[Congressional Bills 115th Congress]
[From the U.S. Government Publishing Office]
[S. 3153 Placed on Calendar Senate (PCS)]

<DOC>





                                                       Calendar No. 494
115th CONGRESS
  2d Session
                                S. 3153

    To authorize appropriations for fiscal years 2018 and 2019 for 
 intelligence and intelligence-related activities of the United States 
     Government, the Community Management Account, and the Central 
  Intelligence Agency Retirement and Disability System, and for other 
                               purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             June 28, 2018

   Mr. Burr, from the Select Committee on Intelligence, reported the 
    following original bill; which was read twice and placed on the 
                                calendar

_______________________________________________________________________

                                 A BILL


 
    To authorize appropriations for fiscal years 2018 and 2019 for 
 intelligence and intelligence-related activities of the United States 
     Government, the Community Management Account, and the Central 
  Intelligence Agency Retirement and Disability System, and for other 
                               purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE; TABLE OF CONTENTS.

    (a) Short Title.--This Act may be cited as the ``Matthew Young 
Pollard Intelligence Authorization Act for Fiscal Years 2018 and 
2019''.
    (b) Table of Contents.--The table of contents for this Act is as 
follows:

Sec. 1. Short title; table of contents.
Sec. 2. Definitions.
                    TITLE I--INTELLIGENCE ACTIVITIES

Sec. 101. Authorization of appropriations.
Sec. 102. Classified Schedules of Authorizations.
Sec. 103. Personnel ceiling adjustments.
Sec. 104. Intelligence Community Management Account.
 TITLE II--CENTRAL INTELLIGENCE AGENCY RETIREMENT AND DISABILITY SYSTEM

Sec. 201. Authorization of appropriations.
Sec. 202. Computation of annuities for employees of the Central 
                            Intelligence Agency.
           TITLE III--GENERAL INTELLIGENCE COMMUNITY MATTERS

Sec. 301. Restriction on conduct of intelligence activities.
Sec. 302. Increase in employee compensation and benefits authorized by 
                            law.
Sec. 303. Modification of special pay authority for science, 
                            technology, engineering, or mathematics 
                            positions and addition of special pay 
                            authority for cyber positions.
Sec. 304. Modification of appointment of Chief Information Officer of 
                            the Intelligence Community.
Sec. 305. Director of National Intelligence review of placement of 
                            positions within the intelligence community 
                            on the Executive Schedule.
Sec. 306. Supply Chain and Counterintelligence Risk Management Task 
                            Force.
Sec. 307. Consideration of adversarial telecommunications and 
                            cybersecurity infrastructure when sharing 
                            intelligence with foreign governments and 
                            entities.
Sec. 308. Cyber protection support for the personnel of the 
                            intelligence community in positions highly 
                            vulnerable to cyber attack.
Sec. 309. Modification of authority relating to management of supply-
                            chain risk.
Sec. 310. Limitations on determinations regarding certain security 
                            classifications.
  TITLE IV--MATTERS RELATING TO ELEMENTS OF THE INTELLIGENCE COMMUNITY

      Subtitle A--Office of the Director of National Intelligence

Sec. 401. Authority for protection of current and former employees of 
                            the Office of the Director of National 
                            Intelligence.
Sec. 402. Designation of the program manager-information sharing 
                            environment.
Sec. 403. Modification to the executive schedule.
                       Subtitle B--Other Elements

Sec. 411. Repeal of foreign language proficiency requirement for 
                            certain senior level positions in the 
                            Central Intelligence Agency.
Sec. 412. Plan for designation of counterintelligence component of 
                            Defense Security Service as an element of 
                            intelligence community.
Sec. 413. Notice not required for private entities.
                       TITLE V--ELECTION MATTERS

Sec. 501. Report on cyber attacks by foreign governments against United 
                            States election infrastructure.
Sec. 502. Review of intelligence community's posture to collect against 
                            and analyze Russian efforts to influence 
                            the Presidential election.
Sec. 503. Assessment of foreign intelligence threats to Federal 
                            elections.
Sec. 504. Strategy for countering Russian cyber threats to United 
                            States elections.
Sec. 505. Information sharing with State election officials.
Sec. 506. Designation of counterintelligence officer to lead election 
                            security matters.
                     TITLE VI--SECURITY CLEARANCES

Sec. 601. Definitions.
Sec. 602. Reports and plans relating to security clearances and 
                            background investigations.
Sec. 603. Improving the process for security clearances.
Sec. 604. Goals for promptness of determinations regarding security 
                            clearances.
Sec. 605. Security Executive Agent.
Sec. 606. Report on unified, simplified, governmentwide standards for 
                            positions of trust and security clearances.
Sec. 607. Report on clearance in person concept.
Sec. 608. Budget request documentation on funding for clearances.
Sec. 609. Reports on reciprocity for security clearances inside of 
                            departments and agencies.
Sec. 610. Intelligence community reports on security clearances.
Sec. 611. Periodic report on positions in the intelligence community 
                            which can be conducted without access to 
                            classified information, networks, or 
                            facilities.
Sec. 612. Information sharing program for positions of trust.
Sec. 613. Report on protections for confidentiality of whistleblower-
                            related communications.
                  TITLE VII--REPORTS AND OTHER MATTERS

    Subtitle A--Matters Relating to Russia and Other Foreign Powers

Sec. 701. Limitation relating to establishment or support of 
                            cybersecurity unit with the Government of 
                            Russia.
Sec. 702. Report on returning Russian compounds.
Sec. 703. Assessment of threat finance relating to Russia.
Sec. 704. Notification of an active measures campaign.
Sec. 705. Notification of travel by accredited diplomatic and consular 
                            personnel of the Russian Federation in the 
                            United States.
                          Subtitle B--Reports

Sec. 711. Technical correction to Inspector General study.
Sec. 712. Reports on authorities of the Chief Intelligence Officer of 
                            the Department of Homeland Security.
Sec. 713. Report on cyber exchange program.
Sec. 714. Report on role of Director of National Intelligence with 
                            respect to certain foreign investments.
Sec. 715. Report on surveillance by foreign governments against United 
                            States telecommunications networks.
Sec. 716. Biennial report on foreign investment risks.
Sec. 717. Modification of certain reporting requirement on travel of 
                            foreign diplomats.
Sec. 718. Semiannual reports on investigations of unauthorized 
                            disclosures of classified information.
Sec. 719. Congressional notification of designation of covered 
                            intelligence officer as persona non grata.
Sec. 720. Inspectors General reports on classification.
Sec. 721. Reports on intelligence community participation in 
                            vulnerabilities equities process of Federal 
                            Government.
Sec. 722. Reports on global water insecurity and national security 
                            implications.
Sec. 723. Annual report on memoranda of understanding between elements 
                            of intelligence community and other 
                            entities of the United States Government 
                            regarding significant operational 
                            activities or policy.
Sec. 724. Repeal of report requirement for inspectors general of 
                            certain elements of intelligence community.
Sec. 725. Repeal of requirement for annual personnel level assessments 
                            for the intelligence community.
Sec. 726. Report on outreach strategy addressing threats from United 
                            States adversaries to the United States 
                            technology sector.
Sec. 727. Study on the feasibility of encrypting unclassified wireline 
                            and wireless telephone calls.
Sec. 728. Modification of requirement for annual report on hiring and 
                            retention of minority employees.
                       Subtitle C--Other Matters

Sec. 731. Technical amendments related to the Department of Energy.
Sec. 732. Securing energy infrastructure.
Sec. 733. Sense of Congress on WikiLeaks.
Sec. 734. Bug bounty programs.
Sec. 735. Sense of Congress on consideration of espionage activities 
                            when considering whether or not to provide 
                            visas to foreign individuals to be 
                            accredited to a United Nations mission in 
                            the United States.
Sec. 736. Public Interest Declassification Board.
Sec. 737. Modification of authorities relating to the National 
                            Intelligence University.

SEC. 2. DEFINITIONS.

    In this Act:
            (1) Congressional intelligence committees.--The term 
        ``congressional intelligence committees'' has the meaning given 
        such term in section 3 of the National Security Act of 1947 (50 
        U.S.C. 3003).
            (2) Intelligence community.--The term ``intelligence 
        community'' has the meaning given such term in such section.

                    TITLE I--INTELLIGENCE ACTIVITIES

SEC. 101. AUTHORIZATION OF APPROPRIATIONS.

    (a) In General.--Funds are hereby authorized to be appropriated for 
fiscal years 2018 and 2019 for the conduct of the intelligence and 
intelligence-related activities of the following elements of the United 
States Government:
            (1) The Office of the Director of National Intelligence.
            (2) The Central Intelligence Agency.
            (3) The Department of Defense.
            (4) The Defense Intelligence Agency.
            (5) The National Security Agency.
            (6) The Department of the Army, the Department of the Navy, 
        and the Department of the Air Force.
            (7) The Coast Guard.
            (8) The Department of State.
            (9) The Department of the Treasury.
            (10) The Department of Energy.
            (11) The Department of Justice.
            (12) The Federal Bureau of Investigation.
            (13) The Drug Enforcement Administration.
            (14) The National Reconnaissance Office.
            (15) The National Geospatial-Intelligence Agency.
            (16) The Department of Homeland Security.
    (b) Certain Specific Authorization.--Funds appropriated by the 
Department of Defense Missile Defeat and Defense Enhancements 
Appropriations Act, 2018 (division B of Public Law 115-96) for 
intelligence or intelligence-related activities are specifically 
authorized by Congress for purposes of section 504 of the National 
Security Act of 1947 (50 U.S.C. 3094), as specified in the classified 
Schedule of Authorizations pursuant to section 102, and are subject to 
such section 504.
    (c) Limitation on Certain Waivers From Limitations on Funding of 
Intelligence Activities.--
            (1) Waivers for covert actions.--Section 504 of the 
        National Security Act of 1947 (50 U.S.C. 3094) is amended--
                    (A) by redesignating subsection (e) as subsection 
                (f); and
                    (B) by inserting after subsection (d) the 
                following:
    ``(e) This section cannot be waived for any covert action (as 
defined in section 503(e)) unless and until the Director of National 
Intelligence notifies the congressional intelligence committees that 
the action is urgent for national security purposes.''.
            (2) Waivers for major systems acquisitions.--Such section, 
        as amended by paragraph (1), is further amended--
                    (A) by redesignating subsection (f) as subsection 
                (g); and
                    (B) by inserting after subsection (e), as added by 
                paragraph (1), the following:
    ``(f) This section cannot be waived for any major system (as 
defined in section 506A(e)) acquisition unless and until the Director 
of National Intelligence notifies the congressional intelligence 
committees that the action is urgent for national security purposes.''.

SEC. 102. CLASSIFIED SCHEDULES OF AUTHORIZATIONS.

    (a) Specifications of Amounts and Personnel Levels.--
            (1) Fiscal year 2018.--The amounts authorized to be 
        appropriated under section 101 and, subject to section 103, the 
        authorized personnel ceilings as of September 30, 2018, for the 
        conduct of the intelligence activities of the elements listed 
        in paragraphs (1) through (16) of section 101, are those 
        specified in the classified Schedule of Authorizations for 
        fiscal year 2018 prepared to accompany this Act.
            (2) Fiscal year 2019.--The amounts authorized to be 
        appropriated under section 101 and, subject to section 103, the 
        authorized personnel ceilings as of September 30, 2019, for the 
        conduct of the intelligence activities of the elements listed 
        in paragraphs (1) through (16) of section 101, are those 
        specified in the classified Schedule of Authorizations for 
        fiscal year 2019 prepared to accompany this Act.
    (b) Availability of Classified Schedules of Authorizations.--
            (1) Availability.--The classified Schedules of 
        Authorizations referred to in subsection (a) shall be made 
        available to the Committee on Appropriations of the Senate, the 
        Committee on Appropriations of the House of Representatives, 
        and to the President.
            (2) Distribution by the president.--Subject to paragraph 
        (3), the President shall provide for suitable distribution of 
        the classified Schedules of Authorizations referred to in 
        subsection (a), or of appropriate portions of such Schedule, 
        within the executive branch.
            (3) Limits on disclosure.--The President shall not publicly 
        disclose the classified Schedules of Authorizations or any 
        portion of such Schedule except--
                    (A) as provided in section 601(a) of the 
                Implementing Recommendations of the 9/11 Commission Act 
                of 2007 (50 U.S.C. 3306(a));
                    (B) to the extent necessary to implement the 
                budget; or
                    (C) as otherwise required by law.

SEC. 103. PERSONNEL CEILING ADJUSTMENTS.

    (a) Authority for Increases.--The Director of National Intelligence 
may authorize employment of civilian personnel in excess of the number 
authorized for fiscal year 2018 by the classified Schedules of 
Authorizations referred to in section 102(a) if the Director of 
National Intelligence determines that such action is necessary to the 
performance of important intelligence functions, except that the number 
of personnel employed in excess of the number authorized under such 
section may not, for any element of the intelligence community, 
exceed--
            (1) 3 percent of the number of civilian personnel 
        authorized under such schedule for such element; or
            (2) 10 percent of the number of civilian personnel 
        authorized under such schedule for such element for the 
        purposes of converting the performance of any function by 
        contractors to performance by civilian personnel.
    (b) Treatment of Certain Personnel.--The Director of National 
Intelligence shall establish guidelines that govern, for each element 
of the intelligence community, the treatment under the personnel levels 
authorized under section 102(a), including any exemption from such 
personnel levels, of employment or assignment in--
            (1) a student program, trainee program, or similar program;
            (2) a reserve corps or as a reemployed annuitant; or
            (3) details, joint duty, or long-term, full-time training.
    (c) Notice to Congressional Intelligence Committees.--Not later 
than 15 days prior to the exercise of an authority described in 
subsection (a), the Director of National Intelligence shall submit to 
the congressional intelligence committees--
            (1) a written notice of the exercise of such authority; and
            (2) in the case of an exercise of such authority subject to 
        the limitation in subsection (a)(2), a written justification 
        for the contractor conversion that includes a comparison of 
        whole-of-government costs.

SEC. 104. INTELLIGENCE COMMUNITY MANAGEMENT ACCOUNT.

