subsection, the Commission shall consider information collected by the Commission, including information collected by the Commission through the System, and any public hearing described in paragraph (2) with respect to the applicable event.
(5) Publication.--The Commission shall publish each report, excluding information that is otherwise exempt from public disclosure under the rules of the Commission, issued under this subsection on the website of the Commission upon the issuance of such report.
(b) Improvements to Network Outage Reporting.--Not later than 1 year after the date of the enactment of this Act, the Commission shall conduct a proceeding and, after public notice and an opportunity for comment, adopt rules to--
(1) determine the circumstances under which to require service providers subject to the 9-1-1 regulations established under part 9 of title 47, Code of Federal Regulations, to submit a timely notification, (in an easily accessible format that facilities situational awareness) to public safety answering points regarding communications service disruptions within the assigned territories of such public safety answering points that prevent--
(A) the origination of 9-1-1 calls;
(B) the delivery of Automatic Location Information; or
(C) Automatic Number Identification;
(2) require such notifications to be made; and
(3) specify the appropriate timing of such notification.
(c) Definitions.--In this section:
(1) Automatic location information; automatic number identification.--The terms ``Automatic Location Information'' and ``Automatic Number Identification'' have the meaning given those terms in section 9.3 of title 47, Code of Federal Regulations, or any successor regulation.
(2) Broadband internet access service.--The term
``broadband internet access service'' has the meaning given such term in section 8.1(b) of title 47, Code of Federal Regulations, or any successor regulation.
(3) Commercial mobile service.--The term ``commercial mobile service'' has the meaning given such term in section 332(d) of the Communications Act of 1934 (47 U.S.C. 332(d)).
(4) Commercial mobile data service.--The term ``commercial mobile data service'' has the meaning given such term in section 6001 of the Middle Class Tax Relief and Job Creation Act of 2012 (47 U.S.C. 1401).
(5) Commission.--The term ``Commission'' means the Federal Communications Commission.
(6) Indian tribal government; local government.--The terms
``Indian Tribal government'' and ``Indian Tribal Government'' have the meaning given those terms in section 102 of the Robert T. Stafford Disaster Relief and Emergency Assistance Act (42 U.S.C. 5121).
(7) Interconnected voip service.--The term ``interconnected VoIP service'' has the meaning given such term in section 3 of the Communications Act of 1934 (47 U.S.C. 153).
(8) Public safety answering point.--The term ``public safety answering point'' has the meaning given such term in section 222 of the Communications Act of 1934 (47 U.S.C. 222).
(9) State.--The term ``State'' has the meaning given such term in section 3 of the Communications Act of 1934 (47 U.S.C. 153).
Measuring the Economics Driving Investments and Access for Diversity
Act of 2021
H.R. 1754
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Measuring the Economics Driving Investments and Access for Diversity Act of 2021'' or the ``MEDIA Diversity Act of 2021''.
SEC. 2. CONSIDERING MARKET ENTRY BARRIERS FOR SOCIALLY
DISADVANTAGED INDIVIDUALS.
Section 13(d) of the Communications Act of 1934 (47 U.S.C. 163(d)) is amended by adding at the end the following:
``(4) Considering socially disadvantaged individuals.--In assessing the state of competition under subsection (b)(1) and regulatory barriers under subsection (b)(3), the Commission, with the input of the Office of Communications Business Opportunities of the Commission, shall consider market entry barriers for socially disadvantaged individuals in the communications marketplace in accordance with the national policy under section 257(b).''.
DHS Industrial Control Systems Capabilities Enhancement Act of 2021
H.R. 1833
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``DHS Industrial Control Systems Capabilities Enhancement Act of 2021''.
SEC. 2. CAPABILITIES OF THE CYBERSECURITY AND INFRASTRUCTURE
SECURITY AGENCY TO IDENTIFY THREATS TO
INDUSTRIAL CONTROL SYSTEMS.
(a) In General.--Section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659) is amended--
(1) in subsection (e)(1)--
(A) in subparagraph (G), by striking ``and'' after the semicolon;
(B) in subparagraph (H), by inserting ``and'' after the semicolon; and
(C) by adding at the end the following new subparagraph:
``(I) activities of the Center address the security of both information technology and operational technology, including industrial control systems;''; and
(2) by adding at the end the following new subsection:
``(p) Industrial Control Systems.--The Director shall maintain capabilities to identify and address threats and vulnerabilities to products and technologies intended for use in the automated control of critical infrastructure processes. In carrying out this subsection, the Director shall--
``(1) lead Federal Government efforts, in consultation with Sector Risk Management Agencies, as appropriate, to identify and mitigate cybersecurity threats to industrial control systems, including supervisory control and data acquisition systems;
``(2) maintain threat hunting and incident response capabilities to respond to industrial control system cybersecurity risks and incidents;
``(3) provide cybersecurity technical assistance to industry end-users, product manufacturers, Sector Risk Management Agencies, other Federal agencies, and other industrial control system stakeholders to identify, evaluate, assess, and mitigate vulnerabilities;
``(4) collect, coordinate, and provide vulnerability information to the industrial control systems community by, as appropriate, working closely with security researchers, industry end-users, product manufacturers, Sector Risk Management Agencies, other Federal agencies, and other industrial control systems stakeholders; and
``(5) conduct such other efforts and assistance as the Secretary determines appropriate.''.
(b) Report to Congress.--Not later than 180 days after the date of the enactment of this Act and every six months thereafter during the subsequent 4-year period, the Director of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security shall provide to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a briefing on the industrial control systems capabilities of the Agency under section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659), as amended by subsection (a).
(c) GAO Review.--Not later than two years after the date of the enactment of this Act, the Comptroller General of the United States shall review implementation of the requirements of subsections (e)(1)(I) and (p) of section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659), as amended by subsection (a), and submit to the Committee on Homeland Security in the House of Representatives and the Committee on Homeland Security and Government Affairs of the Senate a report containing findings and recommendations relating to such implementation. Such report shall include information on the following:
(1) Any interagency coordination challenges to the ability of the Director of the Cybersecurity and Infrastructure Agency of the Department of Homeland Security to lead Federal efforts to identify and mitigate cybersecurity threats to industrial control systems pursuant to subsection (p)(1) of such section.
(2) The degree to which the Agency has adequate capacity, expertise, and resources to carry out threat hunting and incident response capabilities to mitigate cybersecurity threats to industrial control systems pursuant to subsection
(p)(2) of such section, as well as additional resources that would be needed to close any operational gaps in such capabilities.
(3) The extent to which industrial control system stakeholders sought cybersecurity technical assistance from the Agency pursuant to subsection (p)(3) of such section, and the utility and effectiveness of such technical assistance.
(4) The degree to which the Agency works with security researchers and other industrial control systems stakeholders, pursuant to subsection (p)(4) of such section, to provide vulnerability information to the industrial control systems community.
Supporting Research and Development for First Responders Act
H.R. 1850
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Supporting Research and Development for First Responders Act''.
SEC. 2. NATIONAL URBAN SECURITY TECHNOLOGY LABORATORY.
(a) In General.--Title III of the Homeland Security Act of 2002 (6 U.S.C. 181 et seq.) is amended by adding at the end the following new section:
``SEC. 322. NATIONAL URBAN SECURITY TECHNOLOGY LABORATORY.
``(a) In General.--The Secretary, acting through the Under Secretary for Science and Technology, shall designate the laboratory described in subsection (b) as an additional laboratory pursuant to the authority under section 308(c)(2). Such laboratory shall be used to test and evaluate emerging technologies and conduct research and development to assist emergency response providers in preparing for, and protecting against, threats of terrorism.
``(b) Laboratory Described.--The laboratory described in this subsection is the laboratory--
``(1) known, as of the date of the enactment of this section, as the National Urban Security Technology Laboratory; and
``(2) transferred to the Department pursuant to section 303(1)(E).
``(c) Laboratory Activities.--The National Urban Security Technology Laboratory shall--
``(1) conduct tests, evaluations, and assessments of current and emerging technologies, including, as appropriate, the cybersecurity of such technologies that can connect to the internet, for emergency response providers;
``(2) act as a technical advisor to emergency response providers; and
``(3) carry out other such activities as the Secretary determines appropriate.
``(d) Rule of Construction.--Nothing in this section may be construed as affecting in any manner the authorities or responsibilities of the Countering Weapons of Mass Destruction Office of the Department.''.
(b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 is amended by inserting after the item relating to section 321 the following new item:
``Sec. 322. National Urban Security Technology Laboratory.''.
Transportation Security Transparency Improvement Act
H.R. 1871
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Transportation Security Transparency Improvement Act''.
SEC. 2. SENSITIVE SECURITY INFORMATION; INTERNATIONAL
AVIATION SECURITY.
(a) Sensitive Security Information.--
(1) In general.--Not later than 90 days after the date of the enactment of this Act, the Administrator of the Transportation Security Administration (TSA) shall--
(A) ensure clear and consistent designation of ``Sensitive Security Information'', including reasonable security justifications for such designation;
(B) develop and implement a schedule to regularly review and update, as necessary, TSA Sensitive Security Information Identification guidelines;
(C) develop a tracking mechanism for all Sensitive Security Information redaction and designation challenges;
(D) document justifications for changes in position regarding Sensitive Security Information redactions and designations, and make such changes accessible to TSA personnel for use with relevant stakeholders, including air carriers, airport operators, surface transportation operators, and State and local law enforcement, as necessary; and
(E) ensure that TSA personnel are adequately trained on appropriate designation policies.
(2) Stakeholder outreach.--Not later than 180 days after the date of the enactment of this Act, the Administrator of the Transportation Security Administration (TSA) shall conduct outreach to relevant stakeholders described in paragraph (1)(D) that regularly are granted access to Sensitive Security Information to raise awareness of the TSA's policies and guidelines governing the designation and use of Sensitive Security Information.
(b) International Aviation Security.--
(1) In general.--Not later than 60 days after the date of the enactment of this Act, the Administrator of the Transportation Security Administration shall develop and implement guidelines with respect to last point of departure airports to--
(A) ensure the inclusion, as appropriate, of air carriers and other transportation security stakeholders in the development and implementation of security directives and emergency amendments;
(B) document input provided by air carriers and other transportation security stakeholders during the security directive and emergency amendment, development, and implementation processes;
(C) define a process, including time frames, and with the inclusion of feedback from air carriers and other transportation security stakeholders, for cancelling or incorporating security directives and emergency amendments into security programs;
(D) conduct engagement with foreign partners on the implementation of security directives and emergency amendments, as appropriate, including recognition if existing security measures at a last point of departure airport are found to provide commensurate security as intended by potential new security directives and emergency amendments; and
(E) ensure that new security directives and emergency amendments are focused on defined security outcomes.
(2) Briefing to congress.--Not later than 90 days after the date of the enactment of this Act, the Administrator of the Transportation Security Administration shall brief the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate on the guidelines described in paragraph (1).
(3) Decisions not subject to judicial review.-- Notwithstanding any other provision of law, any action of the Administrator of the Transportation Security Administration under paragraph (1) is not subject to judicial review.
Security Screening During COVID-19 Act
H.R. 1877
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Security Screening During COVID-19 Act''.
SEC. 2. PLAN.
(a) In General.--Not later than 90 days after the date of the enactment of this Act, the Administrator, in coordination with the Chief Medical Officer of the Department of Homeland Security, and in consultation with the Secretary of Health and Human Services and the Director of the Centers for Disease Control and Prevention, shall issue and commence implementing a plan to enhance, as appropriate, security operations at airports during the COVID-19 national emergency in order to reduce risk of the spread of the coronavirus at passenger screening checkpoints and among the TSA workforce.
(b) Contents.--The plan required under subsection (a) shall include the following:
(1) An identification of best practices developed in response to the coronavirus among foreign governments, airports, and air carriers conducting aviation security screening operations, as well as among Federal agencies conducting similar security screening operations outside of airports, including in locations where the spread of the coronavirus has been successfully contained, that could be further integrated into the United States aviation security system.
(2) Specific operational changes to aviation security screening operations informed by the identification of best practices under paragraph (1) that could be implemented without degrading aviation security and a corresponding timeline and costs for implementing such changes.
(c) Considerations.--In carrying out the identification of best practices under subsection (b), the Administrator shall take into consideration the following:
(1) Aviation security screening procedures and practices in place at security screening locations, including procedures and practices implemented in response to the coronavirus.
