[Congressional Record Volume 156, Number 46 (Tuesday, March 23, 2010)]
[Senate]
[Pages S1875-S1876]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

      By Mrs. GILLIBRAND (for herself and Mr. Hatch):
  S. 3155. A bill to require reporting on certain information and 
communications technologies of foreign countries, to develop action 
plans to improve the capacity of certain countries to combat 
cybercrime, and for other purposes; to the Committee on Foreign 
Relations.
  Mr. HATCH. Mr. President, I rise today to introduce the International 
Cybercrime Reporting and Cooperation Act with Senator Kirsten 
Gillibrand, which if enacted, will establish a framework for global 
cooperation on the fight against cybercrime. As the U.S. continues to 
work on combating cybercrime here at home, we must simultaneously 
direct our attention to the international arena. With bipartisan 
support and valued input from affected industry, we have worked 
together on drafting a bill that encompasses reporting measures, action 
plans, and multilateral efforts in support of government cooperation to 
dismantle this global threat.
  This bill increases the U.S. Government's focus on combating 
cybercrime internationally by requiring the President to annually 
report to Congress with respect to the information and communications 
technologies, ICT, capabilities of foreign countries, and the 
multilateral efforts that are undertaken. In this digital age of global 
connectivity, businesses and governments must always be mindful of a 
potential cyberattack. Cyberspace remains borderless, with no single 
proprietor. Accordingly, the U.S. must take the lead on maintaining the 
openness of the Internet, while securing accountability.
  The White House cybersecurity coordinator, Howard Schmidt, recently 
commented about the cyberattacks on Google and referenced that the best 
thing to handle cyber conflicts and attacks abroad is to work with 
countries involved, ``making sure they are doing a full-blown 
investigation and conferring with our law enforcement.'' This is one of 
the objectives that I have sought to accomplish in this bill. If a 
country is a haven for cybercrime, or simply has demonstrated a pattern 
of uncooperative behavior with efforts to combat cybercrime, that 
nation must be held accountable. The government of each country must 
conduct criminal investigations and prosecute criminals when there is 
credible evidence of

[[Page S1876]]

cybercrime incidents against the U.S. Government, our private entities 
or our people.
  In this bill, the President would submit to Congress an annual report 
assessing the extent of use of the Internet in critical infrastructure, 
telecommunications and the financial industry for each member state of 
the United Nations. The report would assess the effectiveness of each 
country's legal and law enforcement systems in addressing cybercrime, 
and the measures taken by each country to ensure free flow of commerce 
and the protection of Internet consumers. The annual report would also 
describe U.S. actions to promote multilateral efforts, as well as other 
multilateral efforts to prevent and investigate cybercrime, and develop 
best practices to combat cybercrime. The report will also identify and 
prioritize countries that are at risk of becoming cybercrime havens due 
to their lack of technology and enforcement resources. We must be able 
to utilize our foreign assistance programs to help countries with low 
ICT development, and ensure they are ready to stand on their own to 
combat cybercrime, even long after the foreign assistance has ended.
  Obviously, to be effective in our fight against cybercrime, the 
global community must work together to keep all countries accountable 
for their actions. Toward that end, one year after submitting the first 
report, the International Cybercrime Reporting and Cooperation Act 
would direct the President to create an action plan for each country of 
cyber concern, to assist the government of that country and create 
benchmarks. If the country of cyber concern has not taken any of the 
recommended actions to curtail or prevent cybercrime, various 
enforcement actions against the country may be taken, including 
prohibiting the approval of financing from the Overseas Private 
Investment Corporation or the Export-Import Bank. With so many U.S. 
companies doing business overseas, we must do our part to safeguard 
their employees, their jobs, and their clients from cyberattacks. Our 
objective is simple: We need international cooperation to increase 
assistance and prevention efforts of cybercrime from those countries 
deemed to be of cyber concern. Without international cooperation, our 
economy, security, and people will continue to be under threat.
  To ensure that the most comprehensive information is considered, this 
bill encourages the President to reach out to industry, civil society 
and other interested parties in crafting the annual report. Senator 
Gillibrand and I took the time to listen to many stakeholders and 
create a bill that addresses real concerns. To provide an outlet to 
bring together the input of affected and interested parties, we have 
worked with the Department of State to designate not only a senior 
official in Washington to coordinate and focus on cybercrime as a 
foreign policy issue, but the assignment of employees with primary 
responsibility of cybercrime policy in each country or region that is a 
key player in the fight to combat cybercrime globally. These government 
employees assigned overseas will ensure that companies doing business 
abroad will have an additional channel to report and discuss 
cybercrime. I am pleased to say that this bill has gained vast support 
from all areas of the financial and high-tech sectors.
  Cybercrime is a tangible threat to the security of the global 
economy, which is why we need to coordinate our fight worldwide. Until 
countries begin to take the necessary steps to fight criminals within 
their borders, cybercrime havens will continue to flourish. We do not 
have the luxury to sit back and do nothing, and the International 
Cybercrime Reporting and Cooperation Act will not only function as a 
deterrent of cybercrime, but will prove to be an essential tool 
necessary to keep the Internet open for business. Countries that 
knowingly permit cybercriminals to attack within their borders will now 
know that the U.S. is watching, the global community is watching, and 
there will be consequences for not acting.

                          ____________________