    (a) Authorization of Appropriations.--
            (1) Fiscal year 2018.--There is authorized to be 
        appropriated for the Intelligence Community Management Account 
        of the Director of National Intelligence for fiscal year 2018 
        the sum of $546,900,000. Within such amount, funds identified 
        in the classified Schedule of Authorizations referred to in 
        section 102(a) for advanced research and development shall 
        remain available until September 30, 2019.
            (2) Fiscal year 2019.--There is authorized to be 
        appropriated for the Intelligence Community Management Account 
        of the Director of National Intelligence for fiscal year 2019 
        the sum of $539,624,000. Within such amount, funds identified 
        in the classified Schedule of Authorizations referred to in 
        section 102(a) for advanced research and development shall 
        remain available until September 30, 2020.
    (b) Authorized Personnel Levels.--The elements within the 
Intelligence Community Management Account of the Director of National 
Intelligence are authorized 797 positions as of September 30, 2018. 
Personnel serving in such elements may be permanent employees of the 
Office of the Director of National Intelligence or personnel detailed 
from other elements of the United States Government.
    (c) Classified Authorizations.--
            (1) Authorization of appropriations.--
                    (A) Fiscal year 2018.--In addition to amounts 
                authorized to be appropriated for the Intelligence 
                Community Management Account by subsection (a), there 
                are authorized to be appropriated for the Intelligence 
                Community Management Account for fiscal year 2018 such 
                additional amounts as are specified in the classified 
                Schedule of Authorizations referred to in section 
                102(a). Such additional amounts made available for 
                advanced research and development shall remain 
                available until September 30, 2019.
                    (B) Fiscal year 2019.--In addition to amounts 
                authorized to be appropriated for the Intelligence 
                Community Management Account by subsection (a), there 
                are authorized to be appropriated for the Intelligence 
                Community Management Account for fiscal year 2019 such 
                additional amounts as are specified in the classified 
                Schedule of Authorizations referred to in section 
                102(a). Such additional amounts made available for 
                advanced research and development shall remain 
                available until September 30, 2020.
            (2) Authorization of personnel.--In addition to the 
        personnel authorized by subsection (b) for elements of the 
        Intelligence Community Management Account as of September 30, 
        2018, there are authorized such additional personnel for the 
        Community Management Account as of that date as are specified 
        in the classified Schedule of Authorizations referred to in 
        section 102(a).

 TITLE II--CENTRAL INTELLIGENCE AGENCY RETIREMENT AND DISABILITY SYSTEM

SEC. 201. AUTHORIZATION OF APPROPRIATIONS.

    There is authorized to be appropriated for the Central Intelligence 
Agency Retirement and Disability Fund $514,000,000 for each of fiscal 
years 2018 and 2019.

SEC. 202. COMPUTATION OF ANNUITIES FOR EMPLOYEES OF THE CENTRAL 
              INTELLIGENCE AGENCY.

    (a) Computation of Annuities.--
            (1) In general.--Section 221 of the Central Intelligence 
        Agency Retirement Act (50 U.S.C. 2031) is amended--
                    (A) in subsection (a)(3)(B), by striking the period 
                at the end and inserting ``, as determined by using the 
                annual rate of basic pay that would be payable for 
                full-time service in that position.'';
                    (B) in subsection (b)(1)(C)(i), by striking ``12-
                month'' and inserting ``2-year'';
                    (C) in subsection (f)(2), by striking ``one year'' 
                and inserting ``two years'';
                    (D) in subsection (g)(2), by striking ``one year'' 
                each place such term appears and inserting ``two 
                years'';
                    (E) by redesignating subsections (h), (i), (j), 
                (k), and (l) as subsections (i), (j), (k), (l), and 
                (m), respectively; and
                    (F) by inserting after subsection (g) the 
                following:
    ``(h) Conditional Election of Insurable Interest Survivor Annuity 
by Participants Married at the Time of Retirement.--
            ``(1)  Authority to make designation.--Subject to the 
        rights of former spouses under subsection (b) and section 222, 
        at the time of retirement a married participant found by the 
        Director to be in good health may elect to receive an annuity 
        reduced in accordance with subsection (f)(1)(B) and designate 
        in writing an individual having an insurable interest in the 
        participant to receive an annuity under the system after the 
        participant's death, except that any such election to provide 
        an insurable interest survivor annuity to the participant's 
        spouse shall only be effective if the participant's spouse 
        waives the spousal right to a survivor annuity under this Act. 
        The amount of the annuity shall be equal to 55 percent of the 
        participant's reduced annuity.
            ``(2) Reduction in participant's annuity.--The annuity 
        payable to the participant making such election shall be 
        reduced by 10 percent of an annuity computed under subsection 
        (a) and by an additional 5 percent for each full 5 years the 
        designated individual is younger than the participant. The 
        total reduction under this subparagraph may not exceed 40 
        percent.
            ``(3) Commencement of survivor annuity.--The annuity 
        payable to the designated individual shall begin on the day 
        after the day that the retired participant dies and terminate 
        on the last day of the month before the designated individual 
        dies.
            ``(4) Recomputation of participant's annuity on death of 
        designated individual.--An annuity that is reduced under this 
        subsection shall, effective the first day of the month 
        following the death of the designated individual, be recomputed 
        and paid as if the annuity had not been so reduced.''.
            (2) Conforming amendments.--
                    (A) Central intelligence agency retirement act.--
                The Central Intelligence Agency Retirement Act (50 
                U.S.C. 2001 et seq.) is amended--
                            (i) in section 232(b)(1) (50 U.S.C. 
                        2052(b)(1)), by striking ``221(h),'' and 
                        inserting ``221(i),''; and
                            (ii) in section 252(h)(4) (50 U.S.C. 
                        2082(h)(4)), by striking ``221(k)'' and 
                        inserting ``221(l)''.
                    (B) Central intelligence agency act of 1949.--
                Subsection (a) of section 14 of the Central 
                Intelligence Agency Act of 1949 (50 U.S.C. 3514(a)) is 
                amended by striking ``221(h)(2), 221(i), 221(l),'' and 
                inserting ``221(i)(2), 221(j), 221(m),''.
    (b) Annuities for Former Spouses.--Subparagraph (B) of section 
222(b)(5) of the Central Intelligence Agency Retirement Act (50 U.S.C. 
2032(b)(5)(B)) is amended by striking ``one year'' and inserting ``two 
years''.
    (c) Prior Service Credit.--Subparagraph (A) of section 252(b)(3) of 
the Central Intelligence Agency Retirement Act (50 U.S.C. 
2082(b)(3)(A)) is amended by striking ``October 1, 1990'' both places 
that term appears and inserting ``March 31, 1991''.
    (d) Reemployment Compensation.--Section 273 of the Central 
Intelligence Agency Retirement Act (50 U.S.C. 2113) is amended--
            (1) by redesignating subsections (b) and (c) as subsections 
        (c) and (d), respectively; and
            (2) by inserting after subsection (a) the following:
    ``(b) Part-Time Reemployed Annuitants.--The Director shall have the 
authority to reemploy an annuitant on a part-time basis in accordance 
with section 8344(l) of title 5, United States Code.''.
    (e) Effective Date and Application.--The amendments made by 
subsection (a)(1)(A) and subsection (c) shall take effect as if enacted 
on October 28, 2009, and shall apply to computations or participants, 
respectively, as of such date.

           TITLE III--GENERAL INTELLIGENCE COMMUNITY MATTERS

SEC. 301. RESTRICTION ON CONDUCT OF INTELLIGENCE ACTIVITIES.

    The authorization of appropriations by this Act shall not be deemed 
to constitute authority for the conduct of any intelligence activity 
that is not otherwise authorized by the Constitution or the laws of the 
United States.

SEC. 302. INCREASE IN EMPLOYEE COMPENSATION AND BENEFITS AUTHORIZED BY 
              LAW.

    Appropriations authorized by this Act for salary, pay, retirement, 
and other benefits for Federal employees may be increased by such 
additional or supplemental amounts as may be necessary for increases in 
such compensation or benefits authorized by law.

SEC. 303. MODIFICATION OF SPECIAL PAY AUTHORITY FOR SCIENCE, 
              TECHNOLOGY, ENGINEERING, OR MATHEMATICS POSITIONS AND 
              ADDITION OF SPECIAL PAY AUTHORITY FOR CYBER POSITIONS.

    Section 113B of the National Security Act of 1947 (50 U.S.C. 3049a) 
is amended--
            (1) by amending subsection (a) to read as follows:
    ``(a) Special Rates of Pay for Positions Requiring Expertise in 
Science, Technology, Engineering, or Mathematics.--
            ``(1) In general.--Notwithstanding part III of title 5, 
        United States Code, the head of each element of the 
        intelligence community may, for 1 or more categories of 
        positions in such element that require expertise in science, 
        technology, engineering, or mathematics--
                    ``(A) establish higher minimum rates of pay; and
                    ``(B) make corresponding increases in all rates of 
                pay of the pay range for each grade or level, subject 
                to subsection (b) or (c), as applicable.
            ``(2) Treatment.--The special rate supplements resulting 
        from the establishment of higher rates under paragraph (1) 
        shall be basic pay for the same or similar purposes as those 
        specified in section 5305(j) of title 5, United States Code.'';
            (2) by redesignating subsections (b) through (f) as 
        subsections (c) through (g), respectively;
            (3) by inserting after subsection (a) the following:
    ``(b) Special Rates of Pay for Cyber Positions.--
            ``(1) In general.--Notwithstanding subsection (c), the 
        Director of the National Security Agency may establish a 
        special rate of pay--
                    ``(A) not to exceed the rate of basic pay payable 
                for level II of the Executive Schedule under section 
                5313 of title 5, United States Code, if the Director 
                certifies to the Under Secretary of Defense for 
                Intelligence, in consultation with the Under Secretary 
                of Defense for Personnel and Readiness, that the rate 
                of pay is for positions that perform functions that 
                execute the cyber mission of the Agency; or
                    ``(B) not to exceed the rate of basic pay payable 
                for the Vice President of the United States under 
                section 104 of title 3, United States Code, if the 
                Director certifies to the Secretary of Defense, by 
                name, individuals that have advanced skills and 
                competencies and that perform critical functions that 
                execute the cyber mission of the Agency.
            ``(2) Pay limitation.--Employees receiving a special rate 
        under paragraph (1) shall be subject to an aggregate pay 
        limitation that parallels the limitation established in section 
        5307 of title 5, United States Code, except that--
                    ``(A) any allowance, differential, bonus, award, or 
                other similar cash payment in addition to basic pay 
                that is authorized under title 10, United States Code 
                (or any other applicable law in addition to title 5 of 
                such Code, excluding the Fair Labor Standards Act of 
                1938 (29 U.S.C. 201 et seq.)) shall also be counted as 
                part of aggregate compensation; and
                    ``(B) aggregate compensation may not exceed the 
                rate established for the Vice President of the United 
                States under section 104 of title 3, United States 
                Code.
            ``(3) Limitation on number of recipients.--The number of 
        individuals who receive basic pay established under paragraph 
        (1)(B) may not exceed 100 at any time.
            ``(4) Limitation on use as comparative reference.--
        Notwithstanding any other provision of law, special rates of 
        pay and the limitation established under paragraph (1)(B) may 
        not be used as comparative references for the purpose of fixing 
        the rates of basic pay or maximum pay limitations of qualified 
        positions under section 1599f of title 10, United States Code, 
        or section 226 of the Homeland Security Act of 2002 (6 U.S.C. 
        147).'';
            (4) in subsection (c), as redesignated by paragraph (2), by 
        striking ``A minimum'' and inserting ``Except as provided in 
        subsection (b), a minimum'';
            (5) in subsection (d), as redesignated by paragraph (2), by 
        inserting ``or (b)'' after ``by subsection (a)''; and
            (6) in subsection (g), as redesignated by paragraph (2)--
                    (A) in paragraph (1), by striking ``Not later than 
                90 days after the date of the enactment of the 
                Intelligence Authorization Act for Fiscal Year 2017'' 
                and inserting ``Not later than 90 days after the date 
                of the enactment of the Matthew Young Pollard 
                Intelligence Authorization Act for Fiscal Years 2018 
                and 2019''; and
                    (B) in paragraph (2)(A), by inserting ``or (b)'' 
                after ``subsection (a)''.

SEC. 304. MODIFICATION OF APPOINTMENT OF CHIEF INFORMATION OFFICER OF 
              THE INTELLIGENCE COMMUNITY.

    Section 103G(a) of the National Security Act of 1947 (50 U.S.C. 
3032(a)) is amended by striking ``President'' and inserting 
``Director''.

SEC. 305. DIRECTOR OF NATIONAL INTELLIGENCE REVIEW OF PLACEMENT OF 
              POSITIONS WITHIN THE INTELLIGENCE COMMUNITY ON THE 
              EXECUTIVE SCHEDULE.

    (a) Review.--The Director of National Intelligence, in coordination 
with the Director of the Office of Personnel Management, shall conduct 
a review of positions within the intelligence community regarding the 
placement of such positions on the Executive Schedule under subchapter 
II of chapter 53 of title 5, United States Code. In carrying out such 
review, the Director of National Intelligence, in coordination with the 
Director of the Office of Personnel Management, shall determine--
            (1) the standards under which such review will be 
        conducted;
            (2) which positions should or should not be on the 
        Executive Schedule; and
            (3) for those positions that should be on the Executive 
        Schedule, the level of the Executive Schedule at which such 
        positions should be placed.
    (b) Report.--Not later than 60 days after the date on which the 
review under subsection (a) is completed, the Director of National 
Intelligence shall submit to the congressional intelligence committees, 
the Committee on Homeland Security and Governmental Affairs of the 
Senate, and the Committee on Oversight and Government Reform of the 
House of Representatives an unredacted report describing the standards 
by which the review was conducted and the outcome of the review.

SEC. 306. SUPPLY CHAIN AND COUNTERINTELLIGENCE RISK MANAGEMENT TASK 
              FORCE.

    (a) Requirement to Establish.--The Director of National 
Intelligence shall establish a Supply Chain and Counterintelligence 
Risk Management Task Force to standardize information sharing between 
the intelligence community and the acquisition community of the United 
States Government with respect to the supply chain and 
counterintelligence risks.
    (b) Members.--The Supply Chain and Counterintelligence Risk 
Management Task Force established under subsection (a) shall be 
composed of--
            (1) a representative of the Defense Security Service of the 
        Department of Defense;
            (2) a representative of the General Services 
        Administration;
            (3) a representative of the Office of Federal Procurement 
        Policy of the Office of Management and Budget;
            (4) a representative of the Department of Homeland 
        Security;
            (5) the Director of the National Counterintelligence and 
        Security Center; and
            (6) such other members as the Director of National 
        Intelligence determines appropriate.
    (c) Security Clearances.--Each member of the Supply Chain and 
Counterintelligence Risk Management Task Force established under 
subsection (a) shall have a security clearance at the top secret level 
and be able to access sensitive compartmented information.
    (d) Annual Report.--
            (1) In general.--Not less frequently than once each year, 
        the Supply Chain and Counterintelligence Risk Management Task 
        Force established under subsection (a) shall submit to the 
        appropriate congressional committees a report that describes 
        the activities of the Task Force during the previous year, 
        including identification of the supply chain and 
        counterintelligence risks shared with the acquisition community 
        of the United States Government by the intelligence community.
            (2) Appropriate congressional committees defined.--In this 
        subsection, the term ``appropriate congressional committees'' 
        means the following:
                    (A) The congressional intelligence committees.
                    (B) The Committee on Armed Services and the 
                Committee on Homeland Security and Governmental Affairs 
                of the Senate.
                    (C) The Committee on Armed Services, the Committee 
                on Homeland Security, and the Committee on Oversight 
                and Government Reform of the House of Representatives.

SEC. 307. CONSIDERATION OF ADVERSARIAL TELECOMMUNICATIONS AND 
              CYBERSECURITY INFRASTRUCTURE WHEN SHARING INTELLIGENCE 
              WITH FOREIGN GOVERNMENTS AND ENTITIES.

    Whenever the head of an element of the intelligence community 
enters into an intelligence sharing agreement with a foreign government 
or any other foreign entity, the head of the element shall consider the 
pervasiveness of telecommunications and cybersecurity infrastructure, 
equipment, and services provided by adversaries of the United States, 
particularly China and Russia, or entities of such adversaries in the 
country or region of the foreign government or other foreign entity 
entering into the agreement.