(2) Volume and average wait times at each such security screening location.
(3) Public health measures already in place at each such security screening location.
(4) The feasibility and effectiveness of implementing similar procedures and practices in locations where such are not already in place.
(5) The feasibility and potential benefits to security, public health, and travel facilitation of continuing any procedures and practices implemented in response to the COVID-19 national emergency beyond the end of such emergency.
(d) Consultation.--In developing the plan required under subsection (a), the Administrator shall consult with public and private stakeholders and the TSA workforce, including through the labor organization certified as the exclusive representative of full- and part-time non-supervisory TSA personnel carrying out screening functions under section 44901 of title 49, U.S. Code.
(e) Submission.--Upon issuance of the plan required under subsection (a), the Administrator shall submit the plan to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate.
(f) Implementation.--The Administrator shall not be required to implement the plan required under subsection (a) upon the termination of the COVID-19 national emergency except to the extent the Administrator determines such implementation to be feasible and beneficial to security screening operations.
(g) GAO Review.--Not later than one year after the commencement of implementation pursuant to subsection (e) of the plan required under subsection (a), the Comptroller General of the United States shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a review of such implementation.
(h) Definitions.--In this section:
(1) Administrator.--The term ``Administrator'' means the Administrator of the Transportation Security Administration.
(2) Coronavirus.--The term ``coronavirus'' has the meaning given such term in section 506 of the Coronavirus Preparedness and Response Supplemental Appropriations Act, 2020 (Public Law 116-123).
(3) COVID-19 national emergency.--The term ``COVID-19 national emergency'' means the national emergency declared by the President under the National Emergencies Act (50 U.S.C. 1601 et seq.) on March 13, 2020, with respect to the coronavirus.
(4) Public and private stakeholders.--The term ``public and private stakeholders'' has the meaning given such term in section 114(t)(1)(C) of title 49, United States Code.
(5) TSA.--The term ``TSA'' means the Transportation Security Administration.
Transportation Security Preparedness Act of 2021
H.R. 1893
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Transportation Security Preparedness Act of 2021''.
SEC. 2. SURVEY OF THE TRANSPORTATION SECURITY ADMINISTRATION
WORKFORCE REGARDING COVID-19 RESPONSE.
(a) Survey.--Not later than 1 year after the date of the enactment of this Act, the Administrator of the Transportation Security Administration (referred to in this section as the ``Administrator''), in consultation with the labor organization certified as the exclusive representative of full- and part-time non-supervisory Administration personnel carrying out screening functions under section 44901 of title 49, United States Code, shall conduct a survey of the Transportation Security Administration (referred to in this section as the ``Administration'') workforce regarding the Administration's response to the COVID-19 pandemic. Such survey shall be conducted in a manner that allows for the greatest practicable level of workforce participation.
(b) Contents.--In conducting the survey required under subsection (a), the Administrator shall solicit feedback on the following:
(1) The Administration's communication and collaboration with the Administration's workforce regarding the Administration's response to the COVID-19 pandemic and efforts to mitigate and monitor transmission of COVID-19 among its workforce, including through--
(A) providing employees with personal protective equipment and mandating its use;
(B) modifying screening procedures and Administration operations to reduce transmission among officers and passengers and ensuring compliance with such changes;
(C) adjusting policies regarding scheduling, leave, and telework;
(D) outreach as a part of contact tracing when an employee has tested positive for COVID-19; and
(E) encouraging COVID-19 vaccinations and efforts to assist employees that seek to be vaccinated such as communicating the availability of duty time for travel to vaccination sites and recovery from vaccine side effects.
(2) Any other topic determined appropriate by the Administrator.
(c) Report.--Not later than 30 days after completing the survey required under subsection (a), the Administration shall provide a report summarizing the results of the survey to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate.
SEC. 3. TRANSPORTATION SECURITY PREPAREDNESS PLAN.
(a) Plan Required.--Section 114 of title 49, United States Code, is amended by adding at the end the following new subsection:
``(x) Transportation Security Preparedness Plan.--
``(1) In general.--Not later than two years after the date of the enactment of this subsection, the Secretary of Homeland Security, acting through the Administrator, in coordination with the Chief Medical Officer of the Department of Homeland Security and in consultation with the partners identified under paragraphs (3)(A)(i) through (3)(A)(iv), shall develop a transportation security preparedness plan to address the event of a communicable disease outbreak. The Secretary, acting through the Administrator, shall ensure such plan aligns with relevant Federal plans and strategies for communicable disease outbreaks.
``(2) Considerations.--In developing the plan required under paragraph (1), the Secretary, acting through the Administrator, shall consider each of the following:
``(A) The findings of the survey required under section 2 of the Transportation Security Preparedness Act of 2021.
``(B) All relevant reports and recommendations regarding the Administration's response to the COVID-19 pandemic, including any reports and recommendations issued by the Comptroller General and the Inspector General of the Department of Homeland Security.
``(C) Lessons learned from Federal interagency efforts during the COVID-19 pandemic.
``(3) Contents of plan.--The plan developed under paragraph
(1) shall include each of the following:
``(A) Plans for communicating and collaborating in the event of a communicable disease outbreak with the following partners:
``(i) Appropriate Federal departments and agencies, including the Department of Health and Human Services, the Centers for Disease Control and Prevention, the Department of Transportation, the Department of Labor, and appropriate interagency task forces.
``(ii) The workforce of the Administration, including through the labor organization certified as the exclusive representative of full- and part-time non-supervisory Administration personnel carrying out screening functions under section 44901 of this title.
``(iii) International partners, including the International Civil Aviation Organization and foreign governments, airports, and air carriers.
``(iv) Public and private stakeholders, as such term is defined under subsection (t)(1)(C).
``(v) The traveling public.
``(B) Plans for protecting the safety of the Transportation Security Administration workforce, including--
``(i) reducing the risk of communicable disease transmission at screening checkpoints and within the Administration's workforce related to the Administration's transportation security operations and mission;
``(ii) ensuring the safety and hygiene of screening checkpoints and other workstations;
``(iii) supporting equitable and appropriate access to relevant vaccines, prescriptions, and other medical care; and
``(iv) tracking rates of employee illness, recovery, and death.
``(C) Criteria for determining the conditions that may warrant the integration of additional actions in the aviation screening system in response to the communicable disease outbreak and a range of potential roles and responsibilities that align with such conditions.
``(D) Contingency plans for temporarily adjusting checkpoint operations to provide for passenger and employee safety while maintaining security during the communicable disease outbreak.
``(E) Provisions setting forth criteria for establishing an interagency task force or other standing engagement platform with other appropriate Federal departments and agencies, including the Department of Health and Human Services and the Department of Transportation, to address such communicable disease outbreak.
``(F) A description of scenarios in which the Administrator should consider exercising authorities provided under subsection (g) and for what purposes.
``(G) Considerations for assessing the appropriateness of issuing security directives and emergency amendments to regulated parties in various modes of transportation, including surface transportation, and plans for ensuring compliance with such measures.
``(H) A description of any potential obstacles, including funding constraints and limitations to authorities, that could restrict the ability of the Administration to respond appropriately to a communicable disease outbreak.
``(4) Dissemination.--Upon development of the plan required under paragraph (1), the Administrator shall disseminate the plan to the partners identified under paragraph (3)(A) and to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate.
``(5) Review of plan.--Not later than two years after the date on which the plan is disseminated under paragraph (4), and biennially thereafter, the Secretary, acting through the Administrator and in coordination with the Chief Medical Officer of the Department of Homeland Security, shall review the plan and, after consultation with the partners identified under paragraphs (3)(A)(i) through (3)(A)(iv), update the plan as appropriate.''.
(b) Comptroller General Report.--Not later than one year after the date on which the transportation security preparedness plan required under subsection (x) of section 114 of title 49, United States Code, as added by subsection
(a), is disseminated under paragraph (4) of such subsection
(x), the Comptroller General of the United States shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Commerce, Science, and Transportation of the Senate a report containing the results of a study assessing the transportation security preparedness plan, including an analysis of--
(1) whether such plan aligns with relevant Federal plans and strategies for communicable disease outbreaks; and
(2) the extent to which the Transportation Security Administration is prepared to implement the plan.
Transportation Security Public Health Threat Preparedness Act of 2021
H.R. 1895
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Transportation Security Public Health Threat Preparedness Act of 2021''.
SEC. 2. DEFINITIONS.
For purposes of this Act:
(1) Administrator.--The term ``Administrator'' means the Administrator of the Transportation Security Administration.
(2) Appropriate congressional committees.--The term
``appropriate congressional committees'' means--
(A) the Committee on Homeland Security of the House of Representatives; and
(B) the Committee on Homeland Security and Governmental Affairs and the Committee on Commerce, Science, and Transportation of the Senate.
(3) Department.--The term ``Department'' means the Department of Homeland Security.
(4) Sterile area.--The term ``sterile area'' has the meaning given such term in section 1540.5 of title 49, Code of Federal Regulations.
(5) TSA.--The term ``TSA'' means the Transportation Security Administration.
SEC. 3. AUTHORIZATION OF TSA PERSONNEL DETAILS.
(a) Coordination.--Pursuant to sections 106(m) and 114(m) of title 49, United States Code, the Administrator may provide TSA personnel, who are not engaged in front line transportation security efforts, to other components of the Department and other Federal agencies to improve coordination with such components and agencies to prepare for, protect against, and respond to public health threats to the transportation security system of the United States.
(b) Briefing.--Not later than 180 days after the date of the enactment of this Act, the Administrator shall brief the appropriate congressional committees regarding efforts to improve coordination with other components of the Department and other Federal agencies to prepare for, protect against, and respond to public health threats to the transportation security system of the United States.
SEC. 4. TSA PREPAREDNESS.
(a) Analysis.--
(1) In general.--The Administrator shall conduct an analysis of preparedness of the transportation security system of the United States for public health threats. Such analysis shall assess, at a minimum, the following:
(A) The risks of public health threats to the transportation security system of the United States, including to transportation hubs, transportation security stakeholders, TSA personnel, and passengers.
(B) Information sharing challenges among relevant components of the Department, other Federal agencies, international entities, and transportation security stakeholders.
(C) Impacts to TSA policies and procedures for securing the transportation security system.
(2) Coordination.--The analysis conducted of the risks described in paragraph (1)(A) shall be conducted in coordination with the Chief Medical Officer of the Department of Homeland Security, the Secretary of Health and Human Services, and transportation security stakeholders.
(b) Briefing.--Not later than 180 days after the date of the enactment of this Act, the Administrator shall brief the appropriate congressional committees on the following:
(1) The analysis required under subsection (a).
(2) Technologies necessary to combat public health threats at security screening checkpoints to better protect from future public health threats TSA personnel, passengers, aviation workers, and other personnel authorized to access the sterile area of an airport through such checkpoints, and the estimated cost of technology investments needed to fully implement across the aviation system solutions to such threats.
(3) Policies and procedures implemented by TSA and transportation security stakeholders to protect from public health threats TSA personnel, passengers, aviation workers, and other personnel authorized to access the sterile area through the security screening checkpoints, as well as future plans for additional measures relating to such protection.
(4) The role of TSA in establishing priorities, developing solutions, and coordinating and sharing information with relevant domestic and international entities during a public health threat to the transportation security system, and how TSA can improve its leadership role in such areas.
Securing America From Epidemics Act
H.R. 2118
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Securing America From Epidemics Act''.
SEC. 2. FINDINGS.
Congress finds the following:
(1) Due to increasing population and population density, human mobility, and ecological change, emerging infectious diseases pose a real and growing threat to global health security.
(2) While vaccines can be the most effective tools to protect against infectious disease, the absence of vaccines for a new or emerging infectious disease with epidemic potential is a major health security threat globally, posing catastrophic potential human and economic costs.
(3) The COVID-19 pandemic has infected more than 119,960,700 individuals and has killed at least 2,656,822 people worldwide, and it is likely that unreported cases and deaths are significant.
(4) Even regional outbreaks can have enormous human costs and substantially disrupt the global economy and cripple regional economies. The 2014 Ebola outbreak in West Africa killed more than 11,000 and cost $2,800,000,000 in losses in the affected countries alone.
