Bill SponsorBILLSPONSOR
Bill Sponsor
Politicians
Bills
Senate Bill 3788
115th Congress(2017-2018)
A bill to require studies on cyberexploitation of employees of certain Federal departments and their families, and for other purposes.
Introduced
Introduced
Introduced in Senate on Dec 19, 2018
Overview
Text
Introduced in Senate 
Dec 19, 2018
Not Scanned for Linkage
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
Introduced in Senate(Dec 19, 2018)
Dec 19, 2018
Not Scanned for Linkage
About Linkage
Multiple bills can contain the same text. This could be an identical bill in the opposite chamber or a smaller bill with a section embedded in a larger bill.
Bill Sponsor regularly scans bill texts to find sections that are contained in other bill texts. When a matching section is found, the bills containing that section can be viewed by clicking "View Bills" within the bill text section.
Bill Sponsor is currently only finding exact word-for-word section matches. In a future release, partial matches will be included.
Jump To
S. 3788 (Introduced-in-Senate)


115th CONGRESS
2d Session
S. 3788


To require studies on cyberexploitation of employees of certain Federal departments and their families, and for other purposes.

IN THE SENATE OF THE UNITED STATES

December 19, 2018

Mr. Sasse introduced the following bill; which was read twice and referred to the Committee on Homeland Security and Governmental Affairs

A BILL

To require studies on cyberexploitation of employees of certain Federal departments and their families, and for other purposes.

Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. Study on cyberexploitation of employees of certain Federal departments and their families.

(a) Definitions.—In this section:

(1) COVERED DEPARTMENT.—The term “covered department” includes the following:

(A) The Department of Justice.

(B) The Department of Energy.

(C) The Department of Homeland Security.

(D) The Department of State.

(E) The Department of the Treasury.

(F) The United States Agency for International Development.

(G) The civilian employees of the Department of Defense.

(2) CYBEREXPLOITATION.—The term “cy­ber­ex­ploi­ta­tion” means the use of digital means to knowingly access, or conspire to access, without authorization, an individual’s personal information to be employed (or to be used for) with malicious intent.

(3) DEEP FAKE.—The term “deep fake” means the digital insertion of a person’s likeness into or digital alteration of a person’s likeness in visual media, such as photographs and videos, without the person’s permission and with malicious intent.

(b) Study required.—Not later than 150 days after the date of the enactment of this Act, each head of a covered department shall complete a study on the cy­ber­ex­ploi­ta­tion of the personal information and accounts of employees of the covered department and their families.

(c) Elements.—The study required by subsection (b) shall include, with respect to a covered department, the following:

(1) An assessment of the vulnerability of employees described in subsection (b) and their families to inappropriate access to their personal information and accounts of such employees and their families, including identification of particularly vulnerable subpopulations.

(2) Creation of a catalogue of past and current efforts by foreign governments and non-state actors at the cyberexploitation of the personal information and accounts of such employees and their families, including an assessment of the purposes of such efforts and their degrees of success.

(3) An assessment of the actions taken by the department or agency to educate employees and their families, including particularly vulnerable subpopulations, about and actions that can be taken to otherwise reduce these threats.

(4) Assessment of the potential for the cy­ber­ex­ploi­ta­tion of misappropriated images and videos as well as deep fakes.

(5) Development of recommendations for policy changes to reduce the vulnerability of such employees and their families to cyberexploitation, including recommendations for legislative or administrative action.

(d) Report.—

(1) IN GENERAL.—Each head of a covered department shall submit to Congress a report on the findings of the head with respect to the study conducted by the head under subsection (b).

(2) FORM.—The report required by paragraph (1) shall be submitted in unclassified form, but may include a classified annex.