SEC. 308. CYBER PROTECTION SUPPORT FOR THE PERSONNEL OF THE 
              INTELLIGENCE COMMUNITY IN POSITIONS HIGHLY VULNERABLE TO 
              CYBER ATTACK.

    (a) Definitions.--In this section:
            (1) Personal accounts.--The term ``personal accounts'' 
        means accounts for online and telecommunications services, 
        including telephone, residential Internet access, email, text 
        and multimedia messaging, cloud computing, social media, health 
        care, and financial services, used by personnel of the 
        intelligence community outside of the scope of their employment 
        with elements of the intelligence community.
            (2) Personal technology devices.--The term ``personal 
        technology devices'' means technology devices used by personnel 
        of the intelligence community outside of the scope of their 
        employment with elements of the intelligence community, 
        including networks to which such devices connect.
    (b) Authority to Provide Cyber Protection Support.--
            (1) In general.--Subject to a determination by the Director 
        of National Intelligence, the Director may provide cyber 
        protection support for the personal technology devices and 
        personal accounts of the personnel described in paragraph (2).
            (2) At-risk personnel.--The personnel described in this 
        paragraph are personnel of the intelligence community--
                    (A) who the Director determines to be highly 
                vulnerable to cyber attacks and hostile information 
                collection activities because of the positions occupied 
                by such personnel in the intelligence community; and
                    (B) whose personal technology devices or personal 
                accounts are highly vulnerable to cyber attacks and 
                hostile information collection activities.
    (c) Nature of Cyber Protection Support.--Subject to the 
availability of resources, the cyber protection support provided to 
personnel under subsection (a) may include training, advice, 
assistance, and other services relating to cyber attacks and hostile 
information collection activities.
    (d) Limitation on Support.--Nothing in this section shall be 
construed--
            (1) to encourage personnel of the intelligence community to 
        use personal technology devices for official business; or
            (2) to authorize cyber protection support for senior 
        intelligence community personnel using personal devices, 
        networks, and personal accounts in an official capacity.
    (e) Report.--Not later than 180 days after the date of the 
enactment of this Act, the Director shall submit to the congressional 
intelligence committees a report on the provision of cyber protection 
support under subsection (a). The report shall include--
            (1) a description of the methodology used to make the 
        determination under subsection (a)(2); and
            (2) guidance for the use of cyber protection support and 
        tracking of support requests for personnel receiving cyber 
        protection support under subsection (a).

SEC. 309. MODIFICATION OF AUTHORITY RELATING TO MANAGEMENT OF SUPPLY-
              CHAIN RISK.

    (a) Modification of Effective Date.--Subsection (f) of section 309 
of the Intelligence Authorization Act for Fiscal Year 2012 (Public Law 
112-87; 50 U.S.C. 3329 note) is amended by striking ``the date that is 
180 days after''.
    (b) Extension.--Subsection (g) of such section is amended by 
striking ``the date'' and all that follows through the period and 
inserting ``September 30, 2023.''.
    (c) Reports.--Such section is amended--
            (1) by redesignating subsections (f) and (g), as amended by 
        subsections (a) and (b), as subsections (g) and (h), 
        respectively; and
            (2) by inserting after subsection (e) the following:
    ``(f) Annual Reports.--
            ``(1) In general.--Except as provided in paragraph (2), not 
        later than 180 days after the date of the enactment of the 
        Matthew Young Pollard Intelligence Authorization Act for Fiscal 
        Years 2018 and 2019 and not less frequently than once each 
        calendar year thereafter, the Director of National Intelligence 
        shall, in consultation with each head of a covered agency, 
        submit to the congressional intelligence committees (as defined 
        in section 3 of the National Security Act of 1947 (50 U.S.C. 
        3003)), a report that details the determinations and 
        notifications made under subsection (c) during the most 
        recently completed calendar year.
            ``(2) Initial report.--The first report submitted under 
        paragraph (1) shall detail all the determinations and 
        notifications made under subsection (c) before the date of the 
        submittal of the report.''.

SEC. 310. LIMITATIONS ON DETERMINATIONS REGARDING CERTAIN SECURITY 
              CLASSIFICATIONS.

    (a) Prohibition.--An officer of an element of the intelligence 
community who has been nominated by the President for a position that 
requires the advice and consent of the Senate may not make a 
classification decision with respect to information related to such 
officer.
    (b) Classification Determinations.--
            (1) In general.--Except as provided in paragraph (2), in a 
        case in which an officer described in subsection (a) has been 
        nominated as described in such subsection and classification 
        authority rests with the officer or another officer who reports 
        directly to such officer, a classification decision with 
        respect to information relating to the officer shall be made by 
        the Director of National Intelligence.
            (2) Nominations of director of national intelligence.--In a 
        case described in paragraph (1) in which the officer nominated 
        is the Director of National Intelligence, the classification 
        decision shall be made by the Principal Deputy Director of 
        National Intelligence.
    (c) Reports.--Whenever the Director or the Principal Deputy 
Director makes a decision under subsection (b), the Director or the 
Principal Deputy Director, as the case may be, shall submit to the 
congressional intelligence committees a report detailing the reasons 
for the decision.

  TITLE IV--MATTERS RELATING TO ELEMENTS OF THE INTELLIGENCE COMMUNITY

      Subtitle A--Office of the Director of National Intelligence

SEC. 401. AUTHORITY FOR PROTECTION OF CURRENT AND FORMER EMPLOYEES OF 
              THE OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE.

    Section 5(a)(4) of the Central Intelligence Agency Act of 1949 (50 
U.S.C. 3506(a)(4)) is amended by striking ``such personnel of the 
Office of the Director of National Intelligence as the Director of 
National Intelligence may designate;'' and inserting ``current and 
former personnel of the Office of the Director of National Intelligence 
and their immediate families as the Director of National Intelligence 
may designate;''.

SEC. 402. DESIGNATION OF THE PROGRAM MANAGER-INFORMATION SHARING 
              ENVIRONMENT.

    (a) Information Sharing Environment.--Section 1016(b) of the 
Intelligence Reform and Terrorism Prevention Act of 2004 (6 U.S.C. 
485(b)) is amended--
            (1) in paragraph (1), by striking ``President'' and 
        inserting ``Director of National Intelligence''; and
            (2) in paragraph (2), by striking ``President'' both places 
        that term appears and inserting ``Director of National 
        Intelligence''.
    (b) Program Manager.--Section 1016(f)(1) of the Intelligence Reform 
and Terrorism Prevention Act of 2004 (6 U.S.C. 485(f)(1)) is amended by 
striking ``The individual designated as the program manager shall serve 
as program manager until removed from service or replaced by the 
President (at the President's sole discretion).'' and inserting 
``Beginning on the date of the enactment of the Matthew Young Pollard 
Intelligence Authorization Act for Fiscal Years 2018 and 2019, each 
individual designated as the program manager shall be appointed by the 
Director of National Intelligence.''.

SEC. 403. MODIFICATION TO THE EXECUTIVE SCHEDULE.

    Section 5315 of title 5, United States Code, is amended by adding 
at the end the following:
    ``Director of the National Counterintelligence and Security 
Center.''.

                       Subtitle B--Other Elements

SEC. 411. REPEAL OF FOREIGN LANGUAGE PROFICIENCY REQUIREMENT FOR 
              CERTAIN SENIOR LEVEL POSITIONS IN THE CENTRAL 
              INTELLIGENCE AGENCY.

    (a) Repeal of Foreign Language Proficiency Requirement.--Section 
104A of the National Security Act of 1947 (50 U.S.C. 3036) is amended 
by striking subsection (g).
    (b) Conforming Repeal of Report Requirement.--Section 611 of the 
Intelligence Authorization Act for Fiscal Year 2005 (Public Law 108-
487) is amended by striking subsection (c).

SEC. 412. PLAN FOR DESIGNATION OF COUNTERINTELLIGENCE COMPONENT OF 
              DEFENSE SECURITY SERVICE AS AN ELEMENT OF INTELLIGENCE 
              COMMUNITY.

    Not later than 90 days after the date of the enactment of this Act, 
the Director of National Intelligence and Under Secretary of Defense 
for Intelligence, in coordination with the Director of the National 
Counterintelligence and Security Center, shall submit to the 
congressional intelligence committees, the Committee on Armed Services 
of the Senate, and the Committee on Armed Services of the House of 
Representatives a plan to designate the counterintelligence component 
of the Defense Security Service of the Department of Defense as an 
element of the intelligence community by not later than January 1, 
2020. Such plan shall--
            (1) address the implications of such designation on the 
        authorities, governance, personnel, resources, information 
        technology, collection, analytic products, information sharing, 
        and business processes of the Defense Security Service and the 
        intelligence community; and
            (2) not address the personnel security functions of the 
        Defense Security Service.

SEC. 413. NOTICE NOT REQUIRED FOR PRIVATE ENTITIES.

    Section 3553 of title 44, United States Code, is amended--
            (1) by redesignating subsection (j) as subsection (k); and
            (2) by inserting after subsection (i) the following:
    ``(j) Rule of Construction.--Nothing in this section shall be 
construed to require the Secretary to provide notice to any private 
entity before the Secretary issues a binding operational directive 
under subsection (b)(2).''.

                       TITLE V--ELECTION MATTERS

SEC. 501. REPORT ON CYBER ATTACKS BY FOREIGN GOVERNMENTS AGAINST UNITED 
              STATES ELECTION INFRASTRUCTURE.

    (a) Definitions.--In this section:
            (1) Appropriate congressional committees.--The term 
        ``appropriate congressional committees'' means--
                    (A) the congressional intelligence committees;
                    (B) the Committee on Homeland Security and 
                Governmental Affairs of the Senate; and
                    (C) the Committee on Homeland Security of the House 
                of Representatives.
            (2) Congressional leadership.--The term ``congressional 
        leadership'' includes the following:
                    (A) The majority leader of the Senate.
                    (B) The minority leader of the Senate.
                    (C) The Speaker of the House of Representatives.
                    (D) The minority leader of the House of 
                Representatives.
            (3) State.--The term ``State'' means any State of the 
        United States, the District of Columbia, the Commonwealth of 
        Puerto Rico, and any territory or possession of the United 
        States.
    (b) Report Required.--Not later than 60 days after the date of the 
enactment of this Act, the Under Secretary of Homeland Security for 
Intelligence and Analysis shall submit to congressional leadership and 
the appropriate congressional committees a report on cyber attacks and 
attempted cyber attacks by foreign governments on United States 
election infrastructure in States and localities in connection with the 
Presidential election in the United States and such cyber attacks (or 
attempted cyber attacks) as the Under Secretary anticipates against 
such infrastructure. Such report shall identify the States and 
localities affected and shall include cyber attacks and attempted cyber 
attacks against voter registration databases, voting machines, voting-
related computer networks, and the networks of Secretaries of State and 
other election officials of the various States.
    (c) Form.--The report submitted under subsection (b) shall be 
submitted in unclassified form, but may include a classified annex.

SEC. 502. REVIEW OF INTELLIGENCE COMMUNITY'S POSTURE TO COLLECT AGAINST 
              AND ANALYZE RUSSIAN EFFORTS TO INFLUENCE THE PRESIDENTIAL 
              ELECTION.

    (a) Review Required.--Not later than 1 year after the date of the 
enactment of this Act, the Director of National Intelligence shall--
            (1) complete an after action review of the posture of the 
        intelligence community to collect against and analyze efforts 
        of the Government of Russia to interfere in the 2016 
        Presidential election in the United States; and
            (2) submit to the congressional intelligence committees a 
        report on the findings of the Director with respect to such 
        review.
    (b) Elements.--The review required by subsection (a) shall include, 
with respect to the posture and efforts described in paragraph (1) of 
such subsection, the following:
            (1) An assessment of whether the resources of the 
        intelligence community were properly aligned to detect and 
        respond to the efforts described in subsection (a)(1).
            (2) An assessment of the information sharing that occurred 
        within elements of the intelligence community.
            (3) An assessment of the information sharing that occurred 
        between elements of the intelligence community.
            (4) An assessment of applicable authorities necessary to 
        collect on any such efforts and any deficiencies in those 
        authorities.
            (5) A review of the use of open source material to inform 
        analysis and warning of such efforts.
            (6) A review of the use of alternative and predictive 
        analysis.
    (c) Form of Report.--The report required by subsection (a)(2) shall 
be submitted to the congressional intelligence committees in classified 
form.

SEC. 503. ASSESSMENT OF FOREIGN INTELLIGENCE THREATS TO FEDERAL 
              ELECTIONS.

    (a) Definitions.--In this section:
            (1) Appropriate congressional committees.--The term 
        ``appropriate congressional committees'' means--
                    (A) the congressional intelligence committees;
                    (B) the Committee on Homeland Security and 
                Governmental Affairs of the Senate; and
                    (C) the Committee on Homeland Security of the House 
                of Representatives.
            (2) Congressional leadership.--The term ``congressional 
        leadership'' includes the following:
                    (A) The majority leader of the Senate.
                    (B) The minority leader of the Senate.
                    (C) The Speaker of the House of Representatives.
                    (D) The minority leader of the House of 
                Representatives.
            (3) Security vulnerability.--The term ``security 
        vulnerability'' has the meaning given such term in section 102 
        of the Cybersecurity Information Sharing Act of 2015 (6 U.S.C. 
        1501).
    (b) Assessment and Report.--The Director of National Intelligence, 
in coordination with the Director of the Central Intelligence Agency, 
the Director of the National Security Agency, the Director of the 
Federal Bureau of Investigation, the Secretary of Homeland Security, 
and the heads of other relevant elements of the intelligence community, 
shall--
            (1) commence not later than 1 year before any regularly 
        scheduled Federal election and complete not later than 180 days 
        before such election, an assessment of security vulnerabilities 
        of State election systems; and
            (2) not later than 180 days before any regularly scheduled 
        Federal election, submit a report on such security 
        vulnerabilities and an assessment of foreign intelligence 
        threats to the election to--
                    (A) congressional leadership; and
                    (B) the appropriate congressional committees.
    (c) Update.--Not later than 90 days before any regularly scheduled 
Federal election, the Director of National Intelligence shall--
            (1) update the assessment of foreign intelligence threats 
        to that election; and
            (2) submit the updated assessment to--
                    (A) congressional leadership; and
                    (B) the appropriate congressional committees.

SEC. 504. STRATEGY FOR COUNTERING RUSSIAN CYBER THREATS TO UNITED 
              STATES ELECTIONS.