(5) While the need for vaccines to address emerging epidemic threats is acute, markets to drive the necessary development of vaccines to address them--a complex and expensive undertaking--are very often critically absent. Also absent are mechanisms to ensure access to those vaccines by those who need them when they need them.
(6) To address this global vulnerability and the deficit of political commitment, institutional capacity, and funding, in 2017, several countries and private partners launched the Coalition for Epidemic Preparedness Innovations (CEPI). CEPI's mission is to stimulate, finance, and coordinate development of vaccines for high-priority, epidemic-potential threats in cases where traditional markets do not exist or cannot create sufficient demand.
(7) Through funding of partnerships, CEPI seeks to bring priority vaccines candidates through the end of phase II clinical trials, as well as support vaccine platforms that can be rapidly deployed against emerging pathogens.
(8) CEPI supported the manufacturing of the United States- developed Moderna COVID-19 vaccine during its Phase 1 clinical trial, and CEPI has initiated at least 12 partnerships to develop vaccines against COVID-19.
(9) CEPI is co-leading COVAX, the vaccines pillar of the ACT-Accelerator, which is a global collaboration to quickly produce and equitably distribute safe and effective vaccines and therapeutics for COVID-19.
(10) Support for and participation in CEPI is an important part of the United States own health security and biodefense and is in the national interest, complementing the work of many Federal agencies and providing significant value through global partnership and burden-sharing.
SEC. 3. AUTHORIZATION FOR UNITED STATES PARTICIPATION.
(a) In General.--The United States is hereby authorized to participate in the Coalition for Epidemic Preparedness Innovations (``Coalition'').
(b) Designation.--The President is authorized to designate an employee of the relevant Federal department or agency providing the majority of United States contributions to the Coalition, who should demonstrate knowledge and experience in the fields of development and public health, epidemiology, or medicine, to serve--
(1) on the Investors Council of the Coalition; and
(2) if nominated by the President, on the Board of Directors of the Coalition, as a representative of the United States.
(c) Reports to Congress.--Not later than 180 days after the date of the enactment of this Act, the President shall submit to the appropriate congressional committees a report that includes the following:
(1) The United States planned contributions to the Coalition and the mechanisms for United States participation in such Coalition.
(2) The manner and extent to which the United States shall participate in the governance of the Coalition.
(3) How participation in the Coalition supports relevant United States Government strategies and programs in health security and biodefense, including--
(A) the Global Health Security Strategy required by section 7058(c)(3) of division K of the Consolidated Appropriations Act, 2018 (Public Law 115-141);
(B) the applicable revision of the National Biodefense Strategy required by section 1086 of the National Defense Authorization Act for Fiscal Year 2017 (6 U.S.C. 104); and
(C) any other relevant decision-making process for policy, planning, and spending in global health security, biodefense, or vaccine and medical countermeasures research and development.
(d) United States Contributions.--Amounts authorized to be appropriated under chapters 1 and 10 of part I and chapter 4 of part II of the Foreign Assistance Act of 1961 (22 U.S.C. 2151 et seq.) are authorized to be made available for United States contributions to the Coalition.
(e) Appropriate Congressional Committees.--In this section, the term ``appropriate congressional committees'' means--
(1) the Committee on Foreign Affairs and the Committee on Appropriations of the House of Representatives; and
(2) the Committee on Foreign Relations and the Committee on Appropriations of the Senate.
DHS Blue Campaign Enhancement Act
H.R. 2795
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``DHS Blue Campaign Enhancement Act''.
SEC. 2. DEPARTMENT OF HOMELAND SECURITY BLUE CAMPAIGN
ENHANCEMENT.
Section 434 of the Homeland Security Act of 2002 (6 U.S.C. 242) is amended--
(1) in subsection (e)(6), by striking ``utilizing resources,'' and inserting ``developing and utilizing, in consultation with the Advisory Board established pursuant to subsection (g), resources''; and
(2) by adding at the end the following new subsections:
``(f) Web-Based Training Programs.--To enhance training opportunities, the Director of the Blue Campaign shall develop web-based interactive training videos that utilize a learning management system to provide online training opportunities that shall be made available to the following individuals:
``(1) Federal, State, local, Tribal, and territorial law enforcement officers.
``(2) Non-Federal correction system personnel.
``(3) Such other individuals as the Director determines appropriate.
``(g) Blue Campaign Advisory Board.--
``(1) In general.--The Secretary shall establish within the Department a Blue Campaign Advisory Board and shall assign to such Board a representative from each of the following components:
``(A) The Transportation Security Administration.
``(B) U.S. Customs and Border Protection.
``(C) U.S. Immigration and Customs Enforcement.
``(D) The Federal Law Enforcement Training Center.
``(E) The United States Secret Service.
``(F) The Office for Civil Rights and Civil Liberties.
``(G) The Privacy Office.
``(H) Any other components or offices the Secretary determines appropriate.
``(2) Charter.--The Secretary is authorized to issue a charter for the Board, and such charter shall specify the following:
``(A) The Board's mission, goals, and scope of its activities.
``(B) The duties of the Board's representatives.
``(C) The frequency of the Board's meetings.
``(3) Consultation.--The Director shall consult the Board established pursuant to paragraph (1) regarding the following:
``(A) Recruitment tactics used by human traffickers to inform the development of training and materials by the Blue Campaign.
``(B) The development of effective awareness tools for distribution to Federal and non-Federal officials to identify and prevent instances of human trafficking.
``(C) Identification of additional persons or entities that may be uniquely positioned to recognize signs of human trafficking and the development of materials for such persons.
``(4) Applicability.--The Federal Advisory Committee Act (5 U.S.C. App.) does not apply to--
``(A) the Board; or
``(B) consultations under paragraph (2).
``(h) Consultation.--With regard to the development of programs under the Blue Campaign and the implementation of such programs, the Director is authorized to consult with State, local, Tribal, and territorial agencies, non- governmental organizations, private sector organizations, and experts. Such consultation shall be exempt from the Federal Advisory Committee Act (5 U.S.C. App.).''.
Cyber Sense Act of 2021
H.R. 2928
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Cyber Sense Act of 2021''.
SEC. 2. CYBER SENSE.
(a) In General.--The Secretary of Energy, in coordination with relevant Federal agencies, shall establish a voluntary Cyber Sense program to test the cybersecurity of products and technologies intended for use in the bulk-power system, as defined in section 215(a) of the Federal Power Act (16 U.S.C. 824o(a)).
(b) Program Requirements.--In carrying out subsection (a), the Secretary of Energy shall--
(1) establish a testing process under the Cyber Sense program to test the cybersecurity of products and technologies intended for use in the bulk-power system, including products relating to industrial control systems and operational technologies, such as supervisory control and data acquisition systems;
(2) for products and technologies tested under the Cyber Sense program, establish and maintain cybersecurity vulnerability reporting processes and a related database;
(3) provide technical assistance to electric utilities, product manufacturers, and other electricity sector stakeholders to develop solutions to mitigate identified cybersecurity vulnerabilities in products and technologies tested under the Cyber Sense program;
(4) biennially review products and technologies tested under the Cyber Sense program for cybersecurity vulnerabilities and provide analysis with respect to how such products and technologies respond to and mitigate cyber threats;
(5) develop guidance, that is informed by analysis and testing results under the Cyber Sense program, for electric utilities for procurement of products and technologies;
(6) provide reasonable notice to the public, and solicit comments from the public, prior to establishing or revising the testing process under the Cyber Sense program;
(7) oversee testing of products and technologies under the Cyber Sense program; and
(8) consider incentives to encourage the use of analysis and results of testing under the Cyber Sense program in the design of products and technologies for use in the bulk-power system.
(c) Disclosure of Information.--Any cybersecurity vulnerability reported pursuant to a process established under subsection (b)(2), the disclosure of which the Secretary of Energy reasonably foresees would cause harm to critical electric infrastructure (as defined in section 215A of the Federal Power Act), shall be deemed to be critical electric infrastructure information for purposes of section 215A(d) of the Federal Power Act.
(d) Federal Government Liability.--Nothing in this section shall be construed to authorize the commencement of an action against the United States Government with respect to the testing of a product or technology under the Cyber Sense program.
cybersecurity vulnerability remediation act
H.R. 2980
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Cybersecurity Vulnerability Remediation Act''.
SEC. 2. CYBERSECURITY VULNERABILITIES.
Section 2209 of the Homeland Security Act of 2002 (6 U.S.C. 659) is amended--
(1) in subsection (a)--
(A) in paragraph (5), by striking ``and'' after the semicolon at the end;
(B) by redesignating paragraph (6) as paragraph (7); and
(C) by inserting after paragraph (5) the following new paragraph:
``(6) the term `cybersecurity vulnerability' has the meaning given the term `security vulnerability' in section 102 of the Cybersecurity Information Sharing Act of 2015 (6 U.S.C. 1501); and''.
(2) in subsection (c)--
(A) in paragraph (5)--
(i) in subparagraph (A), by striking ``and'' after the semicolon at the end;
(ii) by redesignating subparagraph (B) as subparagraph (C);
(iii) by inserting after subparagraph (A) the following new subparagraph:
``(B) sharing mitigation protocols to counter cybersecurity vulnerabilities pursuant to subsection (n); and''; and
(iv) in subparagraph (C), as so redesignated, by inserting
``and mitigation protocols to counter cybersecurity vulnerabilities in accordance with subparagraph (B)'' before
``with Federal'';
(B) in paragraph (7)(C), by striking ``sharing'' and inserting ``share''; and
(C) in paragraph (9), by inserting ``mitigation protocols to counter cybersecurity vulnerabilities,'' after
``measures,'';
(3) in subsection (e)(1)(G), by striking the semicolon after ``and'' at the end;
(4) by redesignating subsection (o) as subsection (p); and
(5) by inserting after subsection (n) following new subsection:
``(o) Protocols to Counter Certain Cybersecurity Vulnerabilities.--The Director may, as appropriate, identify, develop, and disseminate actionable protocols to mitigate cybersecurity vulnerabilities to information systems and industrial control systems, including in circumstances in which such vulnerabilities exist because software or hardware is no longer supported by a vendor.''.
SEC. 3. REPORT ON CYBERSECURITY VULNERABILITIES.
(a) Report.--Not later than one year after the date of the enactment of this Act, the Director of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate a report on how the Agency carries out subsection (n) of section 2209 of the Homeland Security Act of 2002 to coordinate vulnerability disclosures, including disclosures of cybersecurity vulnerabilities (as such term is defined in such section), and subsection (o) of such section (as added by section 2) to disseminate actionable protocols to mitigate cybersecurity vulnerabilities to information systems and industrial control systems, that includes the following:
(1) A description of the policies and procedures relating to the coordination of vulnerability disclosures.
(2) A description of the levels of activity in furtherance of such subsections (n) and (o) of such section 2209.
(3) Any plans to make further improvements to how information provided pursuant to such subsections can be shared (as such term is defined in such section 2209) between the Department and industry and other stakeholders.
(4) Any available information on the degree to which such information was acted upon by industry and other stakeholders.
(5) A description of how privacy and civil liberties are preserved in the collection, retention, use, and sharing of vulnerability disclosures.
(b) Form.--The report required under subsection (b) shall be submitted in unclassified form but may contain a classified annex.
SEC. 4. COMPETITION RELATING TO CYBERSECURITY
VULNERABILITIES.
The Under Secretary for Science and Technology of the Department of Homeland Security, in consultation with the Director of the Cybersecurity and Infrastructure Security Agency of the Department, may establish an incentive-based program that allows industry, individuals, academia, and others to compete in identifying remediation solutions for cybersecurity vulnerabilities (as such term is defined in section 2209 of the Homeland Security Act of 2002, as amended by section 2) to information systems (as such term is defined in such section 2209) and industrial control systems, including supervisory control and data acquisition systems.
SEC. 5. TITLE XXII TECHNICAL AND CLERICAL AMENDMENTS.
