[Congressional Bills 115th Congress]
[From the U.S. Government Publishing Office]
[S. Res. 23 Introduced in Senate (IS)]

<DOC>






115th CONGRESS
  1st Session
S. RES. 23

          Establishing the Select Committee on Cybersecurity.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                            January 24, 2017

    Mr. Gardner (for himself and Mr. Coons) submitted the following 
     resolution; which was referred to the Committee on Rules and 
                             Administration

_______________________________________________________________________

                               RESOLUTION


 
          Establishing the Select Committee on Cybersecurity.

    Resolved,

SECTION 1. SELECT COMMITTEE ON CYBERSECURITY.

    (a) Definitions.--In this section--
            (1) the term ``cybersecurity'' means the protection or 
        defense of cyberspace from cyberattacks;
            (2) the term ``cybersecurity breach'' means an attack via 
        cyberspace, targeting an enterprise's use of cyberspace for the 
        purpose of--
                    (A) disrupting, disabling, destroying, or 
                maliciously controlling a computing environment or 
                infrastructure; or
                    (B) destroying the integrity of data or stealing 
                controlled information; and
            (3) the term ``cyberspace'' means the global domain within 
        the information environment consisting of the interdependent 
        network of information systems infrastructures (including the 
        Internet, telecommunications networks, computer systems, and 
        embedded processors and controllers).
    (b) Establishment.--There is established a select committee of the 
Senate to be known as the Select Committee on Cybersecurity (in this 
resolution referred to as the ``select committee'')--
            (1) to oversee and make continuing studies of and 
        recommendations regarding cybersecurity threats to the United 
        States; and
            (2) which may report by bill or otherwise on matters within 
        its jurisdiction.
    (c) Membership.--
            (1) In general.--The select committee shall be composed of 
        21 members as follows:
                    (A) The Chairman and Ranking Member of the 
                Committee on Appropriations.
                    (B) The Chairman and Ranking Member of the 
                Committee on Armed Services.
                    (C) The Chairman and Ranking Member of the 
                Committee on Banking, Housing, and Urban Affairs.
                    (D) The Chairman and Ranking Member of the 
                Committee on Commerce, Science, and Transportation.
                    (E) The Chairman and Ranking Member of the 
                Committee on Foreign Relations.
                    (F) The Chairman and Ranking Member of the 
                Committee on Homeland Security and Governmental 
                Affairs.
                    (G) The Chairman and Vice Chairman of the Select 
                Committee on Intelligence.
                    (H) The Chairman and Ranking Member of the 
                Committee on the Judiciary.
                    (I) Five members who shall be appointed from the 
                Senate at large.
            (2) Members from other committees.--If the Chairman or 
        Ranking Member of a committee named in subparagraphs (A) 
        through (H) of paragraph (1) chooses not to serve on the select 
        committee, the Chairman or Ranking Member of such committee, 
        respectively, shall appoint 1 member of such committee to the 
        select committee.
            (3) Appointment of other members.--The Majority Leader 
        shall appoint 3 of the members under paragraph (1)(I) and the 
        Minority Leader shall appoint 2 of the members under paragraph 
        (1)(I).
            (4) Ex officio members.--The Majority Leader and Minority 
        Leader shall serve as ex officio, nonvoting members of the 
        select committee.
            (5) Chairperson and vice chairperson.--At the beginning of 
        each Congress, the Majority Leader shall select a chairperson 
        of the select committee and the Minority Leader shall select a 
        vice chairperson for the select committee.
    (d) Subcommittees Authorized.--The select committee may be 
organized into subcommittees. Each subcommittee shall have a 
chairperson and a vice chairperson who are selected by the chairperson 
and vice chairperson of the select committee, respectively.
    (e) Jurisdiction.--There shall be referred to the select committee 
all proposed legislation, messages, petitions, memorials, and other 
matters relating to the following:
            (1) Domestic and foreign cybersecurity risks (including 
        state-sponsored threats) to the United States, including to--
                    (A) the computer systems of the United States;
                    (B) the infrastructure of the United States;
                    (C) citizens of the United States;
                    (D) corporations and other businesses in the United 
                States; and
                    (E) the commerce of the United States.
            (2) The activities of any department or agency relating to 
        preventing, protecting against, or responding to cybersecurity 
        threats to the United States, and relevant incidents or 
        actions.
            (3) The organization or reorganization of any department or 
        agency to the extent that the organization or reorganization 
