[Congressional Record Volume 163, Number 13 (Tuesday, January 24, 2017)]
[Senate]
[Pages S453-S454]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




      SENATE RESOLUTION 23--ESTABLISHING THE SELECT COMMITTEE ON 
                             CYBERSECURITY

  Mr. GARDNER (for himself and Mr. Coons) submitted the following 
resolution; which was referred to the Committee on Rules and 
Administration:

                               S. Res. 23

       Resolved,

     SECTION 1. SELECT COMMITTEE ON CYBERSECURITY.

       (a) Definitions.--In this section--
       (1) the term ``cybersecurity'' means the protection or 
     defense of cyberspace from cyberattacks;
       (2) the term ``cybersecurity breach'' means an attack via 
     cyberspace, targeting an enterprise's use of cyberspace for 
     the purpose of--
       (A) disrupting, disabling, destroying, or maliciously 
     controlling a computing environment or infrastructure; or
       (B) destroying the integrity of data or stealing controlled 
     information; and
       (3) the term ``cyberspace'' means the global domain within 
     the information environment consisting of the interdependent 
     network of information systems infrastructures (including the 
     Internet, telecommunications networks, computer systems, and 
     embedded processors and controllers).
       (b) Establishment.--There is established a select committee 
     of the Senate to be known as the Select Committee on 
     Cybersecurity (in this resolution referred to as the ``select 
     committee'')--
       (1) to oversee and make continuing studies of and 
     recommendations regarding cybersecurity threats to the United 
     States; and
       (2) which may report by bill or otherwise on matters within 
     its jurisdiction.
       (c) Membership.--
       (1) In general.--The select committee shall be composed of 
     21 members as follows:
       (A) The Chairman and Ranking Member of the Committee on 
     Appropriations.
       (B) The Chairman and Ranking Member of the Committee on 
     Armed Services.
       (C) The Chairman and Ranking Member of the Committee on 
     Banking, Housing, and Urban Affairs.
       (D) The Chairman and Ranking Member of the Committee on 
     Commerce, Science, and Transportation.
       (E) The Chairman and Ranking Member of the Committee on 
     Foreign Relations.
       (F) The Chairman and Ranking Member of the Committee on 
     Homeland Security and Governmental Affairs.
       (G) The Chairman and Vice Chairman of the Select Committee 
     on Intelligence.
       (H) The Chairman and Ranking Member of the Committee on the 
     Judiciary.
       (I) Five members who shall be appointed from the Senate at 
     large.
       (2) Members from other committees.--If the Chairman or 
     Ranking Member of a committee named in subparagraphs (A) 
     through (H) of paragraph (1) chooses not to serve on the 
     select committee, the Chairman or Ranking Member of such 
     committee, respectively, shall appoint 1 member of such 
     committee to the select committee.
       (3) Appointment of other members.--The Majority Leader 
     shall appoint 3 of the members under paragraph (1)(I) and the 
     Minority Leader shall appoint 2 of the members under 
     paragraph (1)(I).
       (4) Ex officio members.--The Majority Leader and Minority 
     Leader shall serve as ex officio, nonvoting members of the 
     select committee.
       (5) Chairperson and vice chairperson.--At the beginning of 
     each Congress, the Majority Leader shall select a chairperson 
     of the select committee and the Minority Leader shall select 
     a vice chairperson for the select committee.
       (d) Subcommittees Authorized.--The select committee may be 
     organized into subcommittees. Each subcommittee shall have a 
     chairperson and a vice chairperson who are selected by the 
     chairperson and vice chairperson of the select committee, 
     respectively.
       (e) Jurisdiction.--There shall be referred to the select 
     committee all proposed legislation, messages, petitions, 
     memorials, and other matters relating to the following:
       (1) Domestic and foreign cybersecurity risks (including 
     state-sponsored threats) to the United States, including to--
       (A) the computer systems of the United States;
       (B) the infrastructure of the United States;
       (C) citizens of the United States;
       (D) corporations and other businesses in the United States; 
     and
       (E) the commerce of the United States.
       (2) The activities of any department or agency relating to 
     preventing, protecting against, or responding to 
     cybersecurity threats to the United States, and relevant 
     incidents or actions.
       (3) The organization or reorganization of any department or 
     agency to the extent that the organization or reorganization 
     relates to a function or activity involving preventing, 
     protecting against, or responding to cybersecurity threats to 
     the United States, and relevant incidents or actions.
       (4) Authorizations for appropriations, both direct and 
     indirect, for preventing, protecting against, or responding 
     to cybersecurity threats to the United States, and relevant 
     incidents or actions.
       (f) Authorities.--
       (1) In general.--For the purposes of this resolution, the 
     select committee is authorized in its discretion--
       (A) to make investigations into any matter within its 
     jurisdiction;
       (B) to make expenditures from the contingent fund of the 
     Senate;
       (C) to employ personnel;
       (D) to hold hearings;
       (E) to sit and act at any time or place during the 
     sessions, recesses, and adjourned periods of the Senate;
       (F) to require, by subpoena or otherwise, the attendance of 
     witnesses and the production of correspondence, books, 
     papers, and documents;
       (G) to take depositions and other testimony and authorize 
     employees of the select committee to take depositions and 
     other testimony;
       (H) to procure the services of individual consultants, or 
     organizations thereof, in accordance with section 202(i) of 
     the Legislative Reorganization Act of 1946 (2 U.S.C. 
     4301(i));
       (I) with the prior consent of the government department or 
     agency concerned and the Committee on Rules and 
     Administration, to use on a reimbursable basis the services 
     of personnel of any such department or agency;
       (J) to make recommendations and report legislation on 
     matters within its jurisdiction; and
       (K) permit any personal representative of the President, 
     designated by the President to serve as a liaison to the 
     select committee, to attend any closed meeting of the select 
     committee.
       (2) Oaths.--The chairperson of the select committee or any 
     member thereof may administer oaths to witnesses.
       (3) Subpoenas.--
       (A) Authorization of subpoenas.--The issuance of a subpoena 
     may only be authorized by the select committee upon an 
     affirmative vote of a majority of the members of the select 
     committee, which vote may not be held before the time that is 
     48 hours after notice of the request to authorize the 
     issuance of the subpoena is provided to each member of the 
     select committee, absent unanimous consent.
       (B) Issuance.--A subpoena authorized by the select 
     committee--
       (i) may be issued under the signature of the chairperson, 
     the vice chairperson, or any member of the select committee 
     designated by the chairperson; and
       (ii) may be served by any person designated by the 
     chairperson, the vice chairperson, or other member signing 
     the subpoena.
       (g) Obtaining Information.--
       (1) In general.--The select committee shall obtain from the 
     President and the heads of departments and agencies the 
     information relevant to cybersecurity risks and threats 
     required to ensure that the members of the select committee 
     have complete and current information relating to 
     cybersecurity activities and threats, which may include 
     obtaining written reports reviewing--