(a) Technical Amendments.--
(1) Homeland security act of 2002.--Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended--
(A) in the first section 2215 (6 U.S.C. 665; relating to the duties and authorities relating to .gov internet domain), by amending the section enumerator and heading to read as follows:
``SEC. 2215. DUTIES AND AUTHORITIES RELATING TO .GOV INTERNET
DOMAIN.'';
(B) in the second section 2215 (6 U.S.C. 665b; relating to the joint cyber planning office), by amending the section enumerator and heading to read as follows:
``SEC. 2216. JOINT CYBER PLANNING OFFICE.'';
(C) in the third section 2215 (6 U.S.C. 665c; relating to the Cybersecurity State Coordinator), by amending the section enumerator and heading to read as follows:
``SEC. 2217. CYBERSECURITY STATE COORDINATOR.'';
(D) in the fourth section 2215 (6 U.S.C. 665d; relating to Sector Risk Management Agencies), by amending the section enumerator and heading to read as follows:
``SEC. 2218. SECTOR RISK MANAGEMENT AGENCIES.'';
(E) in section 2216 (6 U.S.C. 665e; relating to the Cybersecurity Advisory Committee), by amending the section enumerator and heading to read as follows:
``SEC. 2219. CYBERSECURITY ADVISORY COMMITTEE.''; AND
(F) in section 2217 (6 U.S.C. 665f; relating to Cybersecurity Education and Training Programs), by amending the section enumerator and heading to read as follows:
``SEC. 2220. CYBERSECURITY EDUCATION AND TRAINING
PROGRAMS.''.
(2) Consolidated appropriations act, 2021.--Paragraph (1) of section 904(b) of division U of the Consolidated Appropriations Act, 2021 (Public Law 116-260) is amended, in the matter preceding subparagraph (A), by inserting ``of 2002'' after ``Homeland Security Act''.
(b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 is amended by striking the items relating to sections 2214 through 2217 and inserting the following new items:
``Sec. 2214. National Asset Database.
``Sec. 2215. Duties and authorities relating to .gov internet domain.
``Sec. 2216. Joint cyber planning office.
``Sec. 2217. Cybersecurity State Coordinator.
``Sec. 2218. Sector Risk Management Agencies.
``Sec. 2219. Cybersecurity Advisory Committee.
``Sec. 2220. Cybersecurity Education and Training Programs.''.
Promoting United States Wireless Leadership Act of 2021
H.R. 3003
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Promoting United States Wireless Leadership Act of 2021''.
SEC. 2. REPRESENTATION AND LEADERSHIP OF UNITED STATES IN
COMMUNICATIONS STANDARDS-SETTING BODIES.
(a) In General.--In order to enhance the representation of the United States and promote United States leadership in standards-setting bodies that set standards for 5G networks and for future generations of wireless communications networks, the Assistant Secretary shall, in consultation with the National Institute of Standards and Technology--
(1) equitably encourage participation by companies and a wide variety of relevant stakeholders, but not including any company or relevant stakeholder that the Assistant Secretary has determined to be not trusted, (to the extent such standards-setting bodies allow such stakeholders to participate) in such standards-setting bodies; and
(2) equitably offer technical expertise to companies and a wide variety of relevant stakeholders, but not including any company or relevant stakeholder that the Assistant Secretary has determined to be not trusted, (to the extent such standards-setting bodies allow such stakeholders to participate) to facilitate such participation.
(b) Standards-Setting Bodies.--The standards-setting bodies referred to in subsection (a) include--
(1) the International Organization for Standardization;
(2) the voluntary standards-setting bodies that develop protocols for wireless devices and other equipment, such as the 3GPP and the Institute of Electrical and Electronics Engineers; and
(3) any standards-setting body accredited by the American National Standards Institute or Alliance for Telecommunications Industry Solutions.
(c) Briefing.--Not later than 60 days after the date of the enactment of this Act, the Assistant Secretary shall brief the Committees on Energy and Commerce and Foreign Affairs of the House of Representatives and the Committees on Commerce, Science, and Transportation and Foreign Relations of the Senate on a strategy to carry out subsection (a).
(d) Definitions.--In this section:
(1) 3GPP.--The term ``3GPP'' means the 3rd Generation Partnership Project.
(2) 5G network.--The term ``5G network'' means a fifth- generation mobile network as described by 3GPP Release 15 or higher.
(3) Assistant secretary.--The term ``Assistant Secretary'' means the Assistant Secretary of Commerce for Communications and Information.
(4) Cloud computing.--The term ``cloud computing'' has the meaning given the term in Special Publication 800-145 of the National Institute of Standards and Technology, entitled
``The NIST Definition of Cloud Computing'', published in September 2011, or any successor publication.
(5) Communications network.--The term ``communications network'' means any of the following:
(A) A system enabling the transmission, between or among points specified by the user, of information of the user's choosing.
(B) Cloud computing resources.
(C) A network or system used to access cloud computing resources.
(6) Not trusted.--The term ``not trusted'' means, with respect to a company or stakeholder, that the company or stakeholder is determined by the Assistant Secretary to pose a threat to the national security of the United States. In making such a determination, the Assistant Secretary shall rely solely on one or more of the following determinations:
(A) A specific determination made by any executive branch interagency body with appropriate national security expertise, including the Federal Acquisition Security Council established under section 1322(a) of title 41, United States Code.
(B) A specific determination made by the Department of Commerce pursuant to Executive Order No. 13873 (84 Fed. Reg. 22689; relating to securing the information and communications technology and services supply chain).
(C) Whether a company or stakeholder produces or provides covered telecommunications equipment or services, as defined in section 889(f)(3) of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Public Law 115-232; 132 Stat. 1918).
State and Local Cybersecurity Improvement Act
H.R. 3138
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``State and Local Cybersecurity Improvement Act''.
SEC. 2. STATE AND LOCAL CYBERSECURITY GRANT PROGRAM.
(a) In General.--Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended by adding at the end the following new sections:
``SEC. 2220A. STATE AND LOCAL CYBERSECURITY GRANT PROGRAM.
``(a) Definitions.--In this section:
``(1) Cyber threat indicator.--The term `cyber threat indicator' has the meaning given the term in section 102 of the Cybersecurity Act of 2015 (6 U.S.C. 1501).
``(2) Cybersecurity plan.--The term `Cybersecurity Plan' means a plan submitted by an eligible entity under subsection
(e)(1).
``(3) Eligible entity.--The term `eligible entity' means--
``(A) a State; or
``(B) an Indian tribe that, not later than 120 days after the date of the enactment of this section or not later than 120 days before the start of any fiscal year in which a grant under this section is awarded--
``(i) notifies the Secretary that the Indian tribe intends to develop a Cybersecurity Plan; and
``(ii) agrees to forfeit any distribution under subsection
(n)(2).
``(4) Incident.--The term `incident' has the meaning given the term in section 2209.
``(5) Indian tribe; tribal organization.--The term `Indian tribe' or `Tribal organization' has the meaning given that term in section 4(e) of the of the Indian Self-Determination and Education Assistance Act (25 U.S.C. 5304(e)).
``(6) Information sharing and analysis organization.--The term `information sharing and analysis organization' has the meaning given the term in section 2222.
``(7) Information system.--The term `information system' has the meaning given the term in section 102 of the Cybersecurity Act of 2015 (6 U.S.C. 1501).
``(8) Online service.--The term `online service' means any internet-facing service, including a website, email, virtual private network, or custom application.
``(9) Ransomware incident.--The term `ransomware incident' means an incident that actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information on an information system, or actually or imminently jeopardizes, without lawful authority, an information system for the purpose of coercing the information system's owner, operator, or another person.
``(10) State and local cybersecurity grant program.--The term `State and Local Cybersecurity Grant Program' means the program established under subsection (b).
``(11) State and local cybersecurity resilience committee.--The term `State and Local Cybersecurity Resilience Committee' means the committee established under subsection (o)(1).
``(b) Establishment.--
``(1) In general.--The Secretary, acting through the Director, shall establish a program, to be known as the `the State and Local Cybersecurity Grant Program', to award grants to eligible entities to address cybersecurity risks and cybersecurity threats to information systems of State, local, or Tribal organizations.
``(2) Application.--An eligible entity seeking a grant under the State and Local Cybersecurity Grant Program shall submit to the Secretary an application at such time, in such manner, and containing such information as the Secretary may require.
``(c) Baseline Requirements.--An eligible entity or multistate group that receives a grant under this section shall use the grant in compliance with--
``(1)(A) the Cybersecurity Plan of the eligible entity or the Cybersecurity Plans of the eligible entities that comprise the multistate group; and
``(B) the Homeland Security Strategy to Improve the Cybersecurity of State, Local, Tribal, and Territorial Governments developed under section 2210(e)(1); or
``(2) activities carried out under paragraphs (3), (4), and
(5) of subsection (h).
``(d) Administration.--The State and Local Cybersecurity Grant Program shall be administered in the same office of the Department that administers grants made under sections 2003 and 2004.
``(e) Cybersecurity Plans.--
``(1) In general.--An eligible entity applying for a grant under this section shall submit to the Secretary a Cybersecurity Plan for approval.
``(2) Required elements.--A Cybersecurity Plan of an eligible entity shall--
``(A) incorporate, to the extent practicable, any existing plans of the eligible entity to protect against cybersecurity risks and cybersecurity threats to information systems of State, local, or Tribal organizations;
``(B) describe, to the extent practicable, how the eligible entity will--
``(i) manage, monitor, and track information systems, applications, and user accounts owned or operated by or on behalf of the eligible entity or by local or Tribal organizations within the jurisdiction of the eligible entity and the information technology deployed on those information systems, including legacy information systems and information technology that are no longer supported by the manufacturer of the systems or technology;
``(ii) monitor, audit, and track activity between information systems, applications, and user accounts owned or operated by or on behalf of the eligible entity or by local or Tribal organizations within the jurisdiction of the eligible entity and between those information systems and information systems not owned or operated by the eligible entity or by local or Tribal organizations within the jurisdiction of the eligible entity;
``(iii) enhance the preparation, response, and resilience of information systems, applications, and user accounts owned or operated by or on behalf of the eligible entity or local or Tribal organizations against cybersecurity risks and cybersecurity threats;
``(iv) implement a process of continuous cybersecurity vulnerability assessments and threat mitigation practices prioritized by degree of risk to address cybersecurity risks and cybersecurity threats on information systems of the eligible entity or local or Tribal organizations;
``(v) ensure that State, local, and Tribal organizations that own or operate information systems that are located within the jurisdiction of the eligible entity--
``(I) adopt best practices and methodologies to enhance cybersecurity, such as the practices set forth in the cybersecurity framework developed by, and the cyber supply chain risk management best practices identified by, the National Institute of Standards and Technology; and
``(II) utilize knowledge bases of adversary tools and tactics to assess risk;
``(vi) promote the delivery of safe, recognizable, and trustworthy online services by State, local, and Tribal organizations, including through the use of the .gov internet domain;
``(vii) ensure continuity of operations of the eligible entity and local, and Tribal organizations in the event of a cybersecurity incident (including a ransomware incident), including by conducting exercises to practice responding to such an incident;
``(viii) use the National Initiative for Cybersecurity Education Cybersecurity Workforce Framework developed by the National Institute of Standards and Technology to identify and mitigate any gaps in the cybersecurity workforces of State, local, or Tribal organizations, enhance recruitment and retention efforts for such workforces, and bolster the knowledge, skills, and abilities of State, local, and Tribal organization personnel to address cybersecurity risks and cybersecurity threats, such as through cybersecurity hygiene training;
``(ix) ensure continuity of communications and data networks within the jurisdiction of the eligible entity between the eligible entity and local and Tribal organizations that own or operate information systems within the jurisdiction of the eligible entity in the event of an incident involving such communications or data networks within the jurisdiction of the eligible entity;
``(x) assess and mitigate, to the greatest degree possible, cybersecurity risks and cybersecurity threats related to critical infrastructure and key resources, the degradation of which may impact the performance of information systems within the jurisdiction of the eligible entity;
``(xi) enhance capabilities to share cyber threat indicators and related information between the eligible entity and local and Tribal organizations that own or operate information systems within the jurisdiction of the eligible entity, including by expanding existing information sharing agreements with the Department;
``(xii) enhance the capability of the eligible entity to share cyber threat indictors and related information with the Department;
``(xiii) leverage cybersecurity services offered by the Department;
``(xiv) develop and coordinate strategies to address cybersecurity risks and cybersecurity threats to information systems of the eligible entity in consultation with--
``(I) local and Tribal organizations within the jurisdiction of the eligible entity; and
``(II) as applicable--
``(aa) States that neighbor the jurisdiction of the eligible entity or, as appropriate, members of an information sharing and analysis organization; and
``(bb) countries that neighbor the jurisdiction of the eligible entity; and
``(xv) implement an information technology and operational technology modernization cybersecurity review process that ensures alignment between information technology and operational technology cybersecurity objectives;
``(C) describe, to the extent practicable, the individual responsibilities of the eligible entity and local and Tribal organizations within the jurisdiction of the eligible entity in implementing the plan;
``(D) outline, to the extent practicable, the necessary resources and a timeline for implementing the plan; and
``(E) describe how the eligible entity will measure progress towards implementing the plan.