        relates to a function or activity involving preventing, 
        protecting against, or responding to cybersecurity threats to 
        the United States, and relevant incidents or actions.
            (4) Authorizations for appropriations, both direct and 
        indirect, for preventing, protecting against, or responding to 
        cybersecurity threats to the United States, and relevant 
        incidents or actions.
    (f) Authorities.--
            (1) In general.--For the purposes of this resolution, the 
        select committee is authorized in its discretion--
                    (A) to make investigations into any matter within 
                its jurisdiction;
                    (B) to make expenditures from the contingent fund 
                of the Senate;
                    (C) to employ personnel;
                    (D) to hold hearings;
                    (E) to sit and act at any time or place during the 
                sessions, recesses, and adjourned periods of the 
                Senate;
                    (F) to require, by subpoena or otherwise, the 
                attendance of witnesses and the production of 
                correspondence, books, papers, and documents;
                    (G) to take depositions and other testimony and 
                authorize employees of the select committee to take 
                depositions and other testimony;
                    (H) to procure the services of individual 
                consultants, or organizations thereof, in accordance 
                with section 202(i) of the Legislative Reorganization 
                Act of 1946 (2 U.S.C. 4301(i));
                    (I) with the prior consent of the government 
                department or agency concerned and the Committee on 
                Rules and Administration, to use on a reimbursable 
                basis the services of personnel of any such department 
                or agency;
                    (J) to make recommendations and report legislation 
                on matters within its jurisdiction; and
                    (K) permit any personal representative of the 
                President, designated by the President to serve as a 
                liaison to the select committee, to attend any closed 
                meeting of the select committee.
            (2) Oaths.--The chairperson of the select committee or any 
        member thereof may administer oaths to witnesses.
            (3) Subpoenas.--
                    (A) Authorization of subpoenas.--The issuance of a 
                subpoena may only be authorized by the select committee 
                upon an affirmative vote of a majority of the members 
                of the select committee, which vote may not be held 
                before the time that is 48 hours after notice of the 
                request to authorize the issuance of the subpoena is 
                provided to each member of the select committee, absent 
                unanimous consent.
                    (B) Issuance.--A subpoena authorized by the select 
                committee--
                            (i) may be issued under the signature of 
                        the chairperson, the vice chairperson, or any 
                        member of the select committee designated by 
                        the chairperson; and
                            (ii) may be served by any person designated 
                        by the chairperson, the vice chairperson, or 
                        other member signing the subpoena.
    (g) Obtaining Information.--
            (1) In general.--The select committee shall obtain from the 
        President and the heads of departments and agencies the 
        information relevant to cybersecurity risks and threats 
        required to ensure that the members of the select committee 
        have complete and current information relating to cybersecurity 
        activities and threats, which may include obtaining written 
        reports reviewing--
                    (A) the activities carried out by the department or 
                agency concerned to prevent, protect against, or 
                respond to cybersecurity threats;
                    (B) the cybersecurity threats from within the 
                United States and from foreign countries that are 
                directed at the United States or its interests;
                    (C) previously conducted or anticipated covert 
                actions relating to cybersecurity; and
                    (D) any significant cybersecurity breaches that 
                could--
                            (i) affect the diplomatic, political, 
                        economic, or military relations of the United 
                        States with other countries or groups; or
                            (ii) impose a major financial cost on the 
                        Federal Government, citizens of the United 
                        States, corporations or other businesses in the 
                        United States, or the commerce of the United 
                        States.
            (2) Access of members to information.--Each member of the 
        select committee shall have equal and unimpeded access to 
        information collected or otherwise obtained by the select 
        committee.
            (3) Classified information.--
                    (A) In general.--No employee of the select 
                committee or any person engaged by contract or 
                otherwise to perform services for or at the request of 
                the select committee shall be given access to any 