    (a) Requirement for a Strategy.--Not later than 90 days after the 
date of the enactment of this Act, the Director of National 
Intelligence, in coordination with the Secretary of Homeland Security, 
the Director of the Federal Bureau of Investigation, the Director of 
the Central Intelligence Agency, the Secretary of State, the Secretary 
of Defense, and the Secretary of the Treasury, shall develop a whole-
of-government strategy for countering the threat of Russian cyber 
attacks and attempted cyber attacks against electoral systems and 
processes in the United States, including Federal, State, and local 
election systems, voter registration databases, voting tabulation 
equipment, and equipment and processes for the secure transmission of 
election results.
    (b) Elements of the Strategy.--The strategy required by subsection 
(a) shall include the following elements:
            (1) A whole-of-government approach to protecting United 
        States electoral systems and processes that includes the 
        agencies and departments indicated in subsection (a) as well as 
        any other agencies and departments of the United States, as 
        determined appropriate by the Director of National Intelligence 
        and the Secretary of Homeland Security.
            (2) Input solicited from Secretaries of State of the 
        various States and the chief election officials of the States.
            (3) Technical security measures, including auditable paper 
        trails for voting machines, securing wireless and Internet 
        connections, and other technical safeguards.
            (4) Detection of cyber threats, including attacks and 
        attempted attacks by Russian government or nongovernment cyber 
        threat actors.
            (5) Improvement in the identification and attribution of 
        Russian government or nongovernment cyber threat actors.
            (6) Deterrence, including actions and measures that could 
        or should be undertaken against or communicated to the 
        Government of Russia or other entities to deter attacks 
        against, or interference with, United States election systems 
        and processes.
            (7) Improvement in Federal Government communications with 
        State and local election officials.
            (8) Public education and communication efforts.
            (9) Benchmarks and milestones to enable the measurement of 
        concrete steps taken and progress made in the implementation of 
        the strategy.
    (c) Congressional Briefing.--
            (1) In general.--Not later than 90 days after the date of 
        the enactment of this Act, the Director of National 
        Intelligence and the Secretary of Homeland Security shall 
        jointly brief the appropriate congressional committees on the 
        strategy developed under subsection (a).
            (2) Appropriate congressional committees defined.--In this 
        subsection, the term ``appropriate congressional committees'' 
        means the following:
                    (A) The congressional intelligence committees.
                    (B) The Committee on Armed Services and the 
                Committee on Homeland Security and Governmental Affairs 
                of the Senate.
                    (C) The Committee on Armed Services and the 
                Committee on Homeland Security of the House of 
                Representatives.

SEC. 505. INFORMATION SHARING WITH STATE ELECTION OFFICIALS.

    (a) Security Clearances.--
            (1) In general.--Not later than 30 days after the date of 
        the enactment of this Act, the Director of National 
        Intelligence shall support the Under Secretary of Homeland 
        Security for Intelligence and Analysis, and any other official 
        of the Department of Homeland Security designated by the 
        Secretary of Homeland Security, in sponsoring a security 
        clearance up to the top secret level for each eligible chief 
        election official of a State or the District of Columbia, and 
        additional eligible designees of such election official as 
        appropriate, at the time that such election official assumes 
        such position.
            (2) Interim clearances.--Consistent with applicable 
        policies and directives, the Director of National Intelligence 
        may issue interim clearances, for a period to be determined by 
        the Director, to a chief election official as described in 
        paragraph (1) and up to 1 designee of such official under such 
        paragraph.
    (b) Information Sharing.--
            (1) In general.--The Director of National Intelligence 
        shall assist the Under Secretary of Homeland Security for 
        Intelligence and Analysis with sharing any appropriate 
        classified information related to threats to election systems 
        and to the integrity of the election process with chief 
        election officials and such designees who have received a 
        security clearance under subsection (a).
            (2) Coordination.--The Under Secretary of Homeland Security 
        for Intelligence and Analysis shall coordinate with the 
        Director of National Intelligence to facilitate the sharing of 
        information to the affected Secretaries of State or States.
    (c) State Defined.--In this section, the term ``State'' means any 
State of the United States, the District of Columbia, the Commonwealth 
of Puerto Rico, and any territory or possession of the United States.

SEC. 506. DESIGNATION OF COUNTERINTELLIGENCE OFFICER TO LEAD ELECTION 
              SECURITY MATTERS.

    (a) In General.--The Director of National Intelligence shall 
designate a national counterintelligence officer within the National 
Counterintelligence and Security Center to lead, manage, and coordinate 
counterintelligence matters relating to election security.
    (b) Additional Responsibilities.--The person designated under 
subsection (a) shall also lead, manage, and coordinate 
counterintelligence matters relating to risks posed by interference 
from foreign powers (as defined in section 101 of the Foreign 
Intelligence Surveillance Act of 1978 (50 U.S.C. 1801)) to the 
following:
            (1) The Federal Government election security supply chain.
            (2) Election voting systems and software.
            (3) Voter registration databases.
            (4) Critical infrastructure related to elections.
            (5) Such other Government goods and services as the 
        Director of National Intelligence considers appropriate.

                     TITLE VI--SECURITY CLEARANCES

SEC. 601. DEFINITIONS.

    In this title:
            (1) Appropriate congressional committees.--The term 
        ``appropriate congressional committees'' means--
                    (A) the congressional intelligence committees;
                    (B) the Committee on Armed Services of the Senate;
                    (C) the Committee on Appropriations of the Senate;
                    (D) the Committee on Homeland Security and 
                Governmental Affairs of the Senate;
                    (E) the Committee on Armed Services of the House of 
                Representatives;
                    (F) the Committee on Appropriations of the House of 
                Representatives;
                    (G) the Committee on Homeland Security of the House 
                of Representatives; and
                    (H) the Committee on Oversight and Government 
                Reform of the House of Representatives.
            (2) Council.--The term ``Council'' means the Security, 
        Suitability, and Credentialing Performance Accountability 
        Council established pursuant to Executive Order 13467 (73 Fed. 
        Reg. 38103; 50 U.S.C. 3161 note), or any successor entity.
            (3) Security executive agent.--The term ``Security 
        Executive Agent'' means the Director of National Intelligence 
        acting as the Security Executive Agent in accordance with 
        section 605.
            (4) Suitability and credentialing executive agent.--The 
        term ``Suitability and Credentialing Executive Agent'' means 
        the Director of the Office of Personnel Management acting as 
        the Suitability and Credentialing Executive Agent in accordance 
        with Executive Order 13467 (73 Fed. Reg. 38103; 50 U.S.C. 3161 
        note), or any successor entity.

SEC. 602. REPORTS AND PLANS RELATING TO SECURITY CLEARANCES AND 
              BACKGROUND INVESTIGATIONS.

    (a) Sense of Congress.--It is the sense of Congress that--
            (1) ensuring the trustworthiness and security of the 
        workforce, facilities, and information of the Federal 
        Government is of the highest priority to national security and 
        public safety;
            (2) the President and Congress should prioritize the 
        modernization of the personnel security framework to improve 
        its efficiency, effectiveness, and accountability;
            (3) the current system for security clearance, suitability 
        and fitness for employment, and credentialing lacks 
        efficiencies and capabilities to meet the current threat 
        environment, recruit and retain a trusted workforce, and 
        capitalize on modern technologies; and
            (4) changes to policies or processes to improve this system 
        should be vetted through the Council to ensure standardization, 
        portability, and reciprocity in security clearances across the 
        Federal Government.
    (b) Accountability Plans and Reports.--
            (1) Plans.--Not later than 90 days after the date of the 
        enactment of this Act, the Council shall submit to the 
        appropriate congressional committees the following:
                    (A) A plan to reduce the background investigation 
                inventory to 500,000 by the end of year 2018 and to 
                200,000 or an otherwise sustainable steady-level by the 
                end of year 2019. Such plan shall include notes of any 
                required changes in investigative and adjudicative 
                standards or resources.
                    (B) A plan to consolidate the conduct of background 
                investigations associated with the processing for 
                positions of trust in the most effective and efficient 
                manner between the National Background Investigation 
                Bureau and the Defense Security Service, or a successor 
                organization. Such plan shall address required funding, 
                personnel, contracts, information technology, field 
                office structure, policy, governance, schedule, 
                transition costs, and effects on stakeholders.
            (2) Report on the future of personnel security.--
                    (A) In general.--Not later than 180 days after the 
                date of the enactment of this Act, the Chairman of the 
                Council, in coordination with the members of the 
                Council, shall submit to the appropriate congressional 
                committees a report on the future of personnel security 
                to reflect changes in threats, the workforce, and 
                technology.
                    (B) Contents.--The report submitted under 
                subparagraph (A) shall include the following:
                            (i) A risk framework for granting and 
                        renewing access to classified information.
                            (ii) A discussion of the use of 
                        technologies to prevent, detect, and monitor 
                        threats.
                            (iii) A discussion of efforts to address 
                        reciprocity and portability.
                            (iv) A discussion of the characteristics of 
                        effective insider threat programs.
                            (v) An analysis of how to integrate data 
                        from continuous vetting, insider threat 
                        programs, and human resources data.
                            (vi) Recommendations on interagency 
                        governance.
            (3) Plan for implementation.--Not later than 180 days after 
        the date of the enactment of this Act, the Chairman of the 
        Council, in coordination with the members of the Council, shall 
        submit to the appropriate congressional committees a plan to 
        implement the report's framework and recommendations submitted 
        under paragraph (2)(A).
            (4) Congressional notifications.--Not less frequently than 
        monthly, the Security Executive Agent shall submit a report to 
        the appropriate congressional committees regarding the status 
        of the disposition of requests received from departments and 
        agencies of the Federal Government for a change to, or approval 
        under, the Federal investigative standards, the national 
        adjudicative guidelines, continuous evaluation, or other 
        national policy regarding personnel security.

SEC. 603. IMPROVING THE PROCESS FOR SECURITY CLEARANCES.

    (a) Reviews.--Not later than 180 days after the date of the 
enactment of this Act, the Security Executive Agent, in coordination 
with the members of the Council, shall submit to the appropriate 
congressional committees a report that includes the following:
            (1) A review of whether the information requested on the 
        Questionnaire for National Security Positions (Standard Form 
        86) and by the Federal Investigative Standards prescribed by 
        the Office of Personnel Management and the Office of the 
        Director of National Intelligence appropriately support the 
        adjudicative guidelines under Security Executive Agent 
        Directive 4 (known as the ``National Security Adjudicative 
        Guidelines''). Such review shall include identification of 
        whether any such information currently collected is unnecessary 
        to support the adjudicative guidelines.
            (2) An assessment of whether such Questionnaire, Standards, 
        and guidelines should be revised to account for the prospect of 
        a holder of a security clearance becoming an insider threat.
            (3) Recommendations to improve the background investigation 
        process by--
                    (A) simplifying the Questionnaire for National 
                Security Positions (Standard Form 86) and increasing 
                customer support to applicants completing such 
                Questionnaire;
                    (B) using remote techniques and centralized 
                locations to support or replace field investigation 
                work;
                    (C) using secure and reliable digitization of 
                information obtained during the clearance process;
                    (D) building the capacity of the background 
                investigation labor sector; and
                    (E) replacing periodic reinvestigations with 
                continuous evaluation techniques in all appropriate 
                circumstances.
    (b) Policy, Strategy, and Implementation.--Not later than 180 days 
after the date of the enactment of this Act, the Security Executive 
Agent shall, in coordination with the members of the Council, establish 
the following:
            (1) A policy and implementation plan for the issuance of 
        interim security clearances.
            (2) A policy and implementation plan to ensure contractors 
        are treated consistently in the security clearance process 
        across agencies and departments of the United States as 
        compared to employees of such agencies and departments. Such 
        policy shall address--
                    (A) prioritization of processing security 
                clearances based on the mission the contractors will be 
                performing;
                    (B) standardization of how requests for clearance 
                sponsorship are issued;
                    (C) digitization of background investigation-
                related forms;
                    (D) use of the polygraph;
                    (E) the application of the adjudicative guidelines 
                under Security Executive Agent Directive 4 (known as 
                the ``National Security Adjudicative Guidelines'');
                    (F) reciprocal recognition of clearances across 
                agencies and departments of the United States, 
                regardless of status of periodic reinvestigation;
                    (G) tracking of clearance files as individuals move 
                from employment with an agency or department of the 
                United States to employment in the private sector;
                    (H) collection of timelines for movement of 
                contractors across agencies and departments;
                    (I) reporting on security incidents and job 
                performance that affect the ability to hold a security 
                clearance;
                    (J) any recommended changes to the Federal 
                Acquisition Regulations (FAR) necessary to ensure that 
                information affecting contractor clearances or 
                suitability is appropriately and expeditiously shared 
                between and among agencies and contractors; and
                    (K) portability of contractor security clearances 
                between or among contracts at the same agency and 
                between or among contracts at different agencies that 
                require the same level of clearance.
            (3) A strategy and implementation plan that--
                    (A) provides for periodic reinvestigations as part 
                of a security clearance determination only on an as-
                needed, risk-based basis;
                    (B) includes actions to assess the extent to which 
                automated records checks and other continuous 
                evaluation methods may be used to expedite or focus 
                reinvestigations; and
                    (C) provides an exception for certain populations 
                if the Security Executive Agent--
                            (i) determines such populations require 
                        reinvestigations at regular intervals; and
                            (ii) provides written justification to the 
                        appropriate congressional committees for any 
                        such determination.
            (4) A policy and implementation plan for agencies and 
        departments of the United States, as a part of the security 
        clearance process, to accept automated records checks generated 
        pursuant to a security clearance applicant's employment with a 
        prior employer.
            (5) A policy for the use of certain background materials on 
        individuals collected by the private sector for background 
        investigation purposes.

SEC. 604. GOALS FOR PROMPTNESS OF DETERMINATIONS REGARDING SECURITY 
              CLEARANCES.

    (a) In General.--The Council shall take such actions as may be 
necessary to ensure that, by December 31, 2021, 90 percent of all 
determinations regarding--
            (1) security clearances--
                    (A) at the secret level are issued in 30 days or 
                fewer; and
                    (B) at the top secret level are issued in 90 days 
                or fewer; and
            (2) reciprocity of a security clearance at the same level 
        are recognized in 2 weeks or fewer.
    (b) Certain Reinvestigations.--The Council shall ensure that by 
December 31, 2021, reinvestigation on a set periodicity is not be 
required for more than 10 percent of the population that holds a 
security clearance.
    (c) Plan.--Not later than 180 days after the date of the enactment 
of this Act, the Council shall submit a plan to carry out this section 
to the appropriate congressional committees. Such plan shall include 
recommended interim milestones for the goals set forth in subsections 
(a) and (b) for 2019, 2020, and 2021.
    (d) Reciprocity Defined.--In this section, the term ``reciprocity'' 
means reciprocal recognition by Federal departments and agencies of 
eligibility for access to classified information.

SEC. 605. SECURITY EXECUTIVE AGENT.