``(3) Discretionary elements.--A Cybersecurity Plan of an eligible entity may include a description of--
``(A) cooperative programs developed by groups of local and Tribal organizations within the jurisdiction of the eligible entity to address cybersecurity risks and cybersecurity threats; and
``(B) programs provided by the eligible entity to support local and Tribal organizations and owners and operators of critical infrastructure to address cybersecurity risks and cybersecurity threats.
``(4) Management of funds.--An eligible entity applying for a grant under this section shall agree to designate the Chief Information Officer, the Chief Information Security Officer, or an equivalent official of the eligible entity as the primary official for the management and allocation of funds awarded under this section.
``(f) Multistate Grants.--
``(1) In general.--The Secretary, acting through the Director, may award grants under this section to a group of two or more eligible entities to support multistate efforts to address cybersecurity risks and cybersecurity threats to information systems within the jurisdictions of the eligible entities.
``(2) Satisfaction of other requirements.--In order to be eligible for a multistate grant under this subsection, each eligible entity that comprises a multistate group shall submit to the Secretary--
``(A) a Cybersecurity Plan for approval in accordance with subsection (i); and
``(B) a plan for establishing a cybersecurity planning committee under subsection (g).
``(3) Application.--
``(A) In general.--A multistate group applying for a multistate grant under paragraph (1) shall submit to the Secretary an application at such time, in such manner, and containing such information as the Secretary may require.
``(B) Multistate project description.--An application of a multistate group under subparagraph (A) shall include a plan describing--
``(i) the division of responsibilities among the eligible entities that comprise the multistate group for administering the grant for which application is being made;
``(ii) the distribution of funding from such a grant among the eligible entities that comprise the multistate group; and
``(iii) how the eligible entities that comprise the multistate group will work together to implement the Cybersecurity Plan of each of those eligible entities.
``(g) Planning Committees.--
``(1) In general.--An eligible entity that receives a grant under this section shall establish a cybersecurity planning committee to--
``(A) assist in the development, implementation, and revision of the Cybersecurity Plan of the eligible entity;
``(B) approve the Cybersecurity Plan of the eligible entity; and
``(C) assist in the determination of effective funding priorities for a grant under this section in accordance with subsection (h).
``(2) Composition.--A committee of an eligible entity established under paragraph (1) shall--
``(A) be comprised of representatives from the eligible entity and counties, cities, towns, Tribes, and public educational and health institutions within the jurisdiction of the eligible entity; and
``(B) include, as appropriate, representatives of rural, suburban, and high-population jurisdictions.
``(3) Cybersecurity expertise.--Not less than \1/2\ of the representatives of a committee established under paragraph
(1) shall have professional experience relating to cybersecurity or information technology.
``(4) Rule of construction regarding existing planning committees.--Nothing in this subsection may be construed to require an eligible entity to establish a cybersecurity planning committee if the eligible entity has established and uses a multijurisdictional planning committee or commission that meets, or may be leveraged to meet, the requirements of this subsection.
``(h) Use of Funds.--An eligible entity that receives a grant under this section shall use the grant to--
``(1) implement the Cybersecurity Plan of the eligible entity;
``(2) develop or revise the Cybersecurity Plan of the eligible entity; or
``(3) assist with activities that address imminent cybersecurity risks or cybersecurity threats to the information systems of the eligible entity or a local or Tribal organization within the jurisdiction of the eligible entity.
``(i) Approval of Plans.--
``(1) Approval as condition of grant.--Before an eligible entity may receive a grant under this section, the Secretary, acting through the Director, shall review the Cybersecurity Plan, or any revisions thereto, of the eligible entity and approve such plan, or revised plan, if it satisfies the requirements specified in paragraph (2).
``(2) Plan requirements.--In approving a Cybersecurity Plan of an eligible entity under this subsection, the Director shall ensure that the Cybersecurity Plan--
``(A) satisfies the requirements of subsection (e)(2);
``(B) upon the issuance of the Homeland Security Strategy to Improve the Cybersecurity of State, Local, Tribal, and Territorial Governments authorized pursuant to section 2210(e), complies, as appropriate, with the goals and objectives of the strategy; and
``(C) has been approved by the cybersecurity planning committee of the eligible entity established under subsection
(g).
``(3) Approval of revisions.--The Secretary, acting through the Director, may approve revisions to a Cybersecurity Plan as the Director determines appropriate.
``(4) Exception.--Notwithstanding subsection (e) and paragraph (1) of this subsection, the Secretary may award a grant under this section to an eligible entity that does not submit a Cybersecurity Plan to the Secretary if--
``(A) the eligible entity certifies to the Secretary that--
``(i) the activities that will be supported by the grant are integral to the development of the Cybersecurity Plan of the eligible entity; and
``(ii) the eligible entity will submit by September 30, 2023, to the Secretary a Cybersecurity Plan for review, and if appropriate, approval; or
``(B) the eligible entity certifies to the Secretary, and the Director confirms, that the eligible entity will use funds from the grant to assist with the activities described in subsection (h)(3).
``(j) Limitations on Uses of Funds.--
``(1) In general.--An eligible entity that receives a grant under this section may not use the grant--
``(A) to supplant State, local, or Tribal funds;
``(B) for any recipient cost-sharing contribution;
``(C) to pay a demand for ransom in an attempt to--
``(i) regain access to information or an information system of the eligible entity or of a local or Tribal organization within the jurisdiction of the eligible entity; or
``(ii) prevent the disclosure of information that has been removed without authorization from an information system of the eligible entity or of a local or Tribal organization within the jurisdiction of the eligible entity;
``(D) for recreational or social purposes; or
``(E) for any purpose that does not address cybersecurity risks or cybersecurity threats on information systems of the eligible entity or of a local or Tribal organization within the jurisdiction of the eligible entity.
``(2) Penalties.--In addition to any other remedy available, the Secretary may take such actions as are necessary to ensure that a recipient of a grant under this section uses the grant for the purposes for which the grant is awarded.
``(3) Rule of construction.--Nothing in paragraph (1) may be construed to prohibit the use of grant funds provided to a State, local, or Tribal organization for otherwise permissible uses under this section on the basis that a State, local, or Tribal organization has previously used State, local, or Tribal funds to support the same or similar uses.
``(k) Opportunity to Amend Applications.--In considering applications for grants under this section, the Secretary shall provide applicants with a reasonable opportunity to correct defects, if any, in such applications before making final awards.
``(l) Apportionment.--For fiscal year 2022 and each fiscal year thereafter, the Secretary shall apportion amounts appropriated to carry out this section among States as follows:
``(1) Baseline amount.--The Secretary shall first apportion 0.25 percent of such amounts to each of American Samoa, the Commonwealth of the Northern Mariana Islands, Guam, the U.S. Virgin Islands, and 0.75 percent of such amounts to each of the remaining States.
``(2) Remainder.--The Secretary shall apportion the remainder of such amounts in the ratio that--
``(A) the population of each eligible entity, bears to
``(B) the population of all eligible entities.
``(3) Minimum allocation to indian tribes.--
``(A) In general.--In apportioning amounts under this section, the Secretary shall ensure that, for each fiscal year, directly eligible Tribes collectively receive, from amounts appropriated under the State and Local Cybersecurity Grant Program, not less than an amount equal to three percent of the total amount appropriated for grants under this section.
``(B) Allocation.--Of the amount reserved under subparagraph (A), funds shall be allocated in a manner determined by the Secretary in consultation with Indian tribes.
``(C) Exception.--This paragraph shall not apply in any fiscal year in which the Secretary--
``(i) receives fewer than five applications from Indian tribes; or
``(ii) does not approve at least two applications from Indian tribes.
``(m) Federal Share.--
``(1) In general.--The Federal share of the cost of an activity carried out using funds made available with a grant under this section may not exceed--
``(A) in the case of a grant to an eligible entity--
``(i) for fiscal year 2022, 90 percent;
``(ii) for fiscal year 2023, 80 percent;
``(iii) for fiscal year 2024, 70 percent;
``(iv) for fiscal year 2025, 60 percent; and
``(v) for fiscal year 2026 and each subsequent fiscal year, 50 percent; and
``(B) in the case of a grant to a multistate group--
``(i) for fiscal year 2022, 95 percent;
``(ii) for fiscal year 2023, 85 percent;
``(iii) for fiscal year 2024, 75 percent;
``(iv) for fiscal year 2025, 65 percent; and
``(v) for fiscal year 2026 and each subsequent fiscal year, 55 percent.
``(2) Waiver.--The Secretary may waive or modify the requirements of paragraph (1) for an Indian tribe if the Secretary determines such a waiver is in the public interest.
``(n) Responsibilities of Grantees.--
``(1) Certification.--Each eligible entity or multistate group that receives a grant under this section shall certify to the Secretary that the grant will be used--
``(A) for the purpose for which the grant is awarded; and
``(B) in compliance with, as the case may be--
``(i) the Cybersecurity Plan of the eligible entity;
``(ii) the Cybersecurity Plans of the eligible entities that comprise the multistate group; or
``(iii) a purpose approved by the Secretary under subsection (h) or pursuant to an exception under subsection
(i).
``(2) Availability of funds to local and tribal organizations.--Not later than 45 days after the date on which an eligible entity or multistate group receives a grant under this section, the eligible entity or multistate group shall, without imposing unreasonable or unduly burdensome requirements as a condition of receipt, obligate or otherwise make available to local and Tribal organizations within the jurisdiction of the eligible entity or the eligible entities that comprise the multistate group, and as applicable, consistent with the Cybersecurity Plan of the eligible entity or the Cybersecurity Plans of the eligible entities that comprise the multistate group--
``(A) not less than 80 percent of funds available under the grant;
``(B) with the consent of the local and Tribal organizations, items, services, capabilities, or activities having a value of not less than 80 percent of the amount of the grant; or
``(C) with the consent of the local and Tribal organizations, grant funds combined with other items, services, capabilities, or activities having the total value of not less than 80 percent of the amount of the grant.
``(3) Certifications regarding distribution of grant funds to local and tribal organizations.--An eligible entity or multistate group shall certify to the Secretary that the eligible entity or multistate group has made the distribution to local, Tribal, and territorial governments required under paragraph (2).
``(4) Extension of period.--
``(A) In general.--An eligible entity or multistate group may request in writing that the Secretary extend the period of time specified in paragraph (2) for an additional period of time.
``(B) Approval.--The Secretary may approve a request for an extension under subparagraph (A) if the Secretary determines the extension is necessary to ensure that the obligation and expenditure of grant funds align with the purpose of the State and Local Cybersecurity Grant Program.
``(5) Exception.--Paragraph (2) shall not apply to the District of Columbia, the Commonwealth of Puerto Rico, American Samoa, the Commonwealth of the Northern Mariana Islands, Guam, the Virgin Islands, or an Indian tribe.
``(6) Direct funding.--If an eligible entity does not make a distribution to a local or Tribal organization required in accordance with paragraph (2), the local or Tribal organization may petition the Secretary to request that grant funds be provided directly to the local or Tribal organization.
``(7) Penalties.--In addition to other remedies available to the Secretary, the Secretary may terminate or reduce the amount of a grant awarded under this section to an eligible entity or distribute grant funds previously awarded to such eligible entity directly to the appropriate local or Tribal organization as a replacement grant in an amount the Secretary determines appropriate if such eligible entity violates a requirement of this subsection.
``(o) Advisory Committee.--
``(1) Establishment.--Not later than 120 days after the date of enactment of this section, the Director shall establish a State and Local Cybersecurity Resilience Committee to provide State, local, and Tribal stakeholder expertise, situational awareness, and recommendations to the Director, as appropriate, regarding how to--
``(A) address cybersecurity risks and cybersecurity threats to information systems of State, local, or Tribal organizations; and
``(B) improve the ability of State, local, and Tribal organizations to prevent, protect against, respond to, mitigate, and recover from such cybersecurity risks and cybersecurity threats.