[[Page S454]]

       (A) the activities carried out by the department or agency 
     concerned to prevent, protect against, or respond to 
     cybersecurity threats;
       (B) the cybersecurity threats from within the United States 
     and from foreign countries that are directed at the United 
     States or its interests;
       (C) previously conducted or anticipated covert actions 
     relating to cybersecurity; and
       (D) any significant cybersecurity breaches that could--
       (i) affect the diplomatic, political, economic, or military 
     relations of the United States with other countries or 
     groups; or
       (ii) impose a major financial cost on the Federal 
     Government, citizens of the United States, corporations or 
     other businesses in the United States, or the commerce of the 
     United States.
       (2) Access of members to information.--Each member of the 
     select committee shall have equal and unimpeded access to 
     information collected or otherwise obtained by the select 
     committee.
       (3) Classified information.--
       (A) In general.--No employee of the select committee or any 
     person engaged by contract or otherwise to perform services 
     for or at the request of the select committee shall be given 
     access to any classified information by the select committee 
     unless the employee or person has--
       (i) agreed in writing and under oath to be bound by the 
     rules of the Senate (including the jurisdiction of the Select 
     Committee on Ethics) and of the select committee as to the 
     security of such information during and after the period of 
     the employment or contractual agreement with the select 
     committee; and
       (ii) received an appropriate security clearance, as 
     determined by the select committee, in consultation with the 
     Director of National Intelligence.
       (B) Type of clearance.--The type of security clearance to 
     be required in the case of any employee or person described 
     in subparagraph (A) shall, within the determination of the 
     select committee, in consultation with the Director of 
     National Intelligence, be commensurate with the sensitivity 
     of the classified information to which the employee or person 
     will be given access by the select committee.
       (4) Provision of information by departments and agencies.--
       (A) In general.--The head of each department and agency 
     shall keep the select committee fully and currently informed 
     with respect to cybersecurity activities and threats, 
     including activities to prevent, protect against, or respond 
     to cybersecurity threats and any significant anticipated 
     activities relating to cybersecurity which are the 
     responsibility of or engaged in by the department or agency.
       (B) Information and documents.--The head of any department 
     or agency involved in any cybersecurity activities shall 
     furnish any information or document in the possession, 
     custody, or control of the department or agency, or person 
     paid by the department or agency, whenever requested by the 
     select committee with respect to any matter within the 
     jurisdiction of the select committee.
       (C) Annual reports to select committee.--The Director of 
     National Intelligence, the Director of the Central 
     Intelligence Agency, the Secretary of Defense, the Secretary 
     of State, the Director of the Federal Bureau of 
     Investigation, and the Secretary of Commerce shall each 
     submit to the select committee an annual report on cyber 
     threats.
       (h) Personnel Provisions.--
       (1) In general.--In addition to other committee staff 
     selected by the select committee, the select committee shall 
     hire or appoint 1 employee for each member of the select 
     committee to serve as the designated representative of the 
     member on the select Committee. The select Committee shall 
     only hire or appoint an employee chosen by a member of the 
     select committee for whom the employee will serve as the 
     designated representative on the select committee.
       (2) Supplement to budget.--The select committee shall be 
     afforded a supplement to its budget, to be determined by the 
     Committee on Rules and Administration, to allow for the hire 
     of each employee who fills the position of designated 
     representative to the select committee. The designated 
     representative shall have office space and appropriate office 
     equipment in the select committee spaces. Designated personal 
     representatives shall have the same access to committee 
     staff, information, records, and databases as select 
     committee staff, as determined by the chairperson and vice 
     chairperson.
       (3) Requirements for designated employees.--Each designated 
     employee shall meet all the requirements of relevant 
     statutes, Senate rules, and committee security clearance 
     requirements for employment by the select committee.
       (4) Division of funds.--Of the amounts made available to 
     the select committee for personnel--
       (A) not more than 60 percent shall be under the control of 
     the chairperson; and
       (B) not less than 40 percent shall be under the control of 
     the vice chairperson.
       (i) Committee Rules.--
       (1) In general.--The select committee shall adopt rules 
     (not inconsistent with the rules of the Senate and in 
     accordance with rule XXVI of the Standing Rules of the 
     Senate) governing the procedure of the select committee, 
     which shall include addressing how often the select committee 
     shall meet, meeting times and location, type of 
     notifications, notices of hearings, duration of the select 
     committee, and records of the select committee after 
     committee activities are complete.
       (2) Unanimous vote required.--The select committee may only 
     adopt rules under paragraph (1) by a unanimous vote of the 
     voting members of the select committee.

                          ____________________