    (a) In General.--The Director of National Intelligence shall serve 
as the Security Executive Agent for all departments and agencies of the 
United States.
    (b) Duties.--The duties of the Security Executive Agent are as 
follows:
            (1) To direct the oversight of investigations, 
        reinvestigations, adjudications, and, as applicable, polygraphs 
        for eligibility for access to classified information or 
        eligibility to hold a sensitive position made by any Federal 
        agency.
            (2) To review the national security background 
        investigation and adjudication programs of Federal agencies to 
        determine whether such programs are being implemented in 
        accordance with this section.
            (3) To develop and issue uniform and consistent policies 
        and procedures to ensure the effective, efficient, timely, and 
        secure completion of investigations, polygraphs, and 
        adjudications relating to determinations of eligibility for 
        access to classified information or eligibility to hold a 
        sensitive position.
            (4) Unless otherwise designated by law, to serve as the 
        final authority to designate a Federal agency or agencies to 
        conduct investigations of persons who are proposed for access 
        to classified information or for eligibility to hold a 
        sensitive position to ascertain whether such persons satisfy 
        the criteria for obtaining and retaining access to classified 
        information or eligibility to hold a sensitive position, as 
        applicable.
            (5) Unless otherwise designated by law, to serve as the 
        final authority to designate a Federal agency or agencies to 
        determine eligibility for access to classified information or 
        eligibility to hold a sensitive position in accordance with 
        Executive Order 12968 of August 2, 1995, as amended.
            (6) To ensure reciprocal recognition of eligibility for 
        access to classified information or eligibility to hold a 
        sensitive position among Federal agencies, including acting as 
        the final authority to arbitrate and resolve disputes among 
        such agencies involving the reciprocity of investigations and 
        adjudications of eligibility.
            (7) To execute all other duties assigned to the Security 
        Executive Agent by law.
    (c) Authorities.--The Security Executive Agent shall--
            (1) issue guidelines and instructions to the heads of 
        Federal agencies to ensure appropriate uniformity, 
        centralization, efficiency, effectiveness, timeliness, and 
        security in processes relating to determinations by such 
        agencies of eligibility for access to classified information or 
        eligibility to hold a sensitive position, including such 
        matters as investigations, polygraphs, adjudications, and 
        reciprocity;
            (2) have the authority to grant exceptions to, or waivers 
        of, national security investigative requirements, including 
        issuing implementing or clarifying guidance, as necessary;
            (3) have the authority to assign, in whole or in part, to 
        the head of any Federal agency (solely or jointly) any of the 
        duties of the Security Executive Agent described in subsection 
        (b) or the authorities described in paragraphs (1) and (2), 
        provided that the exercise of such assigned duties or 
        authorities is subject to the oversight of the Security 
        Executive Agent, including such terms and conditions (including 
        approval by the Security Executive Agent) as the Security 
        Executive Agent determines appropriate; and
            (4) define and set standards for continuous evaluation for 
        continued access to classified information and for eligibility 
        to hold a sensitive position.

SEC. 606. REPORT ON UNIFIED, SIMPLIFIED, GOVERNMENTWIDE STANDARDS FOR 
              POSITIONS OF TRUST AND SECURITY CLEARANCES.

    Not later than 90 days after the date of the enactment of this Act, 
the Security Executive Agent and the Suitability and Credentialing 
Executive Agent, in coordination with the other members of the Council, 
shall jointly issue a report regarding the advisability and the risks, 
benefits, and costs to the Government and to industry of consolidating 
to not more than 3 tiers for positions of trust and security 
clearances.

SEC. 607. REPORT ON CLEARANCE IN PERSON CONCEPT.

    (a) Sense of Congress.--It is the sense of Congress that to reflect 
the greater mobility of the modern workforce, alternative methodologies 
merit analysis to allow greater flexibility for individuals moving in 
and out of positions that require access to classified information, 
while still preserving security.
    (b) Report Required.--Not later than 90 days after the date of the 
enactment of this Act, the Security Executive Agent shall submit a 
report to the appropriate congressional committees that describes the 
requirements, feasibility, and advisability of implementing a clearance 
in person concept described in subsection (c) for maintaining access to 
classified information.
    (c) Clearance in Person Concept.--The clearance in person concept--
            (1) permits an individual to maintain his or her 
        eligibility for access to classified information, networks, and 
        facilities for up to 3 years after the individual's access to 
        classified information would otherwise lapse; and
            (2) unless otherwise directed by the Security Executive 
        Agent, recognizes an individual's security clearance and 
        background investigation as current, regardless of employment 
        status.
    (d) Contents.--The report required under subsection (b) shall 
address--
            (1) requirements for an individual to voluntarily remain in 
        a continuous evaluation program validated by the Security 
        Executive Agent even if the individual is not in a position 
        requiring access to classified information;
            (2) appropriate safeguards for privacy;
            (3) advantages to government and industry;
            (4) the costs and savings associated with implementation;
            (5) the risks of such implementation, including security 
        and counterintelligence risks;
            (6) an appropriate funding model; and
            (7) fairness to small companies and independent 
        contractors.

SEC. 608. BUDGET REQUEST DOCUMENTATION ON FUNDING FOR CLEARANCES.

    (a) In General.--As part of the fiscal year 2020 budget request 
submitted to Congress pursuant to section 1105(a) of title 31, United 
States Code, the President shall include exhibits that identify the 
resources allocated by each agency to processing security clearances, 
disaggregated by type of security clearance.
    (b) Contents.--Each exhibit submitted under subsection (a) shall 
include, with respect to security clearances, details on the costs of--
            (1) background investigations and reinvestigations;
            (2) additional screening mechanisms, such as polygraphs, 
        medical exams, and psychological exams;
            (3) adjudications;
            (4) other means of continuous vetting, such as continuous 
        evaluation and user activity monitoring; and
            (5) the average per person cost for each type of security 
        clearance.

SEC. 609. REPORTS ON RECIPROCITY FOR SECURITY CLEARANCES INSIDE OF 
              DEPARTMENTS AND AGENCIES.

    (a) Reports to Security Executive Agent.--The head of each Federal 
department or agency shall submit an annual report to the Security 
Executive Agent that--
            (1) identifies the number of individuals whose security 
        clearances take more than 2 weeks to be reciprocally recognized 
        after such individuals move to another part of such department 
        or agency; and
            (2) breaks out the information described in paragraph (1) 
        by type of clearance and the reasons for any delays.
    (b) Annual Report.--Not less frequently than once each year, the 
Security Executive Agent shall submit to the appropriate congressional 
committees an annual report that summarizes the information received 
pursuant to subsection (a) during the period covered by such report.
    (c) Reciprocally Recognized Defined.--In this section, the term 
``reciprocally recognized'' means reciprocal recognition by Federal 
departments and agencies of eligibility for access to classified 
information.

SEC. 610. INTELLIGENCE COMMUNITY REPORTS ON SECURITY CLEARANCES.

    Section 506H of the National Security Act of 1947 (50 U.S.C. 3104) 
is amended--
            (1) in subsection (a)(1)--
                    (A) in subparagraph (A)(ii), by adding ``and'' at 
                the end;
                    (B) in subparagraph (B)(ii), by striking ``; and'' 
                and inserting a period; and
                    (C) by striking subparagraph (C);
            (2) by redesignating subsection (b) as subsection (c);
            (3) by inserting after subsection (a) the following:
    ``(b) Intelligence Community Reports.--(1) Not later than March 1 
of each year, the Director of National Intelligence shall submit a 
report to the congressional intelligence committees, the Committee on 
Homeland Security and Governmental Affairs of the Senate, and the 
Committee on Homeland Security of the House of Representatives 
regarding the security clearances processed by each element of the 
intelligence community during the preceding fiscal year. Each report 
submitted under this paragraph shall separately identify security 
clearances processed for Federal employees and contractor employees 
sponsored by each such element.
    ``(2) Each report submitted under paragraph (1) shall include, for 
each element of the intelligence community for the fiscal year covered 
by the report, the following:
            ``(A) The total number of initial security clearance 
        background investigations sponsored for new applicants.
            ``(B) The total number of security clearance periodic 
        reinvestigations sponsored for existing employees.
            ``(C) The total number of initial security clearance 
        background investigations for new applicants that were 
        adjudicated with notice of a determination provided to the 
        prospective applicant, including--
                    ``(i) the total number of such adjudications that 
                were adjudicated favorably and granted access to 
                classified information; and
                    ``(ii) the total number of such adjudications that 
                were adjudicated unfavorably and resulted in a denial 
                or revocation of a security clearance.
            ``(D) The total number of security clearance periodic 
        background investigations that were adjudicated with notice of 
        a determination provided to the existing employee, including--
                    ``(i) the total number of such adjudications that 
                were adjudicated favorably; and
                    ``(ii) the total number of such adjudications that 
                were adjudicated unfavorably and resulted in a denial 
                or revocation of a security clearance.
            ``(E) The total number of pending security clearance 
        background investigations, including initial applicant 
        investigations and periodic reinvestigations, that were not 
        adjudicated as of the last day of such year and that remained 
        pending, categorized as follows:
                    ``(i) For 180 days or shorter.
                    ``(ii) For longer than 180 days, but shorter than 
                12 months.
                    ``(iii) For 12 months or longer, but shorter than 
                18 months.
                    ``(iv) For 18 months or longer, but shorter than 24 
                months.
                    ``(v) For 24 months or longer.
            ``(F) For any security clearance determinations completed 
        or pending during the year preceding the year for which the 
        report is submitted that have taken longer than 12 months to 
        complete--
                    ``(i) an explanation of the causes for the delays 
                incurred during the period covered by the report; and
                    ``(ii) the number of such delays involving a 
                polygraph requirement.
            ``(G) The percentage of security clearance investigations, 
        including initial and periodic reinvestigations, that resulted 
        in a denial or revocation of a security clearance.
            ``(H) The percentage of security clearance investigations 
        that resulted in incomplete information.
            ``(I) The percentage of security clearance investigations 
        that did not result in enough information to make a decision on 
        potentially adverse information.
    ``(3) The report required under this subsection shall be submitted 
in unclassified form, but may include a classified annex.''; and
            (4) in subsection (c), as redesignated, by striking 
        ``subsection (a)(1)'' and inserting ``subsections (a)(1) and 
        (b)''.

SEC. 611. PERIODIC REPORT ON POSITIONS IN THE INTELLIGENCE COMMUNITY 
              WHICH CAN BE CONDUCTED WITHOUT ACCESS TO CLASSIFIED 
              INFORMATION, NETWORKS, OR FACILITIES.

    Not later than 180 days after the date of the enactment of this Act 
and not less frequently than once every 5 years thereafter, the 
Director of National Intelligence shall submit to the congressional 
intelligence committees a report that reviews the intelligence 
community for which positions can be conducted without access to 
classified information, networks, or facilities, or may only require a 
security clearance at the secret level.

SEC. 612. INFORMATION SHARING PROGRAM FOR POSITIONS OF TRUST.

    (a) Agency Defined.--In this section, the term ``agency'' has the 
meaning given the term ``Executive agency'' in section 105 of title 5, 
United Stats Code.
    (b) Program Required.--Not later than 90 days after the date of the 
enactment of this Act, the Security Executive Agent shall establish a 
program to share between and among agencies and industry partners of 
the Federal Government information regarding individuals applying for 
and in positions of trust, including derogatory and suitability 
information.
    (c) Goal.--The goal of the program required by subsection (b) shall 
be to alert agencies and industry partners as to individuals who may 
require further vetting or should be subject to certain insider threat 
programs regarding granted access, or continued access, to classified 
information, especially when such individuals change agencies, 
employers, or contracts.
    (d) Privacy Safeguards.--The Security Executive Agent shall ensure 
that the program required by subsection (b) includes such safeguards 
for privacy as the Security Executive Agent considers appropriate.
    (e) Provision of Information to the Private Sector.--The Security 
Executive Agent shall ensure that under the program required by 
subsection (b)--
            (1) sufficient information is provided to the private 
        sector so that employers in the private sector can make 
        informed decisions about hiring and retention in positions of 
        trust; and
            (2) agencies and private sector entities that receive 
        information under the program have the capabilities in place to 
        safeguard personnel privacy in compliance with applicable law 
        and policy.
    (f) Implementation Plan.--
            (1) In general.--Not later than 90 days after the date of 
        the enactment of this Act, the Security Executive Agent shall 
        submit a plan to the appropriate congressional committees for 
        the implementation of the program required under subsection 
        (b).
            (2) Contents.--The plan required under paragraph (1) shall 
        include--
                    (A) matters that address privacy, security, and 
                human resources processes; and
                    (B) any recommendations of the Security Executive 
                Agent for legislative or administrative action to carry 
                out or improve the program.

SEC. 613. REPORT ON PROTECTIONS FOR CONFIDENTIALITY OF WHISTLEBLOWER-
              RELATED COMMUNICATIONS.

    Not later than 180 days after the date of the enactment of this 
Act, the Security Executive Agent shall, in coordination with the 
Inspector General of the Intelligence Community, submit to the 
appropriate congressional committees a report detailing the controls 
employed by the intelligence community to ensure that continuous 
evaluation programs, including those involving user activity 
monitoring, protect the confidentiality of whistleblower-related 
communications.

                  TITLE VII--REPORTS AND OTHER MATTERS

    Subtitle A--Matters Relating to Russia and Other Foreign Powers

SEC. 701. LIMITATION RELATING TO ESTABLISHMENT OR SUPPORT OF 
              CYBERSECURITY UNIT WITH THE GOVERNMENT OF RUSSIA.

    (a) Appropriate Congressional Committees.--The term ``appropriate 
congressional committees'' means--
            (1) the congressional intelligence committees; and
            (2) the Committee on Armed Services of the Senate and the 
        Committee on Armed Services of the House of Representatives.
    (b) Limitation.--
            (1) In general.--No amount may be expended by the Federal 
        Government, other than the Department of Defense, to enter into 
        or implement any bilateral agreement between the United States 
        and the Russian Federation regarding cybersecurity, including 
        the establishment or support of any cybersecurity unit, unless, 
        at least 30 days prior to the conclusion of any such agreement, 
        the Director of National Intelligence submits to the 
        appropriate congressional committees a report on such agreement 
        that includes the elements required by subsection (c).
            (2) Department of defense agreements.--Any agreement 
        between the Department of Defense and the Russian Federation 
        regarding cybersecurity shall be conducted in accordance with 
        section 1232 of the National Defense Authorization Act for 
        Fiscal Year 2017 (Public Law 114-328), as amended by section 
        1231 of the National Defense Authorization Act for Fiscal Year 
        2018 (Public Law 115-91).
    (c) Elements.--If the Director submits a report under subsection 
(a) with respect to an agreement, such report shall include a 
description of each of the following:
            (1) The purpose of the agreement.
            (2) The nature of any intelligence to be shared pursuant to 
        the agreement.
            (3) The expected value to national security resulting from 
        the implementation of the agreement.
            (4) Such counterintelligence concerns associated with the 
        agreement as the Director may have and such measures as the 
        Director expects to be taken to mitigate such concerns.
    (d) Rule of Construction.--This section shall not be construed to 
affect any existing authority of the Director of National Intelligence, 
the Director of the Central Intelligence Agency, or any other head of 
an element of the intelligence community, to share or receive foreign 
intelligence on a case-by-case basis.

SEC. 702. REPORT ON RETURNING RUSSIAN COMPOUNDS.

    (a) Covered Compounds Defined.--In this section, the term ``covered 
compounds'' means the real property in New York, the real property in 
Maryland, and the real property in San Francisco, California, that were 
under the control of the Government of Russia in 2016 and were removed 
from such control in response to various transgressions by the 
Government of Russia, including the interference by the Government of 
Russia in the 2016 election in the United States.
    (b) Requirement for Report.--Not later than 180 days after the date 
of the enactment of this Act, the Director of National Intelligence 
shall submit to the congressional intelligence committees a report on 
the intelligence risks of returning the covered compounds to Russian 
control.
    (c) Form of Report.--The report required by this section shall be 
submitted in classified and unclassified forms.

SEC. 703. ASSESSMENT OF THREAT FINANCE RELATING TO RUSSIA.