``(2) Duties.--The committee established under paragraph
(1) shall--
``(A) submit to the Director recommendations that may inform guidance for applicants for grants under this section;
``(B) upon the request of the Director, provide to the Director technical assistance to inform the review of Cybersecurity Plans submitted by applicants for grants under this section, and, as appropriate, submit to the Director recommendations to improve those plans prior to the approval of the plans under subsection (i);
``(C) advise and provide to the Director input regarding the Homeland Security Strategy to Improve Cybersecurity for State, Local, Tribal, and Territorial Governments required under section 2210;
``(D) upon the request of the Director, provide to the Director recommendations, as appropriate, regarding how to--
``(i) address cybersecurity risks and cybersecurity threats on information systems of State, local, or Tribal organizations; and
``(ii) improve the cybersecurity resilience of State, local, or Tribal organizations; and
``(E) regularly coordinate with the State, Local, Tribal and Territorial Government Coordinating Council, within the Critical Infrastructure Partnership Advisory Council, established under section 871.
``(3) Membership.--
``(A) Number and appointment.--The State and Local Cybersecurity Resilience Committee established pursuant to paragraph (1) shall be composed of 15 members appointed by the Director, as follows:
``(i) Two individuals recommended to the Director by the National Governors Association.
``(ii) Two individuals recommended to the Director by the National Association of State Chief Information Officers.
``(iii) One individual recommended to the Director by the National Guard Bureau.
``(iv) Two individuals recommended to the Director by the National Association of Counties.
``(v) One individual recommended to the Director by the National League of Cities.
``(vi) One individual recommended to the Director by the United States Conference of Mayors.
``(vii) One individual recommended to the Director by the Multi-State Information Sharing and Analysis Center.
``(viii) One individual recommended to the Director by the National Congress of American Indians.
``(viii) Four individuals who have educational and professional experience relating to cybersecurity work or cybersecurity policy.
``(B) Terms.--
``(i) In general.--Subject to clause (ii), each member of the State and Local Cybersecurity Resilience Committee shall be appointed for a term of two years.
``(ii) Requirement.--At least two members of the State and Local Cybersecurity Resilience Committee shall also be members of the State, Local, Tribal and Territorial Government Coordinating Council, within the Critical Infrastructure Partnership Advisory Council, established under section 871.
``(iii) Exception.--A term of a member of the State and Local Cybersecurity Resilience Committee shall be three years if the member is appointed initially to the Committee upon the establishment of the Committee.
``(iv) Term remainders.--Any member of the State and Local Cybersecurity Resilience Committee appointed to fill a vacancy occurring before the expiration of the term for which the member's predecessor was appointed shall be appointed only for the remainder of such term. A member may serve after the expiration of such member's term until a successor has taken office.
``(v) Vacancies.--A vacancy in the State and Local Cybersecurity Resilience Committee shall be filled in the manner in which the original appointment was made.
``(C) Pay.--Members of the State and Local Cybersecurity Resilience Committee shall serve without pay.
``(4) Chairperson; vice chairperson.--The members of the State and Local Cybersecurity Resilience Committee shall select a chairperson and vice chairperson from among members of the committee.
``(5) Permanent authority.--Notwithstanding section 14 of the Federal Advisory Committee Act (5 U.S.C. App.), the State and Local Cybersecurity Resilience Committee shall be a permanent authority.
``(p) Reports.--
``(1) Annual reports by grant recipients.--
``(A) In general.--Not later than one year after an eligible entity or multistate group receives funds under this section, the eligible entity or multistate group shall submit to the Secretary a report on the progress of the eligible entity or multistate group in implementing the Cybersecurity Plan of the eligible entity or Cybersecurity Plans of the eligible entities that comprise the multistate group, as the case may be.
``(B) Absence of plan.--Not later than 180 days after an eligible entity that does not have a Cybersecurity Plan receives funds under this section for developing its Cybersecurity Plan, the eligible entity shall submit to the Secretary a report describing how the eligible entity obligated and expended grant funds during the fiscal year to--
``(i) so develop such a Cybersecurity Plan; or
``(ii) assist with the activities described in subsection
(h)(3).
``(2) Annual reports to congress.--Not less frequently than once per year, the Secretary, acting through the Director, shall submit to Congress a report on the use of grants awarded under this section and any progress made toward the following:
``(A) Achieving the objectives set forth in the Homeland Security Strategy to Improve the Cybersecurity of State, Local, Tribal, and Territorial Governments, upon the date on which the strategy is issued under section 2210.
``(B) Developing, implementing, or revising Cybersecurity Plans.
``(C) Reducing cybersecurity risks and cybersecurity threats to information systems, applications, and user accounts owned or operated by or on behalf of State, local, and Tribal organizations as a result of the award of such grants.
``(q) Authorization of Appropriations.--There are authorized to be appropriated for grants under this section--
``(1) for each of fiscal years 2022 through 2026,
$500,000,000; and
``(2) for each subsequent fiscal year, such sums as may be necessary.
``SEC. 2220B. CYBERSECURITY RESOURCE GUIDE DEVELOPMENT FOR
STATE, LOCAL, TRIBAL, AND TERRITORIAL
GOVERNMENT OFFICIALS.
``The Secretary, acting through the Director, shall develop, regularly update, and maintain a resource guide for use by State, local, Tribal, and territorial government officials, including law enforcement officers, to help such officials identify, prepare for, detect, protect against, respond to, and recover from cybersecurity risks (as such term is defined in section 2209), cybersecurity threats, and incidents (as such term is defined in section 2209).''.
(b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002, as amended by section 4, is further amended by inserting after the item relating to section 2220 the following new items:
``Sec. 2220A. State and Local Cybersecurity Grant Program.
``Sec. 2220B. Cybersecurity resource guide development for State, local, Tribal, and territorial government officials.''.
SEC. 3. STRATEGY.
(a) Homeland Security Strategy to Improve the Cybersecurity of State, Local, Tribal, and Territorial Governments.-- Section 2210 of the Homeland Security Act of 2002 (6 U.S.C. 660) is amended by adding at the end the following new subsection:
``(e) Homeland Security Strategy to Improve the Cybersecurity of State, Local, Tribal, and Territorial Governments.--
``(1) In general.--
``(A) Requirement.--Not later than one year after the date of the enactment of this subsection, the Secretary, acting through the Director, shall, in coordination with the heads of appropriate Federal agencies, State, local, Tribal, and territorial governments, the State and Local Cybersecurity Resilience Committee established under section 2220A, and other stakeholders, as appropriate, develop and make publicly available a Homeland Security Strategy to Improve the Cybersecurity of State, Local, Tribal, and Territorial Governments.
``(B) Recommendations and requirements.--The strategy required under subparagraph (A) shall--
``(i) provide recommendations relating to the ways in which the Federal Government should support and promote the ability of State, local, Tribal, and territorial governments to identify, mitigate against, protect against, detect, respond to, and recover from cybersecurity risks (as such term is defined in section 2209), cybersecurity threats, and incidents (as such term is defined in section 2209); and
``(ii) establish baseline requirements for cybersecurity plans under this section and principles with which such plans shall align.
``(2) Contents.--The strategy required under paragraph (1) shall--
``(A) identify capability gaps in the ability of State, local, Tribal, and territorial governments to identify, protect against, detect, respond to, and recover from cybersecurity risks, cybersecurity threats, incidents, and ransomware incidents;
``(B) identify Federal resources and capabilities that are available or could be made available to State, local, Tribal, and territorial governments to help those governments identify, protect against, detect, respond to, and recover from cybersecurity risks, cybersecurity threats, incidents, and ransomware incidents;
``(C) identify and assess the limitations of Federal resources and capabilities available to State, local, Tribal, and territorial governments to help those governments identify, protect against, detect, respond to, and recover from cybersecurity risks, cybersecurity threats, incidents, and ransomware incidents and make recommendations to address such limitations;
``(D) identify opportunities to improve the coordination of the Agency with Federal and non-Federal entities, such as the Multi-State Information Sharing and Analysis Center, to improve--
``(i) incident exercises, information sharing and incident notification procedures;
``(ii) the ability for State, local, Tribal, and territorial governments to voluntarily adapt and implement guidance in Federal binding operational directives; and
``(iii) opportunities to leverage Federal schedules for cybersecurity investments under section 502 of title 40, United States Code;
``(E) recommend new initiatives the Federal Government should undertake to improve the ability of State, local, Tribal, and territorial governments to identify, protect against, detect, respond to, and recover from cybersecurity risks, cybersecurity threats, incidents, and ransomware incidents;
``(F) set short-term and long-term goals that will improve the ability of State, local, Tribal, and territorial governments to identify, protect against, detect, respond to, and recover from cybersecurity risks, cybersecurity threats, incidents, and ransomware incidents; and
``(G) set dates, including interim benchmarks, as appropriate for State, local, Tribal, and territorial governments to establish baseline capabilities to identify, protect against, detect, respond to, and recover from cybersecurity risks, cybersecurity threats, incidents, and ransomware incidents.
``(3) Considerations.--In developing the strategy required under paragraph (1), the Director, in coordination with the heads of appropriate Federal agencies, State, local, Tribal, and territorial governments, the State and Local Cybersecurity Resilience Committee established under section 2220A, and other stakeholders, as appropriate, shall consider--
``(A) lessons learned from incidents that have affected State, local, Tribal, and territorial governments, and exercises with Federal and non-Federal entities;
``(B) the impact of incidents that have affected State, local, Tribal, and territorial governments, including the resulting costs to such governments;
``(C) the information related to the interest and ability of state and non-state threat actors to compromise information systems (as such term is defined in section 102 of the Cybersecurity Act of 2015 (6 U.S.C. 1501)) owned or operated by State, local, Tribal, and territorial governments;
``(D) emerging cybersecurity risks and cybersecurity threats to State, local, Tribal, and territorial governments resulting from the deployment of new technologies; and
``(E) recommendations made by the State and Local Cybersecurity Resilience Committee established under section 2220A.
``(4) Exemption.--Chapter 35 of title 44, United States Code (commonly known as the `Paperwork Reduction Act'), shall not apply to any action to implement this subsection.''.
(b) Responsibilities of the Director of the Cybersecurity and Infrastructure Security Agency.--Section 2202 of the Homeland Security Act of 2002 (6 U.S.C. 652) is amended--
(1) by redesignating subsections (d) through (i) as subsections (e) through (j), respectively; and
(2) by inserting after subsection (c) the following new subsection:
``(d) Additional Responsibilities.--In addition to the responsibilities under subsection (c), the Director shall--
``(1) develop program guidance, in consultation with the State and Local Government Cybersecurity Resilience Committee established under section 2220A, for the State and Local Cybersecurity Grant Program under such section or any other homeland security assistance administered by the Department to improve cybersecurity;
``(2) review, in consultation with the State and Local Cybersecurity Resilience Committee, all cybersecurity plans of State, local, Tribal, and territorial governments developed pursuant to any homeland security assistance administered by the Department to improve cybersecurity;
``(3) provide expertise and technical assistance to State, local, Tribal, and territorial government officials with respect to cybersecurity; and
``(4) provide education, training, and capacity development to enhance the security and resilience of cybersecurity and infrastructure security.''.
(c) Feasibility Study.--Not later than 270 days after the date of the enactment of this Act, the Director of the Cybersecurity and Infrastructure Security of the Department of Homeland Security shall conduct a study to assess the feasibility of implementing a short-term rotational program for the detail to the Agency of approved State, local, Tribal, and territorial government employees in cyber workforce positions.
SEC. 4. TITLE XXII TECHNICAL AND CLERICAL AMENDMENTS.