                classified information by the select committee unless 
                the employee or person has--
                            (i) agreed in writing and under oath to be 
                        bound by the rules of the Senate (including the 
                        jurisdiction of the Select Committee on Ethics) 
                        and of the select committee as to the security 
                        of such information during and after the period 
                        of the employment or contractual agreement with 
                        the select committee; and
                            (ii) received an appropriate security 
                        clearance, as determined by the select 
                        committee, in consultation with the Director of 
                        National Intelligence.
                    (B) Type of clearance.--The type of security 
                clearance to be required in the case of any employee or 
                person described in subparagraph (A) shall, within the 
                determination of the select committee, in consultation 
                with the Director of National Intelligence, be 
                commensurate with the sensitivity of the classified 
                information to which the employee or person will be 
                given access by the select committee.
            (4) Provision of information by departments and agencies.--
                    (A) In general.--The head of each department and 
                agency shall keep the select committee fully and 
                currently informed with respect to cybersecurity 
                activities and threats, including activities to 
                prevent, protect against, or respond to cybersecurity 
                threats and any significant anticipated activities 
                relating to cybersecurity which are the responsibility 
                of or engaged in by the department or agency.
                    (B) Information and documents.--The head of any 
                department or agency involved in any cybersecurity 
                activities shall furnish any information or document in 
                the possession, custody, or control of the department 
                or agency, or person paid by the department or agency, 
                whenever requested by the select committee with respect 
                to any matter within the jurisdiction of the select 
                committee.
                    (C) Annual reports to select committee.--The 
                Director of National Intelligence, the Director of the 
                Central Intelligence Agency, the Secretary of Defense, 
                the Secretary of State, the Director of the Federal 
                Bureau of Investigation, and the Secretary of Commerce 
                shall each submit to the select committee an annual 
                report on cyber threats.
    (h) Personnel Provisions.--
            (1) In general.--In addition to other committee staff 
        selected by the select committee, the select committee shall 
        hire or appoint 1 employee for each member of the select 
        committee to serve as the designated representative of the 
        member on the select committee. The select committee shall only 
        hire or appoint an employee chosen by a member of the select 
        committee for whom the employee will serve as the designated 
        representative on the select committee.
            (2) Supplement to budget.--The select committee shall be 
        afforded a supplement to its budget, to be determined by the 
        Committee on Rules and Administration, to allow for the hire of 
        each employee who fills the position of designated 
        representative to the select committee. The designated 
        representative shall have office space and appropriate office 
        equipment in the select committee spaces. Designated personal 
        representatives shall have the same access to committee staff, 
        information, records, and databases as select committee staff, 
        as determined by the chairperson and vice chairperson.
            (3) Requirements for designated employees.--Each designated 
        employee shall meet all the requirements of relevant statutes, 
        Senate rules, and committee security clearance requirements for 
        employment by the select committee.
            (4) Division of funds.--Of the amounts made available to 
        the select committee for personnel--
                    (A) not more than 60 percent shall be under the 
                control of the chairperson; and
                    (B) not less than 40 percent shall be under the 
                control of the vice chairperson.
    (i) Committee Rules.--
            (1) In general.--The select committee shall adopt rules 
        (not inconsistent with the rules of the Senate and in 
        accordance with rule XXVI of the Standing Rules of the Senate) 
        governing the procedure of the select committee, which shall 
        include addressing how often the select committee shall meet, 
        meeting times and location, type of notifications, notices of 
        hearings, duration of the select committee, and records of the 
        select committee after committee activities are complete.
            (2) Unanimous vote required.--The select committee may only 
        adopt rules under paragraph (1) by a unanimous vote of the 
        voting members of the select committee.
                                 <all>