    (a) Threat Finance Defined.--In this section, the term ``threat 
finance'' means--
            (1) the financing of cyber operations, global influence 
        campaigns, intelligence service activities, proliferation, 
        terrorism, or transnational crime and drug organizations;
            (2) the methods and entities used to spend, store, move, 
        raise, conceal, or launder money or value, on behalf of threat 
        actors;
            (3) sanctions evasion; and
            (4) other forms of threat finance activity domestically or 
        internationally, as defined by the President.
    (b) Report Required.--Not later than 60 days after the date of the 
enactment of this Act, the Director of National Intelligence, in 
coordination with the Assistant Secretary of the Treasury for 
Intelligence and Analysis, shall submit to the congressional 
intelligence committees a report containing an assessment of Russian 
threat finance. The assessment shall be based on intelligence from all 
sources, including from the Office of Terrorism and Financial 
Intelligence of the Department of the Treasury.
    (c) Elements.--The report required by subsection (b) shall include 
each of the following:
            (1) A summary of leading examples from the 3-year period 
        preceding the date of the submittal of the report of threat 
        finance activities conducted by, for the benefit of, or at the 
        behest of--
                    (A) officials of the Government of Russia;
                    (B) persons subject to sanctions under any 
                provision of law imposing sanctions with respect to 
                Russia;
                    (C) Russian nationals subject to sanctions under 
                any other provision of law; or
                    (D) Russian oligarchs or individuals involved in 
                organized crime.
            (2) An assessment with respect to any trends or patterns in 
        threat finance activities relating to Russia, including common 
        methods of conducting such activities and global nodes of money 
        laundering used by Russian threat actors described in paragraph 
        (1) and associated entities.
            (3) An assessment of any connections between Russian 
        individuals involved in money laundering and the Government of 
        Russia.
            (4) A summary of engagement and coordination with 
        international partners on threat finance relating to Russia, 
        especially in Europe, including examples of such engagement and 
        coordination.
            (5) An identification of any resource and collection gaps.
            (6) An identification of--
                    (A) entry points of money laundering by Russian and 
                associated entities into the United States;
                    (B) any vulnerabilities within the United States 
                legal and financial system, including specific sectors, 
                which have been or could be exploited in connection 
                with Russian threat finance activities; and
                    (C) the counterintelligence threat posed by Russian 
                money laundering and other forms of threat finance, as 
                well as the threat to the United States financial 
                system and United States efforts to enforce sanctions 
                and combat organized crime.
            (7) Any other matters the Director determines appropriate.
    (d) Form of Report.--The report required under subsection (b) may 
be submitted in classified form.

SEC. 704. NOTIFICATION OF AN ACTIVE MEASURES CAMPAIGN.

    (a) Definitions.--In this section:
            (1) Appropriate congressional committees.--The term 
        ``appropriate congressional committees'' means--
                    (A) the congressional intelligence committees; and
                    (B) the Committee on Armed Services of the Senate 
                and the Committee on Armed Services of the House of 
                Representatives.
            (2) Congressional leadership.--The term ``congressional 
        leadership'' includes the following:
                    (A) The majority leader of the Senate.
                    (B) The minority leader of the Senate.
                    (C) The Speaker of the House of Representatives.
                    (D) The minority leader of the House of 
                Representatives.
    (b) Requirement for Notification.--The Director of National 
Intelligence, in cooperation with the Director of the Federal Bureau of 
Investigation and the head of any other relevant agency, shall notify 
the congressional leadership and the Chairman and Vice Chairman or 
Ranking Member of each of the appropriate congressional committees, and 
of other relevant committees of jurisdiction, each time the Director of 
National Intelligence determines there is credible information that a 
foreign power has, is, or will attempt to employ a covert influence or 
active measures campaign with regard to the modernization, employment, 
doctrine, or force posture of the nuclear deterrent or missile defense.
    (c) Content of Notification.--Each notification required by 
subsection (a) shall include information concerning actions taken by 
the United States to expose or halt an attempt referred to in 
subsection (a).

SEC. 705. NOTIFICATION OF TRAVEL BY ACCREDITED DIPLOMATIC AND CONSULAR 
              PERSONNEL OF THE RUSSIAN FEDERATION IN THE UNITED STATES.

    In carrying out the advance notification requirements set out in 
section 502 of the Intelligence Authorization Act for Fiscal Year 2017 
(division N of Public Law 115-31; 131 Stat. 825; 22 U.S.C. 254a note), 
the Secretary of State shall--
            (1) ensure that the Russian Federation provides 
        notification to the Secretary of State at least 2 business days 
        in advance of all travel that is subject to such requirements 
        by accredited diplomatic and consular personnel of the Russian 
        Federation in the United States, and take necessary action to 
        secure full compliance by Russian personnel and address any 
        noncompliance; and
            (2) provide notice of travel described in paragraph (1) to 
        the Director of National Intelligence and the Director of the 
        Federal Bureau of Investigation within 1 hour of receiving 
        notice of such travel.

                          Subtitle B--Reports

SEC. 711. TECHNICAL CORRECTION TO INSPECTOR GENERAL STUDY.

    Section 11001(d) of title 5, United States Code, is amended--
            (1) in the subsection heading, by striking ``Audit'' and 
        inserting ``Review'';
            (2) in paragraph (1), by striking ``audit'' and inserting 
        ``review''; and
            (3) in paragraph (2), by striking ``audit'' and inserting 
        ``review''.

SEC. 712. REPORTS ON AUTHORITIES OF THE CHIEF INTELLIGENCE OFFICER OF 
              THE DEPARTMENT OF HOMELAND SECURITY.

    (a) Homeland Security Intelligence Enterprise Defined.--In this 
section, the term ``Homeland Security Intelligence Enterprise'' has the 
meaning given such term in Department of Homeland Security Instruction 
Number 264-01-001, or successor authority.
    (b) Requirement for Report.--Not later than 120 days after the date 
of the enactment of this Act, the Secretary of Homeland Security, in 
consultation with the Under Secretary of Homeland Security for 
Intelligence and Analysis, shall submit to the congressional 
intelligence committees, the Committee on Homeland Security and 
Governmental Affairs of the Senate, and the Committee on Homeland 
Security of the House of Representatives a report on the authorities of 
the Under Secretary.
    (c) Elements.--The report required by subsection (b) shall include 
each of the following:
            (1) An analysis of whether the Under Secretary has the 
        legal and policy authority necessary to organize and lead the 
        Homeland Security Intelligence Enterprise, with respect to 
        intelligence, and, if not, a description of--
                    (A) the obstacles to exercising the authorities of 
                the Chief Intelligence Officer of the Department and 
                the Homeland Security Intelligence Council, of which 
                the Chief Intelligence Officer is the chair; and
                    (B) the legal and policy changes necessary to 
                effectively coordinate, organize, and lead intelligence 
                activities of the Department of Homeland Security.
            (2) A description of the actions that the Secretary has 
        taken to address the inability of the Under Secretary to 
        require components of the Department, other than the Office of 
        Intelligence and Analysis of the Department to--
                    (A) coordinate intelligence programs; and
                    (B) integrate and standardize intelligence products 
                produced by such other components.

SEC. 713. REPORT ON CYBER EXCHANGE PROGRAM.

    (a) Report.--Not later than 90 days after the date of the enactment 
of this Act, the Director of National Intelligence shall submit to the 
congressional intelligence committees a report on the potential 
establishment of a fully voluntary exchange program between elements of 
the intelligence community and private technology companies under 
which--
            (1) an employee of an element of the intelligence community 
        with demonstrated expertise and work experience in 
        cybersecurity or related disciplines may elect to be 
        temporarily detailed to a private technology company that has 
        elected to receive the detailee; and
            (2) an employee of a private technology company with 
        demonstrated expertise and work experience in cybersecurity or 
        related disciplines may elect to be temporarily detailed to an 
        element of the intelligence community that has elected to 
        receive the detailee.
    (b) Elements.--The report under subsection (a) shall include the 
following:
            (1) An assessment of the feasibility of establishing the 
        exchange program described in such subsection.
            (2) Identification of any challenges in establishing the 
        exchange program.
            (3) An evaluation of the benefits to the intelligence 
        community that would result from the exchange program.

SEC. 714. REPORT ON ROLE OF DIRECTOR OF NATIONAL INTELLIGENCE WITH 
              RESPECT TO CERTAIN FOREIGN INVESTMENTS.

    (a) Report.--Not later than 180 days after the date of the 
enactment of this Act, the Director of National Intelligence, in 
consultation with the heads of the elements of the intelligence 
community determined appropriate by the Director, shall submit to the 
congressional intelligence committees a report on the role of the 
Director in preparing analytic materials in connection with the 
evaluation by the Federal Government of national security risks 
associated with potential foreign investments into the United States.
    (b) Elements.--The report under subsection (a) shall include--
            (1) a description of the current process for the provision 
        of the analytic materials described in subsection (a);
            (2) identification of the most significant benefits and 
        drawbacks of such process with respect to the role of the 
        Director, including any benefits or drawbacks relating to the 
        time allotted to the Director to prepare such materials; and
            (3) recommendations to improve such process.

SEC. 715. REPORT ON SURVEILLANCE BY FOREIGN GOVERNMENTS AGAINST UNITED 
              STATES TELECOMMUNICATIONS NETWORKS.

    (a) Appropriate Congressional Committees Defined.--In this section, 
the term ``appropriate congressional committees'' means the following:
            (1) The congressional intelligence committees.
            (2) The Committee on the Judiciary and the Committee on 
        Homeland Security and Governmental Affairs of the Senate.
            (3) The Committee on the Judiciary and the Committee on 
        Homeland Security of the House of Representatives.
    (b) Report.--Not later than 180 days after the date of the 
enactment of this Act, the Director of National Intelligence shall, in 
coordination with the Director of the Central Intelligence Agency, the 
Director of the National Security Agency, the Director of the Federal 
Bureau of Investigation, and the Secretary of Homeland Security, submit 
to the appropriate congressional committees a report describing--
            (1) any attempts known to the intelligence community by 
        foreign governments to exploit cybersecurity vulnerabilities in 
        United States telecommunications networks (including Signaling 
        System No. 7) to target for surveillance of United States 
        persons, including employees of the Federal Government; and
            (2) any actions, as of the date of the enactment of this 
        Act, taken by the intelligence community to protect agencies 
        and personnel of the United States Government from surveillance 
        conducted by foreign governments.

SEC. 716. BIENNIAL REPORT ON FOREIGN INVESTMENT RISKS.

    (a) Intelligence Community Interagency Working Group.--
            (1) Requirement to establish.--The Director of National 
        Intelligence shall establish an intelligence community 
        interagency working group to prepare the biennial reports 
        required by subsection (b).
            (2) Chairperson.--The Director of National Intelligence 
        shall serve as the chairperson of such interagency working 
        group.
            (3) Membership.--Such interagency working group shall be 
        composed of representatives of each element of the intelligence 
        community that the Director of National Intelligence determines 
        appropriate.
    (b) Biennial Report on Foreign Investment Risks.--
            (1) Report required.--Not later than 180 days after the 
        date of the enactment of this Act, and biennially thereafter, 
        the Director of National Intelligence shall submit to the 
        congressional intelligence committees, the Committee on 
        Homeland Security and Governmental Affairs of the Senate, and 
        the Committee on Homeland Security of the House of 
        Representatives a report on foreign investment risks prepared 
        by the interagency working group established under subsection 
        (a).
            (2) Elements.--Each report required by paragraph (1) shall 
        include an identification, analysis, and explanation of the 
        following:
                    (A) Any current or projected major threats to the 
                national security of the United States with respect to 
                foreign investment.
                    (B) Any strategy used by a foreign country that 
                such interagency working group has identified to be a 
                country of special concern to use foreign investment to 
                target the acquisition of critical technologies, 
                critical materials, or critical infrastructure.
                    (C) Any economic espionage efforts directed at the 
                United States by a foreign country, particularly such a 
                country of special concern.

SEC. 717. MODIFICATION OF CERTAIN REPORTING REQUIREMENT ON TRAVEL OF 
              FOREIGN DIPLOMATS.

    Section 502(d)(2) of the Intelligence Authorization Act for Fiscal 
Year 2017 (Public Law 115-31; 22 U.S.C. 254a note) is amended by 
striking ``the number'' and inserting ``a best estimate''.

SEC. 718. SEMIANNUAL REPORTS ON INVESTIGATIONS OF UNAUTHORIZED 
              DISCLOSURES OF CLASSIFIED INFORMATION.

    (a) In General.--Title XI of the National Security Act of 1947 (50 
U.S.C. 3231 et seq.) is amended by adding at the end the following new 
section:

``SEC. 1105. SEMIANNUAL REPORTS ON INVESTIGATIONS OF UNAUTHORIZED 
              DISCLOSURES OF CLASSIFIED INFORMATION.

    ``(a) Definitions.--In this section:
            ``(1) Covered official.--The term `covered official' 
        means--
                    ``(A) the heads of each element of the intelligence 
                community; and
                    ``(B) the inspectors general with oversight 
                responsibility for an element of the intelligence 
                community.
            ``(2) Investigation.--The term `investigation' means any 
        inquiry, whether formal or informal, into the existence of an 
        unauthorized public disclosure of classified information.
            ``(3) Unauthorized disclosure of classified information.--
        The term `unauthorized disclosure of classified information' 
        means any unauthorized disclosure of classified information to 
        any recipient.
            ``(4) Unauthorized public disclosure of classified 
        information.--The term `unauthorized public disclosure of 
        classified information' means the unauthorized disclosure of 
        classified information to a journalist or media organization.
    ``(b) Intelligence Community Reporting.--
            ``(1) In general.--Not less frequently than once every 6 
        months, each covered official shall submit to the congressional 
        intelligence committees a report on investigations of 
        unauthorized public disclosures of classified information.
            ``(2) Elements.--Each report submitted under paragraph (1) 
        shall include, with respect to the preceding 6-month period, 
        the following:
                    ``(A) The number of investigations opened by the 
                covered official regarding an unauthorized public 
                disclosure of classified information.
                    ``(B) The number of investigations completed by the 
                covered official regarding an unauthorized public 
                disclosure of classified information.
                    ``(C) Of the number of such completed 
                investigations identified under subparagraph (B), the 
                number referred to the Attorney General for criminal 
                investigation.
    ``(c) Department of Justice Reporting.--
            ``(1) In general.--Not less frequently than once every 6 
        months, the Assistant Attorney General for National Security of 
        the Department of Justice, in consultation with the Director of 
        the Federal Bureau of Investigation, shall submit to the 
        congressional intelligence committees, the Committee on the 
        Judiciary of the Senate, and the Committee on the Judiciary of 
        the House of Representatives a report on the status of each 
        referral made to the Department of Justice from any element of 
        the intelligence community regarding an unauthorized disclosure 
        of classified information made during the most recent 365-day 
        period or any referral that has not yet been closed, regardless 
        of the date the referral was made.
            ``(2) Contents.--Each report submitted under paragraph (1) 
        shall include, for each referral covered by the report, at a 
        minimum, the following:
                    ``(A) The date the referral was received.
                    ``(B) A statement indicating whether the alleged 
                unauthorized disclosure described in the referral was 
                substantiated by the Department of Justice.
                    ``(C) A statement indicating the highest level of 
                classification of the information that was revealed in 
                the unauthorized disclosure.
                    ``(D) A statement indicating whether an open 
                criminal investigation related to the referral is 
                active.
                    ``(E) A statement indicating whether any criminal 
                charges have been filed related to the referral.
                    ``(F) A statement indicating whether the Department 
                of Justice has been able to attribute the unauthorized 
                disclosure to a particular entity or individual.
    ``(d) Form of Reports.--Each report submitted under this section 
shall be submitted in unclassified form, but may have a classified 
annex.''.
    (b) Clerical Amendment.--The table of contents in the first section 
of the National Security Act of 1947 is amended by inserting after the 
item relating to section 1104 the following new item:

``Sec. 1105. Semiannual reports on investigations of unauthorized 
                            disclosures of classified information.''.