(a) Technical Amendments.--
(1) Homeland security act of 2002.--Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended--
(A) in the first section 2215 (6 U.S.C. 665; relating to the duties and authorities relating to .gov internet domain), by amending the section enumerator and heading to read as follows:
``SEC. 2215. DUTIES AND AUTHORITIES RELATING TO .GOV INTERNET
DOMAIN.'';
(B) in the second section 2215 (6 U.S.C. 665b; relating to the joint cyber planning office), by amending the section enumerator and heading to read as follows:
``SEC. 2216. JOINT CYBER PLANNING OFFICE.'';
(C) in the third section 2215 (6 U.S.C. 665c; relating to the Cybersecurity State Coordinator), by amending the section enumerator and heading to read as follows:
``SEC. 2217. CYBERSECURITY STATE COORDINATOR.'';
(D) in the fourth section 2215 (6 U.S.C. 665d; relating to Sector Risk Management Agencies), by amending the section enumerator and heading to read as follows:
``SEC. 2218. SECTOR RISK MANAGEMENT AGENCIES.'';
(E) in section 2216 (6 U.S.C. 665e; relating to the Cybersecurity Advisory Committee), by amending the section enumerator and heading to read as follows:
``SEC. 2219. CYBERSECURITY ADVISORY COMMITTEE.''; AND
(F) in section 2217 (6 U.S.C. 665f; relating to Cybersecurity Education and Training Programs), by amending the section enumerator and heading to read as follows:
``SEC. 2220. CYBERSECURITY EDUCATION AND TRAINING
PROGRAMS.''.
(2) Consolidated appropriations act, 2021.--Paragraph (1) of section 904(b) of division U of the Consolidated Appropriations Act, 2021 (Public Law 116-260) is amended, in the matter preceding subparagraph (A), by inserting ``of 2002'' after ``Homeland Security Act''.
(b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 is amended by striking the items relating to sections 2214 through 2217 and inserting the following new items:
``Sec. 2214. National Asset Database.
``Sec. 2215. Duties and authorities relating to .gov internet domain.
``Sec. 2216. Joint cyber planning office.
``Sec. 2217. Cybersecurity State Coordinator.
``Sec. 2218. Sector Risk Management Agencies.
``Sec. 2219. Cybersecurity Advisory Committee.
``Sec. 2220. Cybersecurity Education and Training Programs.''.
CISA Cyber Exercise Act
H.R. 3223
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``CISA Cyber Exercise Act''.
SEC. 2. NATIONAL CYBER EXERCISE PROGRAM.
(a) In General.--Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended by adding at the end the following new section:
``SEC. 2220A. NATIONAL CYBER EXERCISE PROGRAM.
``(a) Establishment of Program.--
``(1) In general.--There is established in the Agency the National Cyber Exercise Program (referred to in this section as the `Exercise Program') to evaluate the National Cyber Incident Response Plan, and other related plans and strategies.
``(2) Requirements.--
``(A) In general.--The Exercise Program shall be--
``(i) based on current risk assessments, including credible threats, vulnerabilities, and consequences;
``(ii) designed, to the extent practicable, to simulate the partial or complete incapacitation of a government or critical infrastructure network resulting from a cyber incident;
``(iii) designed to provide for the systematic evaluation of cyber readiness and enhance operational understanding of the cyber incident response system and relevant information sharing agreements; and
``(iv) designed to promptly develop after-action reports and plans that can quickly incorporate lessons learned into future operations.
``(B) Model exercise selection.--The Exercise Program shall--
``(i) include a selection of model exercises that government and private entities can readily adapt for use; and--
``(ii) aid such governments and private entities with the design, implementation, and evaluation of exercises that--
``(I) conform to the requirements described in subparagraph
(A);
``(II) are consistent with any applicable national, State, local, or Tribal strategy or plan; and
``(III) provide for systematic evaluation of readiness.
``(3) Consultation.--In carrying out the Exercise Program, the Director may consult with appropriate representatives from Sector Risk Management Agencies, cybersecurity research stakeholders, and Sector Coordinating Councils.
``(b) Definitions.--In this section:
``(1) State.--The term `State' means any State of the United States, the District of Columbia, the Commonwealth of Puerto Rico, the Northern Mariana Islands, the United States Virgin Islands, Guam, American Samoa, and any other territory or possession of the United States.
``(2) Private entity.--The term `private entity' has the meaning given such term in section 102 of the Cybersecurity Information Sharing Act of 2015 (6 U.S.C. 1501).''.
(b) Technical Amendments.--
(1) Homeland security act of 2002.--Subtitle A of title XXII of the Homeland Security Act of 2002 (6 U.S.C. 651 et seq.) is amended--
(A) in the first section 2215 (6 U.S.C. 665; relating to the duties and authorities relating to .gov internet domain), by amending the section enumerator and heading to read as follows:
``SEC. 2215. DUTIES AND AUTHORITIES RELATING TO .GOV INTERNET
DOMAIN.'';
(B) in the second section 2215 (6 U.S.C. 665b; relating to the joint cyber planning office), by amending the section enumerator and heading to read as follows:
``SEC. 2216. JOINT CYBER PLANNING OFFICE.'';
(C) in the third section 2215 (6 U.S.C. 665c; relating to the Cybersecurity State Coordinator), by amending the section enumerator and heading to read as follows:
``SEC. 2217. CYBERSECURITY STATE COORDINATOR.'';
(D) in the fourth section 2215 (6 U.S.C. 665d; relating to Sector Risk Management Agencies), by amending the section enumerator and heading to read as follows:
``SEC. 2218. SECTOR RISK MANAGEMENT AGENCIES.'';
(E) in section 2216 (6 U.S.C. 665e; relating to the Cybersecurity Advisory Committee), by amending the section enumerator and heading to read as follows:
``SEC. 2219. CYBERSECURITY ADVISORY COMMITTEE.'';
and
(F) in section 2217 (6 U.S.C. 665f; relating to Cybersecurity Education and Training Programs), by amending the section enumerator and heading to read as follows:
``SEC. 2220. CYBERSECURITY EDUCATION AND TRAINING
PROGRAMS.''.
(2) Consolidated appropriations act, 2021.--Paragraph (1) of section 904(b) of division U of the Consolidated Appropriations Act, 2021 (Public Law 116-260) is amended, in the matter preceding subparagraph (A), by inserting ``of 2002'' after ``Homeland Security Act''.
(c) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 is amended by striking the items relating to sections 2214 through 2217 and inserting the following new items:
``Sec. 2214. National Asset Database.
``Sec. 2215. Duties and authorities relating to .gov internet domain.
``Sec. 2216. Joint cyber planning office.
``Sec. 2217. Cybersecurity State Coordinator.
``Sec. 2218. Sector Risk Management Agencies.
``Sec. 2219. Cybersecurity Advisory Committee.
``Sec. 2220. Cybersecurity Education and Training Programs.
``Sec. 2220A. National Cyber Exercise Program.''.
DHS Medical Countermeasures Act
H.R. 3263
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``DHS Medical Countermeasures Act''.
SEC. 2. MEDICAL COUNTERMEASURES PROGRAM.
(a) In General.--Subtitle C of title XIX of the Homeland Security Act of 2002 (6 U.S.C. 311 et seq.) is amended by adding at the end the following new section:
``SEC. 1932. MEDICAL COUNTERMEASURES.
``(a) In General.--The Secretary shall establish a medical countermeasures program to facilitate personnel readiness, and protection for the Department's employees and working animals in the event of a chemical, biological, radiological, nuclear, or explosives attack, naturally occurring disease outbreak, or pandemic, and to support Department mission continuity.
``(b) Oversight.--The Chief Medical Officer of the Department shall provide programmatic oversight of the medical countermeasures program established pursuant to subsection (a), and shall--
``(1) develop Department-wide standards for medical countermeasure storage, security, dispensing, and documentation;
``(2) maintain a stockpile of medical countermeasures, including antibiotics, antivirals, and radiological countermeasures, as appropriate;
``(3) preposition appropriate medical countermeasures in strategic locations nationwide, based on threat and employee density, in accordance with applicable Federal statutes and regulations;
``(4) provide oversight and guidance regarding the dispensing of stockpiled medical countermeasures;
``(5) ensure rapid deployment and dispensing of medical countermeasures in a chemical, biological, radiological, nuclear, or explosives attack, naturally occurring disease outbreak, or pandemic;
``(6) provide training to Department employees on medical countermeasure dispensing; and
``(7) support dispensing exercises.
``(c) Medical Countermeasures Working Group.--The Chief Medical Officer shall establish a medical countermeasures working group comprised of representatives from appropriate components and offices of the Department to ensure that medical countermeasures standards are maintained and guidance is consistent.
``(d) Medical Countermeasures Management.--Not later than 120 days after the date of the enactment of this section, the Chief Medical Officer shall develop and submit to the Secretary an integrated logistics support plan for medical countermeasures, including--
``(1) a methodology for determining the ideal types and quantities of medical countermeasures to stockpile and how frequently such methodology shall be reevaluated;
``(2) a replenishment plan; and
``(3) inventory tracking, reporting, and reconciliation procedures for existing stockpiles and new medical countermeasure purchases.
``(e) Stockpile Elements.--In determining the types and quantities of medical countermeasures to stockpile under subsection (d), the Chief Medical Officer shall utilize, if available--
``(1) Department chemical, biological, radiological, and nuclear risk assessments; and
``(2) Centers for Disease Control and Prevention guidance on medical countermeasures.
``(f) Report.--Not later than 180 days after the date of the enactment of this section, the Secretary shall submit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate the plan developed in accordance with subsection (d) and brief such Committees regarding implementing the requirements of this section.
``(g) Definition.--In this section, the term `medical countermeasures' means antibiotics, antivirals, radiological countermeasures, and other countermeasures that may be deployed to protect the Department's employees and working animals in the event of a chemical, biological, radiological, nuclear, or explosives attack, naturally occurring disease outbreak, or pandemic.''.
(b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 is amended by adding after the item relating to section 1931 the following new item:
``Sec. 1932. Medical countermeasures.''.
Domains Critical to Homeland Security Act
H.R. 3264
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Domains Critical to Homeland Security Act''.
SEC. 2. CRITICAL DOMAIN RESEARCH AND DEVELOPMENT.
(a) In General.--Subtitle H of title VIII of the Homeland Security Act of 2002 (6 U.S.C. 451 et seq.) is amended by adding at the end the following new section:
``SEC. 890B. HOMELAND SECURITY CRITICAL DOMAIN RESEARCH AND
DEVELOPMENT.
``(a) In General.--
``(1) Research and development.--The Secretary is authorized to conduct research and development to--
``(A) identify United States critical domains for economic security and homeland security; and
``(B) evaluate the extent to which disruption, corruption, exploitation, or dysfunction of any of such domain poses a substantial threat to homeland security.
``(2) Requirements.--
``(A) Risk analysis of critical domains.--The research under paragraph (1) shall include a risk analysis of each identified United States critical domain for economic security to determine the degree to which there exists a present or future threat to homeland security in the event of disruption, corruption, exploitation, or dysfunction to such domain. Such research shall consider, to the extent possible, the following:
``(i) The vulnerability and resilience of relevant supply chains.
``(ii) Foreign production, processing, and manufacturing methods.
``(iii) Influence of malign economic actors.
``(iv) Asset ownership.
``(v) Relationships within the supply chains of such domains.
``(vi) The degree to which the conditions referred to in clauses (i) through (v) would place such a domain at risk of disruption, corruption, exploitation, or dysfunction.
``(B) Additional research into high-risk critical domains.--Based on the identification and risk analysis of United States critical domains for economic security pursuant to paragraph (1) and subparagraph (A) of this paragraph, respectively, the Secretary may conduct additional research into those critical domains, or specific elements thereof, with respect to which there exists the highest degree of a present or future threat to homeland security in the event of disruption, corruption, exploitation, or dysfunction to such a domain. For each such high-risk domain, or element thereof, such research shall--
``(i) describe the underlying infrastructure and processes;
``(ii) analyze present and projected performance of industries that comprise or support such domain;
``(iii) examine the extent to which the supply chain of a product or service necessary to such domain is concentrated, either through a small number of sources, or if multiple sources are concentrated in one geographic area;
``(iv) examine the extent to which the demand for supplies of goods and services of such industries can be fulfilled by present and projected performance of other industries, identify strategies, plans, and potential barriers to expand the supplier industrial base, and identify the barriers to the participation of such other industries;
``(v) consider each such domain's performance capacities in stable economic environments, adversarial supply conditions, and under crisis economic constraints;
``(vi) identify and define needs and requirements to establish supply resiliency within each such domain; and
``(vii) consider the effects of sector consolidation, including foreign consolidation, either through mergers or acquisitions, or due to recent geographic realignment, on such industries' performances.
``(3) Consultation.--In conducting the research under paragraph (1) and subparagraph (B) of paragraph (2), the Secretary may consult with appropriate Federal agencies, State agencies, and private sector stakeholders.
