[Congressional Bills 114th Congress]
[From the U.S. Government Publishing Office]
[S. 135 Introduced in Senate (IS)]

114th CONGRESS
  1st Session
                                 S. 135

     To prohibit Federal agencies from mandating the deployment of 
             vulnerabilities in data security technologies.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                            January 8, 2015

   Mr. Wyden introduced the following bill; which was read twice and 
   referred to the Committee on Commerce, Science, and Transportation

_______________________________________________________________________

                                 A BILL


 
     To prohibit Federal agencies from mandating the deployment of 
             vulnerabilities in data security technologies.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Secure Data Act of 2015''.

SEC. 2. PROHIBITION ON DATA SECURITY VULNERABILITY MANDATES.

    (a) In General.--Except as provided in subsection (b), no agency 
may mandate that a manufacturer, developer, or seller of covered 
products design or alter the security functions in its product or 
service to allow the surveillance of any user of such product or 
service, or to allow the physical search of such product, by any 
agency.
    (b) Exception.--Subsection (a) shall not apply to mandates 
authorized under the Communications Assistance for Law Enforcement Act 
(47 U.S.C. 1001 et seq.).
    (c) Definitions.--In this section--
            (1) the term ``agency'' has the meaning given the term in 
        section 3502 of title 44, United States Code; and
            (2) the term ``covered product'' means any computer 
        hardware, computer software, or electronic device that is made 
        available to the general public.
                                 <all>