SEC. 719. CONGRESSIONAL NOTIFICATION OF DESIGNATION OF COVERED 
              INTELLIGENCE OFFICER AS PERSONA NON GRATA.

    (a) Intelligence Officer Defined.--In this section, the term 
``covered intelligence officer'' means--
            (1) a United States intelligence officer serving in a post 
        in a foreign country; or
            (2) a known or suspected foreign intelligence officer 
        serving in a United States post.
    (b) Requirement for Reports.--Not later than 72 hours after a 
covered intelligence officer is designated as a persona non grata, the 
Director of National Intelligence, in consultation with the Secretary 
of State, shall submit to the congressional intelligence committees a 
notification of that designation. Each such notification shall 
include--
            (1) the date of the designation;
            (2) the basis for the designation; and
            (3) a justification for the expulsion.

SEC. 720. INSPECTORS GENERAL REPORTS ON CLASSIFICATION.

    (a) Reports.--Not later than October 1, 2019, each Inspector 
General listed in subsection (b) shall submit to the congressional 
intelligence committees a report that includes, with respect to the 
department or agency of the Inspector General, analyses of the 
following:
            (1) The accuracy of the application of classification and 
        handling markers on a representative sample of finished 
        reports, including such reports that are compartmented.
            (2) Compliance with declassification procedures.
            (3) The effectiveness of processes for identifying topics 
        of public or historical importance that merit prioritization 
        for a declassification review.
    (b) Inspectors General.--The Inspectors General listed in this 
subsection are as follows:
            (1) The Inspector General of the Intelligence Community.
            (2) The Inspector General of the Central Intelligence 
        Agency.
            (3) The Inspector General of the National Security Agency.
            (4) The Inspector General of the Defense Intelligence 
        Agency.
            (5) The Inspector General of the National Reconnaissance 
        Office.
            (6) The Inspector General of the National Geospatial-
        Intelligence Agency.

SEC. 721. REPORTS ON INTELLIGENCE COMMUNITY PARTICIPATION IN 
              VULNERABILITIES EQUITIES PROCESS OF FEDERAL GOVERNMENT.

    (a) Definitions.--In this section:
            (1) Vulnerabilities equities policy and process document.--
        The term ``Vulnerabilities Equities Policy and Process 
        document'' means the executive branch document entitled 
        ``Vulnerabilities Equities Policy and Process'' dated November 
        15, 2017.
            (2) Vulnerabilities equities process.--The term 
        ``Vulnerabilities Equities Process'' means the interagency 
        review of vulnerabilities, pursuant to the Vulnerabilities 
        Equities Policy and Process document or any successor document.
            (3) Vulnerability.--The term ``vulnerability'' means a 
        weakness in an information system or its components (for 
        example, system security procedures, hardware design, and 
        internal controls) that could be exploited or could affect 
        confidentiality, integrity, or availability of information.
    (b) Reports on Process and Criteria Under Vulnerabilities Equities 
Policy and Process.--
            (1) In general.--Not later than 90 days after the date of 
        the enactment of this Act, the Director of National 
        Intelligence shall submit to the congressional intelligence 
        committees a written report describing--
                    (A) with respect to each element of the 
                intelligence community--
                            (i) the title of the official or officials 
                        responsible for determining whether, pursuant 
                        to criteria contained in the Vulnerabilities 
                        Equities Policy and Process document or any 
                        successor document, a vulnerability must be 
                        submitted for review under the Vulnerabilities 
                        Equities Process; and
                            (ii) the process used by such element to 
                        make such determination; and
                    (B) the roles or responsibilities of that element 
                during a review of a vulnerability submitted to the 
                Vulnerabilities Equities Process.
            (2) Changes to process or criteria.--Not later than 30 days 
        after any significant change is made to the process and 
        criteria used by any element of the intelligence community for 
        determining whether to submit a vulnerability for review under 
        the Vulnerabilities Equities Process, such element shall submit 
        to the congressional intelligence committees a report 
        describing such change.
            (3) Form of reports.--Each report submitted under this 
        subsection shall be submitted in unclassified form, but may 
        include a classified annex.
    (c) Annual Reports.--
            (1) In general.--Not less frequently than once each 
        calendar year, the Director of National Intelligence shall 
        submit to the congressional intelligence committees a 
        classified report containing, with respect to the previous 
        year--
                    (A) the number of vulnerabilities submitted for 
                review under the Vulnerabilities Equities Process;
                    (B) the number of vulnerabilities described in 
                subparagraph (A) disclosed to each vendor responsible 
                for correcting the vulnerability, or to the public, 
                pursuant to the Vulnerabilities Equities Process; and
                    (C) the aggregate number, by category, of the 
                vulnerabilities excluded from review under the 
                Vulnerabilities Equities Process, as described in 
                paragraph 5.4 of the Vulnerabilities Equities Policy 
                and Process document.
            (2) Unclassified information.--Each report submitted under 
        paragraph (1) shall include an unclassified appendix that 
        contains--
                    (A) the aggregate number of vulnerabilities 
                disclosed to vendors or the public pursuant to the 
                Vulnerabilities Equities Process; and
                    (B) the aggregate number of vulnerabilities 
                disclosed to vendors or the public pursuant to the 
                Vulnerabilities Equities Process known to have been 
                patched.
            (3) Non-duplication.--The Director of National Intelligence 
        may forgo submission of an annual report required under this 
        subsection for a calendar year, if the Director notifies the 
        intelligence committees in writing that, with respect to the 
        same calendar year, an annual report required by paragraph 4.3 
        of the Vulnerabilities Equities Policy and Process document 
        already has been submitted to Congress, and such annual report 
        contains the information that would otherwise be required to be 
        included in an annual report under this subsection.

SEC. 722. REPORTS ON GLOBAL WATER INSECURITY AND NATIONAL SECURITY 
              IMPLICATIONS.

    (a) Reports Required.--Not later than 180 days after the date of 
the enactment of this Act and not less frequently than once every 5 
years thereafter, the Director of National Intelligence shall submit to 
the congressional intelligence committees a report on the implications 
of water insecurity on the national security interest of the United 
States, including consideration of social, economic, agricultural, and 
environmental factors.
    (b) Assessment Scope and Focus.--Each report submitted under 
subsection (a) shall include an assessment of water insecurity 
described in such subsection with a global scope, but focus on areas of 
the world--
            (1) of strategic, economic, or humanitarian interest to the 
        United States--
                    (A) that are, as of the date of the report, at the 
                greatest risk of instability, conflict, human 
                insecurity, or mass displacement; or
                    (B) where challenges relating to water insecurity 
                are likely to emerge and become significant during the 
                5-year or the 20-year period beginning on the date of 
                the report; and
            (2) where challenges relating to water insecurity are 
        likely to imperil the national security interests of the United 
        States or allies of the United States.
    (c) Consultation.--In researching a report required by subsection 
(a), the Director shall consult with--
            (1) such stakeholders within the intelligence community, 
        the Department of Defense, and the Department of State as the 
        Director considers appropriate; and
            (2) such additional Federal agencies and persons in the 
        private sector as the Director considers appropriate.
    (d) Form.--Each report submitted under subsection (a) shall be 
submitted in unclassified form, but may include a classified annex.

SEC. 723. ANNUAL REPORT ON MEMORANDA OF UNDERSTANDING BETWEEN ELEMENTS 
              OF INTELLIGENCE COMMUNITY AND OTHER ENTITIES OF THE 
              UNITED STATES GOVERNMENT REGARDING SIGNIFICANT 
              OPERATIONAL ACTIVITIES OR POLICY.

    Section 311 of the Intelligence Authorization Act for Fiscal Year 
2017 (50 U.S.C. 3313) is amended--
            (1) by redesignating subsection (b) as subsection (c); and
            (2) by striking subsection (a) and inserting the following:
    ``(a) In General.--Each year, concurrent with the annual budget 
request submitted by the President to Congress under section 1105 of 
title 31, United States Code, each head of an element of the 
intelligence community shall submit to the congressional intelligence 
committees a report that lists each memorandum of understanding or 
other agreement regarding significant operational activities or policy 
entered into during the most recently completed fiscal year between or 
among such element and any other entity of the United States 
Government.
    ``(b) Provision of Documents.--Each head of an element of an 
intelligence community who receives a request from the Select Committee 
on Intelligence of the Senate or the Permanent Select Committee on 
Intelligence of the House of Representatives for a copy of a memorandum 
of understanding or other document listed in a report submitted by the 
head under subsection (a) shall submit to such committee the requested 
copy as soon as practicable after receiving such request.''.

SEC. 724. REPEAL OF REPORT REQUIREMENT FOR INSPECTORS GENERAL OF 
              CERTAIN ELEMENTS OF INTELLIGENCE COMMUNITY.

    (a) In General.--Section 8H of the Inspector General Act of 1978 (5 
U.S.C. App.) is amended--
            (1) by striking subsection (g); and
            (2) by redesignating subsections (h) and (i) as subsections 
        (g) and (h), respectively.
    (b) Conforming Amendments.--
            (1) National security act of 1947.--Section 507(a) of the 
        National Security Act of 1947 (50 U.S.C. 3106(a)) is amended--
                    (A) by striking paragraph (1); and
                    (B) by redesignating paragraphs (2) through (5) as 
                paragraphs (1) through (4).
            (2) Intelligence reform and terrorism prevention act of 
        2004.--Section 3001(j)(1)(C) of the Intelligence Reform and 
        Terrorism Prevention Act of 2004 (50 U.S.C. 3341(j)(1)(C)) is 
        amended by striking ``and (h)'' and inserting ``and (g)''.

SEC. 725. REPEAL OF REQUIREMENT FOR ANNUAL PERSONNEL LEVEL ASSESSMENTS 
              FOR THE INTELLIGENCE COMMUNITY.

    Section 506B of the National Security Act of 1947 (50 U.S.C. 3098) 
is hereby repealed.

SEC. 726. REPORT ON OUTREACH STRATEGY ADDRESSING THREATS FROM UNITED 
              STATES ADVERSARIES TO THE UNITED STATES TECHNOLOGY 
              SECTOR.

    (a) Report Required.--Not later than 180 days after the date of the 
enactment of this Act, the Director of National Intelligence shall 
submit to the appropriate committees of Congress a report detailing 
outreach by the intelligence community and the Defense Intelligence 
Enterprise to United States industrial, commercial, scientific, 
technical, and academic communities on matters relating to the efforts 
of adversaries of the United States to acquire critical United States 
technology, intellectual property, and research and development 
information.
    (b) Contents.--The report required by subsection (a) shall include 
the following:
            (1) A review of the current outreach efforts of the 
        intelligence community and the Defense Intelligence Enterprise 
        described in subsection (a), including the type of information 
        conveyed in the outreach.
            (2) A determination of the appropriate element of the 
        intelligence community to lead such outreach efforts.
            (3) An assessment of potential methods for improving the 
        effectiveness of such outreach, including an assessment of the 
        following:
                    (A) Those critical technologies, infrastructure, or 
                related supply chains that are at risk from the efforts 
                of adversaries described in subsection (a).
                    (B) The necessity and advisability of granting 
                security clearances to company or community leadership, 
                when necessary and appropriate, to allow for tailored 
                classified briefings on specific targeted threats.
                    (C) The advisability of partnering with entities of 
                the Federal Government that are not elements of the 
                intelligence community and relevant regulatory and 
                industry groups described in subsection (a), to convey 
                key messages across sectors targeted by United States 
                adversaries.
                    (D) Strategies to assist affected elements of the 
                communities described in subparagraph (C) in 
                mitigating, deterring, and protecting against the broad 
                range of threats from the efforts of adversaries 
                described in subsection (a), with focus on producing 
                information that enables private entities to justify 
                business decisions related to national security 
                concerns.
                    (E) The advisability of the establishment of a 
                United States Government-wide task force to coordinate 
                outreach and activities to combat the threats from 
                efforts of adversaries described in subsection (a).
                    (F) Such other matters as the Director of National 
                Intelligence may consider necessary.
    (c) Consultation Encouraged.--In preparing the report required by 
subsection (a), the Director is encouraged to consult with other 
government agencies, think tanks, academia, representatives of the 
financial industry, or such other entities as the Director considers 
appropriate.
    (d) Form.--The report required by subsection (a) shall be submitted 
in unclassified form, but may include a classified annex as necessary.
    (e) Appropriate Committees of Congress Defined.--In this section, 
the term ``appropriate committees of Congress'' means--
            (1) the congressional intelligence committees;
            (2) the Committee on Armed Services and the Committee on 
        Homeland Security and Governmental Affairs of the Senate; and
            (3) the Committee on Armed Services, Committee on Homeland 
        Security, and the Committee on Oversight and Government Reform 
        of the House of Representatives.

SEC. 727. STUDY ON THE FEASIBILITY OF ENCRYPTING UNCLASSIFIED WIRELINE 
              AND WIRELESS TELEPHONE CALLS.

    (a) Study Required.--Not later than 180 days after the date of the 
enactment of this Act, the Director of National Intelligence shall 
complete a study on the feasibility of encrypting unclassified wireline 
and wireless telephone calls between personnel in the intelligence 
community.
    (b) Report.--Not later than 90 days after the date on which the 
Director completes the study required by subsection (a), the Director 
shall submit to the congressional intelligence committees a report on 
the Director's findings with respect to such study.

SEC. 728. MODIFICATION OF REQUIREMENT FOR ANNUAL REPORT ON HIRING AND 
              RETENTION OF MINORITY EMPLOYEES.

    (a) Expansion of Period of Report.--Subsection (a) of section 114 
of the National Security Act of 1947 (50 U.S.C. 3050) is amended by 
inserting ``and the preceding 5 fiscal years'' after ``fiscal year''.
    (b) Clarification on Disaggregation of Data.--Subsection (b) of 
such section is amended, in the matter before paragraph (1), by 
striking ``disaggregated data by category of covered person from each 
element of the intelligence community'' and inserting ``data, 
disaggregated by category of covered person and by element of the 
intelligence community,''.

                       Subtitle C--Other Matters

SEC. 731. TECHNICAL AMENDMENTS RELATED TO THE DEPARTMENT OF ENERGY.