``(4) Publication.--Beginning one year after the date of the enactment of this section, the Secretary shall publish a report containing information relating to the research under paragraph (1) and subparagraph (B) of paragraph (2), including findings, evidence, analysis, and recommendations. Such report shall be updated annually through 2026.
``(b) Submission to Congress.--Not later than 90 days after the publication of each report required under paragraph (4) of subsection (a), the Secretary shall transmit to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs of the Senate each such report, together with a description of actions the Secretary, in consultation with appropriate Federal agencies, will undertake or has undertaken in response to each such report.
``(c) Definitions.--In this section:
``(1) United states critical domains for economic security.--The term `United States critical domains for economic security' means the critical infrastructure and other associated industries, technologies, and intellectual property, or any combination thereof, that are essential to the economic security of the United States.
``(2) Economic security.--The term `economic security' means the condition of having secure and resilient domestic production capacity, combined with reliable access to the global resources necessary to maintain an acceptable standard of living and to protect core national values.
``(d) Authorization of Appropriations.--There is authorized to be appropriated $1,000,000 for each of fiscal years 2022 through 2026 to carry out this section.''.
(b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 is amended by inserting after the item relating to section 890A the following new item:
``Sec. 890B. Homeland security critical domain research and development.''.
Reaffirming Commitment to Media Diversity
H. Res. 277
Whereas the principle that an informed and engaged electorate is critical to a vibrant democracy is deeply rooted in our laws of free speech and underpins the virtues on which we established our Constitution, ``in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity . . .'';
Whereas having independent, diverse, and local media that provide exposure to a broad range of viewpoints and the ability to contribute to the political debate is central to sustaining that informed engagement;
Whereas it is in the public interest to encourage source, content, and audience diversity on our Nation's shared telecommunications and media platforms;
Whereas the survival of small, independent, and diverse media outlets that serve diverse audiences and local media markets is essential to preserving local culture and building understanding on important community issues that impact the daily lives of residents;
Whereas research by the American Society of News Editors, the Radio Television Digital News Association, the Pew Research Center, and others has documented the continued challenges of increasing diversity among all types of media entities;
Whereas with increasing media experience and sophistication, it is even more important to have minority participation in local media to ensure a diverse range of information sources are available and different ideas and viewpoints are expressed to strengthen social cohesion among different communities; and
Whereas the constriction in small, independent, and diverse media outlets and limited participation of diverse populations in media ownership and decision making are combining to negatively impact our goal of increasing local civic engagement and civic knowledge through increased voter participation, membership in civic groups, and knowledge of local political and civil information: Now, therefore, be it
Resolved, That the House of Representatives--
(1) reaffirms its commitment to diversity as a core tenet of the public interest standard in media policy; and
(2) pledges to work with media entities and diverse stakeholders to develop common ground solutions to eliminate barriers to media diversity.
Encouraging Reunions of Divided Korean-American Families
H. Res. 294
Whereas the Korean Peninsula, with the Republic of Korea
(in this resolution referred to as ``South Korea'') in the South and the Democratic People's Republic of Korea (in this resolution referred to as ``North Korea'') in the North, remains divided following the signing of the Korean War Armistice Agreement on July 27, 1953;
Whereas the division of the Korean Peninsula separated more than 10,000,000 Korean family members, including some who are now citizens of the United States;
Whereas there have been 21 rounds of family reunions between South Koreans and North Koreans along the border since 2000;
Whereas Congress signaled its support for family reunions between United States citizens and their relatives in North Korea in section 1265 of the National Defense Authorization Act for Fiscal Year 2008 (Public Law 110-181), signed into law by President George W. Bush on January 28, 2008;
Whereas most of the population of divided family members in the United States, initially estimated at 100,000 in 2001, has significantly dwindled as many of the individuals have passed away;
Whereas the summit between North Korea and South Korea on April 27, 2018, has prioritized family reunions;
Whereas the United States and North Korea have engaged in talks during 2 historic summits in June 2018 in Singapore and February 2019 in Hanoi; and
Whereas many Korean Americans are waiting for a chance to meet their relatives in North Korea for the first time in more than 60 years: Now, therefore, be it
Resolved, That the House of Representatives--
(1) calls on the United States and North Korea to begin the process of reuniting Korean-American divided family members with their immediate relatives through ways such as--
(A) identifying divided families in the United States and North Korea who are willing and able to participate in a pilot program for family reunions;
(B) finding matches for members of such families through organizations such as the Red Cross; and
(C) working with the Government of South Korea to include American citizens in inter-Korean video reunions;
(2) reaffirms the institution of family as inalienable and, accordingly, urges the restoration of contact between divided families physically, literarily, or virtually; and
(3) calls on the United States and North Korea to pursue reunions as a humanitarian priority of immediate concern.
The SPEAKER pro tempore. Pursuant to section 7 of House Resolution 535, the ordering of the yeas and nays on postponed motions to suspend the rules with respect to such measures is vacated to the end that all such motions are considered as withdrawn.
The question is on the motion offered by the gentleman from Maryland
(Mr. Hoyer) that the House suspend the rules and pass the bills and agree to the resolutions.
The question was taken.
The SPEAKER pro tempore. In the opinion of the Chair, two-thirds being in the affirmative, the ayes have it.
Mr. ROSENDALE. Mr. Speaker, on that I demand the yeas and nays.
The SPEAKER pro tempore. Pursuant to section 3(s) of House Resolution 8, the yeas and nays are ordered.
The vote was taken by electronic device, and there were--yeas 319, nays 105, not voting 6, as follows:
YEAS--319
Adams Aguilar Allred Amodei Auchincloss Axne Bacon Baird Barr Barragan Bass Beatty Bentz Bera Beyer Bice (OK) Bilirakis Bishop (GA) Blumenauer Blunt Rochester Bonamici Bost Bourdeaux Bowman Boyle, Brendan F. Brown Brownley Buchanan Bush Bustos Butterfield Calvert Cammack Carbajal Cardenas Carson Carter (LA) Cartwright Case Casten Castor (FL) Castro (TX) Chabot Cheney Chu Cicilline Clark (MA) Clarke (NY) Cleaver Clyburn Cohen Cole Comer Connolly Cooper Correa Costa Courtney Craig Crenshaw Crist Crow Cuellar Davids (KS) Davis, Danny K. Davis, Rodney Dean DeFazio DeGette DeLauro DelBene Delgado Demings DeSaulnier Deutch Diaz-Balart Dingell Doggett Doyle, Michael F. Emmer Escobar Eshoo Espaillat Evans Feenstra Fischbach Fitzpatrick Fletcher Fortenberry Foster Frankel, Lois Gallagher Gallego Garamendi Garbarino Garcia (CA) Garcia (IL) Garcia (TX) Gimenez Golden Gomez Gonzales, Tony Gonzalez (OH) Gonzalez, Vicente Gottheimer Granger Graves (LA) Graves (MO) Green, Al (TX) Grijalva Guest Guthrie Harder (CA) Harshbarger Hartzler Hayes Herrera Beutler Higgins (NY) Hill Himes Hollingsworth Horsford Houlahan Hoyer Hudson Huffman Jackson Lee Jacobs (CA) Jacobs (NY) Jayapal Jeffries Johnson (GA) Johnson (OH) Johnson (SD) Johnson (TX) Jones Joyce (OH) Joyce (PA) Kahele Kaptur Katko Keating Kelly (IL) Kelly (PA) Khanna Kildee Kilmer Kim (CA) Kim (NJ) Kind Kinzinger Kirkpatrick Krishnamoorthi Kuster Kustoff LaHood LaMalfa Lamb Langevin Larsen (WA) Larson (CT) Latta LaTurner Lawrence Lawson (FL) Lee (CA) Lee (NV) Leger Fernandez Letlow Levin (CA) Levin (MI) Lieu Lofgren Long Lowenthal Lucas Luetkemeyer Luria Lynch Mace Malinowski Malliotakis Maloney, Carolyn B. Maloney, Sean Manning Matsui McBath McCarthy McClain McCollum McEachin McGovern McHenry McKinley McNerney Meeks Meijer Meng Meuser Mfume Miller-Meeks Moolenaar Moore (WI) Morelle Moulton Mrvan Murphy (FL) Nadler Napolitano Neal Neguse Newhouse Newman Norcross Nunes O'Halleran Obernolte Ocasio-Cortez Omar Pallone Panetta Pappas Pascrell Payne Perlmutter Peters Phillips Pingree Pocan Porter Pressley Price (NC) Quigley Raskin Reed Reschenthaler Rice (NY) Rodgers (WA) Rogers (AL) Rogers (KY) Ross Roybal-Allard Ruiz Ruppersberger Rush Ryan Sanchez Sarbanes Scanlon Schakowsky Schiff Schneider Schrader Schrier
Schweikert Scott (VA) Scott, David Sewell Sherman Sherrill Simpson Sires Slotkin Smith (NE) Smith (NJ) Smith (WA) Smucker Soto Spanberger Spartz Speier Stansbury Stanton Steel Stefanik Stevens Strickland Suozzi Swalwell Takano Tenney Thompson (CA) Thompson (MS) Thompson (PA) Titus Tlaib Tonko Torres (CA) Torres (NY) Trahan Trone Turner Underwood Upton Valadao Van Drew Vargas Veasey Vela Velazquez Wagner Walberg Walorski Waltz Wasserman Schultz Waters Watson Coleman Welch Wenstrup Wexton Wild Williams (GA) Wilson (FL) Wilson (SC) Wittman Womack Yarmuth Young Zeldin
NAYS--105
Aderholt Armstrong Arrington Babin Balderson Banks Bergman Biggs Bishop (NC) Boebert Brady Brooks Buck Bucshon Budd Burchett Burgess Carl Carter (GA) Carter (TX) Cawthorn Cline Cloud Clyde Crawford Curtis Davidson DesJarlais Donalds Duncan Dunn Estes Fallon Ferguson Fitzgerald Fleischmann Foxx Franklin, C. Scott Fulcher Gaetz Gibbs Gohmert Good (VA) Gooden (TX) Gosar Green (TN) Greene (GA) Griffith Grothman Hagedorn Harris Hern Herrell Hice (GA) Hinson Huizenga Jackson Johnson (LA) Jordan Keller Kelly (MS) Lamborn Lesko Loudermilk Mann Massie Mast McCaul McClintock Miller (IL) Miller (WV) Mooney Moore (AL) Moore (UT) Mullin Murphy (NC) Nehls Norman Owens Palazzo Palmer Pence Perry Pfluger Posey Rice (SC) Rose Rosendale Rouzer Roy Rutherford Scalise Sessions Smith (MO) Steil Steube Stewart Taylor Tiffany Timmons Van Duyne Weber (TX) Webster (FL) Westerman Williams (TX)
NOT VOTING--6
Allen Higgins (LA) Issa Salazar Scott, Austin Stauber
{time} 1630
Mr. BALDERSON changed his vote from ``yea'' to ``nay.''
So (two-thirds being in the affirmative) the rules were suspended and the bills were passed and the resolutions were agreed to.
The result of the vote was announced as above recorded.
A motion to reconsider was laid on the table.
Stated against:
Mr. STAUBER. Mr. Speaker, had I been present, I would have voted
``nay'' on rollcall No. 212.
Mr. ALLEN. Mr. Speaker, had I been present, I would have voted
``nay'' on rollcall No. 212.
members recorded pursuant to house resolution 8, 117th congress
Aderholt (Moolenaar) Buchanan (LaHood) DeSaulnier (Matsui) Doyle, Michael F. (Cartwright) Frankel, Lois (Clark (MA)) Fulcher (Simpson) Garcia (IL) (Garcia (TX)) Gottheimer (Panetta) Granger (Calvert) Grijalva (Stanton) Johnson (TX) (Jeffries) Jones (Williams (GA)) Kahele (Moulton) Kirkpatrick (Stanton) Lawson (FL) (Evans) McEachin (Wexton) Meng (Jeffries) Napolitano (Correa) Payne (Pallone) Ruiz (Correa) Rush (Underwood) Stewart (Owens) Trone (Beyer) Wilson (FL) (Hayes)
____________________
SOURCE: Congressional Record Vol. 167, No. 127
The Congressional Record is a unique source of public documentation. It started in 1873, documenting nearly all the major and minor policies being discussed and debated.
House Representatives' salaries are historically higher than the median US income.
Alerts Sign-up