    (a) National Nuclear Security Administration Act.--
            (1) Clarification of functions of the administrator for 
        nuclear security.--Subsection (b) of section 3212 of the 
        National Nuclear Security Administration Act (50 U.S.C. 
        2402(b)) is amended--
                    (A) by striking paragraphs (11) and (12); and
                    (B) by redesignating paragraphs (13) through (19) 
                as paragraphs (11) through (17), respectively.
            (2) Counterintelligence programs.--Section 3233(b) of the 
        National Nuclear Security Administration Act (50 U.S.C. 
        2423(b)) is amended--
                    (A) by striking ``Administration'' and inserting 
                ``Department''; and
                    (B) by inserting ``Intelligence and'' after ``the 
                Office of''.
    (b) Atomic Energy Defense Act.--Section 4524(b)(2) of the Atomic 
Energy Defense Act (50 U.S.C. 2674(b)(2)) is amended by inserting 
``Intelligence and'' after ``The Director of''.
    (c) National Security Act of 1947.--Paragraph (2) of section 106(b) 
of the National Security Act of 1947 (50 U.S.C. 3041(b)(2)) is 
amended--
            (1) in subparagraph (E), by inserting ``and 
        Counterintelligence'' after ``Office of Intelligence'';
            (2) by striking subparagraph (F);
            (3) by redesignating subparagraphs (G), (H), and (I) as 
        subparagraphs (F), (G), and (H), respectively; and
            (4) in subparagraph (H), as so redesignated, by realigning 
        the margin of such subparagraph 2 ems to the left.

SEC. 732. SECURING ENERGY INFRASTRUCTURE.

    (a) Definitions.--In this section:
            (1) Appropriate congressional committees.--The term 
        ``appropriate congressional committees'' means--
                    (A) the congressional intelligence committees;
                    (B) the Committee on Homeland Security and 
                Governmental Affairs and the Committee on Energy and 
                Natural Resources of the Senate; and
                    (C) the Committee on Homeland Security and the 
                Committee on Energy and Commerce of the House of 
                Representatives.
            (2) Covered entity.--The term ``covered entity'' means an 
        entity identified pursuant to section 9(a) of Executive Order 
        13636 of February 12, 2013 (78 Fed. Reg. 11742), relating to 
        identification of critical infrastructure where a cybersecurity 
        incident could reasonably result in catastrophic regional or 
        national effects on public health or safety, economic security, 
        or national security.
            (3) Exploit.--The term ``exploit'' means a software tool 
        designed to take advantage of a security vulnerability.
            (4) Industrial control system.--The term ``industrial 
        control system'' means an operational technology used to 
        measure, control, or manage industrial functions, and includes 
        supervisory control and data acquisition systems, distributed 
        control systems, and programmable logic or embedded 
        controllers.
            (5) National laboratory.--The term ``National Laboratory'' 
        has the meaning given the term in section 2 of the Energy 
        Policy Act of 2005 (42 U.S.C. 15801).
            (6) Program.--The term ``Program'' means the pilot program 
        established under subsection (b).
            (7) Secretary.--The term ``Secretary'' means the Secretary 
        of Energy.
            (8) Security vulnerability.--The term ``security 
        vulnerability'' means any attribute of hardware, software, 
        process, or procedure that could enable or facilitate the 
        defeat of a security control.
    (b) Pilot Program for Securing Energy Infrastructure.--Not later 
than 180 days after the date of the enactment of this Act, the 
Secretary shall establish a 2-year control systems implementation pilot 
program within the National Laboratories for the purposes of--
            (1) partnering with covered entities in the energy sector 
        (including critical component manufacturers in the supply 
        chain) that voluntarily participate in the Program to identify 
        new classes of security vulnerabilities of the covered 
        entities; and
            (2) evaluating technology and standards, in partnership 
        with covered entities, to isolate and defend industrial control 
        systems of covered entities from security vulnerabilities and 
        exploits in the most critical systems of the covered entities, 
        including--
                    (A) analog and nondigital control systems;
                    (B) purpose-built control systems; and
                    (C) physical controls.
    (c) Working Group to Evaluate Program Standards and Develop 
Strategy.--
            (1) Establishment.--The Secretary shall establish a working 
        group--
                    (A) to evaluate the technology and standards used 
                in the Program under subsection (b)(2); and
                    (B) to develop a national cyber-informed 
                engineering strategy to isolate and defend covered 
                entities from security vulnerabilities and exploits in 
                the most critical systems of the covered entities.
            (2) Membership.--The working group established under 
        paragraph (1) shall be composed of not fewer than 10 members, 
        to be appointed by the Secretary, at least 1 member of which 
        shall represent each of the following:
                    (A) The Department of Energy.
                    (B) The energy industry, including electric 
                utilities and manufacturers recommended by the Energy 
                Sector coordinating councils.
                    (C)(i) The Department of Homeland Security; or
                    (ii) the Industrial Control Systems Cyber Emergency 
                Response Team.
                    (D) The North American Electric Reliability 
                Corporation.
                    (E) The Nuclear Regulatory Commission.
                    (F)(i) The Office of the Director of National 
                Intelligence; or
                    (ii) the intelligence community.
                    (G)(i) The Department of Defense; or
                    (ii) the Assistant Secretary of Defense for 
                Homeland Security and America's Security Affairs.
                    (H) A State or regional energy agency.
                    (I) A national research body or academic 
                institution.
                    (J) The National Laboratories.
    (d) Reports on the Program.--
            (1) Interim report.--Not later than 180 days after the date 
        on which funds are first disbursed under the Program, the 
        Secretary shall submit to the appropriate congressional 
        committees an interim report that--
                    (A) describes the results of the Program;
                    (B) includes an analysis of the feasibility of each 
                method studied under the Program; and
                    (C) describes the results of the evaluations 
                conducted by the working group established under 
                subsection (c)(1).
            (2) Final report.--Not later than 2 years after the date on 
        which funds are first disbursed under the Program, the 
        Secretary shall submit to the appropriate congressional 
        committees a final report that--
                    (A) describes the results of the Program;
                    (B) includes an analysis of the feasibility of each 
                method studied under the Program; and
                    (C) describes the results of the evaluations 
                conducted by the working group established under 
                subsection (c)(1).
    (e) Exemption From Disclosure.--Information shared by or with the 
Federal Government or a State, Tribal, or local government under this 
section--
            (1) shall be deemed to be voluntarily shared information;
            (2) shall be exempt from disclosure under section 552 of 
        title 5, United States Code, or any provision of any State, 
        Tribal, or local freedom of information law, open government 
        law, open meetings law, open records law, sunshine law, or 
        similar law requiring the disclosure of information or records; 
        and
            (3) shall be withheld from the public, without discretion, 
        under section 552(b)(3) of title 5, United States Code, and any 
        provision of any State, Tribal, or local law requiring the 
        disclosure of information or records.
    (f) Protection From Liability.--
            (1) In general.--A cause of action against a covered entity 
        for engaging in the voluntary activities authorized under 
        subsection (b)--
                    (A) shall not lie or be maintained in any court; 
                and
                    (B) shall be promptly dismissed by the applicable 
                court.
            (2) Voluntary activities.--Nothing in this section subjects 
        any covered entity to liability for not engaging in the 
        voluntary activities authorized under subsection (b).
    (g) No New Regulatory Authority for Federal Agencies.--Nothing in 
this section authorizes the Secretary or the head of any other 
department or agency of the Federal Government to issue new 
regulations.
    (h) Authorization of Appropriations.--
            (1) Pilot program.--There is authorized to be appropriated 
        $10,000,000 to carry out subsection (b).
            (2) Working group and report.--There is authorized to be 
        appropriated $1,500,000 to carry out subsections (c) and (d).
            (3) Availability.--Amounts made available under paragraphs 
        (1) and (2) shall remain available until expended.

SEC. 733. SENSE OF CONGRESS ON WIKILEAKS.

    It is the sense of Congress that WikiLeaks and the senior 
leadership of WikiLeaks resemble a nonstate hostile intelligence 
service often abetted by state actors and should be treated as such a 
service by the United States.

SEC. 734. BUG BOUNTY PROGRAMS.

    (a) Definitions.--In this section:
            (1) Appropriate committees of congress.--The term 
        ``appropriate committees of Congress'' means--
                    (A) the congressional intelligence committees;
                    (B) the Committee on Homeland Security and 
                Governmental Affairs and the Committee on Armed 
                Services of the Senate; and
                    (C) the Committee on Homeland Security and the 
                Committee on Armed Services of the House of 
                Representatives.
            (2) Bug bounty program.--The term ``bug bounty program'' 
        means a program under which an approved computer security 
        specialist or security researcher is temporarily authorized to 
        identify and report vulnerabilities within the information 
        system of an agency or department of the United States in 
        exchange for compensation.
            (3) Information system.--The term ``information system'' 
        has the meaning given such term in section 3502 of title 44, 
        United States Code.
    (b) Bug Bounty Program Plan.--
            (1) Requirement.--Not later than 180 days after the date of 
        the enactment of this Act, the Secretary of Homeland Security, 
        in consultation with the Secretary of Defense, shall submit to 
        the appropriate committees of Congress a strategic plan for 
        appropriate agencies and departments of the United States to 
        implement bug bounty programs.
            (2) Contents.--The plan required by paragraph (1) shall 
        include--
                    (A) an assessment of--
                            (i) the ``Hack the Pentagon'' pilot program 
                        carried out by the Department of Defense in 
                        2016 and subsequent bug bounty programs in 
                        identifying and reporting vulnerabilities 
                        within the information systems of the 
                        Department of Defense; and
                            (ii) private sector bug bounty programs, 
                        including such programs implemented by leading 
                        technology companies in the United States; and
                    (B) recommendations on the feasibility of 
                initiating bug bounty programs at appropriate agencies 
                and departments of the United States.

SEC. 735. SENSE OF CONGRESS ON CONSIDERATION OF ESPIONAGE ACTIVITIES 
              WHEN CONSIDERING WHETHER OR NOT TO PROVIDE VISAS TO 
              FOREIGN INDIVIDUALS TO BE ACCREDITED TO A UNITED NATIONS 
              MISSION IN THE UNITED STATES.

    It is the sense of the Congress that the Secretary of State, in 
considering whether or not to provide a visa to a foreign individual to 
be accredited to a United Nations mission in the United States, should 
consider--
            (1) known and suspected intelligence activities, espionage 
        activities, including activities constituting precursors to 
        espionage, carried out by the individual against the United 
        States, foreign allies of the United States, or foreign 
        partners of the United States; and
            (2) the status of an individual as a known or suspected 
        intelligence officer for a foreign adversary.

SEC. 736. PUBLIC INTEREST DECLASSIFICATION BOARD.

    Section 710(b) of the Public Interest Declassification Act of 2000 
(Public Law 106-567; 50 U.S.C. 3161 note) is amended by striking 
``December 31, 2018'' and inserting ``December 31, 2022''.

SEC. 737. MODIFICATION OF AUTHORITIES RELATING TO THE NATIONAL 
              INTELLIGENCE UNIVERSITY.

    (a) Civilian Faculty Members; Employment and Compensation.--
            (1) In general.--Section 1595(c) of title 10, United States 
        Code, is amended by adding at the end the following:
            ``(5) The National Intelligence University.''.
            (2) Compensation plan.--The Secretary of Defense shall 
        provide each person employed as a professor, instructor, or 
        lecturer at the National Intelligence University on the date of 
        the enactment of this Act an opportunity to elect to be paid 
        under the compensation plan in effect on the day before the 
        date of the enactment of this Act (with no reduction in pay) or 
        under the authority of section 1595 of title 10, United States 
        Code, as amended by paragraph (1).
    (b) Acceptance of Faculty Research Grants.--Section 2161 of such 
title is amended by adding at the end the following:
    ``(d) Acceptance of Faculty Research Grants.--The Secretary of 
Defense may authorize the President of the National Intelligence 
University to accept qualifying research grants in the same manner and 
to the same degree as the President of the National Defense University 
under section 2165(e) of this title.''.
    (c) Admission of Private Sector Civilians.--
            (1) In general.--Chapter 108 of such title is amended by 
        inserting after section 2167a the following:
``Sec. 2167b. National Intelligence University: admission of private 
              sector civilians to receive instruction
    ``(a) Authority for Admission.--(1) The Secretary of Defense may 
permit eligible private sector employees who work in organizations 
relevant to national security to receive instruction at the National 
Intelligence University in accordance with this section.
    ``(2) No more than the equivalent of 35 full-time student positions 
may be filled at any one time by private sector employees enrolled 
under this section.
    ``(3) Upon successful completion of the course of instruction in 
which enrolled, any such private sector employee may be awarded an 
appropriate diploma or degree under section 2161 of this title.
    ``(b) Eligible Private Sector Employees.--(1) For purposes of this 
section, an eligible private sector employee is an individual employed 
by a private firm that is engaged in providing to the Department of 
Defense, the intelligence community, or other Government departments or 
agencies significant and substantial intelligence or defense-related 
systems, products, or services or whose work product is relevant to 
national security policy or strategy.
    ``(2) A private sector employee admitted for instruction at the 
National Intelligence University remains eligible for such instruction 
only so long as that person remains employed by the same firm, holds 
appropriate security clearances, and complies with any other applicable 
security protocols.
    ``(c) Annual Certification by Secretary of Defense.--Private sector 
employees may receive instruction at the National Intelligence 
University during any academic year only if, before the start of that 
academic year, the Secretary of Defense determines, and certifies to 
the Committee on Armed Services of the Senate and the Committee on 
Armed Services of the House of Representatives, that providing 
instruction to private sector employees under this section during that 
year will further the national security interests of the United States.
    ``(d) Program Requirements.--The Secretary of Defense shall ensure 
that--
            ``(1) the curriculum in which private sector employees may 
        be enrolled under this section is not readily available through 
        other schools and concentrates on national security relevant 
        issues; and
            ``(2) the course offerings at the National Intelligence 
        University are determined by the needs of the Department of 
        Defense and the intelligence community.
    ``(e) Tuition.--The President of the National Intelligence 
University shall charge students enrolled under this section a rate 
that--
            ``(1) is at least the rate charged for employees of the 
        United States outside the Department of Defense, less 
        infrastructure costs; and
            ``(2) considers the value to the school and course of the 
        private sector student.
    ``(f) Standards of Conduct.--While receiving instruction at the 
National Intelligence University, students enrolled under this section, 
to the extent practicable, are subject to the same regulations 
governing academic performance, attendance, norms of behavior, and 
enrollment as apply to Government civilian employees receiving 
instruction at the university.
    ``(g) Use of Funds.--(1) Amounts received by the National 
Intelligence University for instruction of students enrolled under this 
section shall be retained by the university to defray the costs of such 
instruction.
    ``(2) The source, and the disposition, of such funds shall be 
specifically identified in records of the university.''.
            (2) Clerical amendment.--The table of sections at the 
        beginning of chapter 108 of such title is amended by inserting 
        after the item relating to section 2167a the following:

``2167b. National Intelligence University: admission of private sector 
                            civilians to receive instruction.''.
                                                       Calendar No. 494

115th CONGRESS

  2d Session

                                S. 3153

_______________________________________________________________________

                                 A BILL

    To authorize appropriations for fiscal years 2018 and 2019 for 
 intelligence and intelligence-related activities of the United States 
     Government, the Community Management Account, and the Central 
  Intelligence Agency Retirement and Disability System, and for other 
                               purposes.

_______________________________________________________________________

                             June 28, 2018

                 Read twice and placed on the calendar