Part 3 (2/2)
SEC. 223. [6 U.S.C. 143] ENHANCEMENT OF NON-FEDERAL CYBERSECURITY.
In carrying out the responsibilities under section 201, the Under Secretary for Intelligence and a.n.a.lysis, in cooperation with the a.s.sistant Secretary for Infrastructure Protection shall-- (1) as appropriate, provide to State and local government ent.i.ties, and upon request to private ent.i.ties that own or operate critical information systems-- (A) a.n.a.lysis and warnings related to threats to, and vulnerabilities of, critical information systems; and (B) in coordination with the Under Secretary for Emergency Preparedness and Response, crisis management support in response to threats to, or attacks on, critical information systems; and (2) as appropriate, provide technical a.s.sistance, upon request, to the private sector and other government ent.i.ties, in coordination with the Under Secretary for Emergency Preparedness and Response, with respect to emergency recovery plans to respond to major failures of critical information systems.
SEC. 224. [6 U.S.C. 144] NET GUARD.
The a.s.sistant Secretary for Infrastructure Protection may establish a national technology guard, to be known as ''NET Guard'', comprised of local teams of volunteers with expertise in relevant areas of science and technology, to a.s.sist local communities to respond and recover from attacks on information systems and communications networks.
SEC. 225. [6 U.S.C. 145] CYBER SECURITY ENHANCEMENT ACT OF 2002.
(a) Short t.i.tle.--This section may be cited as the ''Cyber Security Enhancement Act of 2002''.
(b) Amendment of Sentencing Guidelines Relating to Certain Computer Crimes.-- (1) Directive to the united states sentencing commission.--Pursuant to its authority under section 994(p) of t.i.tle 28, United States Code, and in accordance with this subsection, the United States Sentencing Commission shall review and, if appropriate, amend its guidelines and its policy statements applicable to persons convicted of an offense under section 1030 of t.i.tle 18, United States Code.
(2) Requirements.--In carrying out this subsection, the Sentencing Commission shall-- (A) ensure that the sentencing guidelines and policy statements reflect the serious nature of the offenses described in paragraph (1), the growing incidence of such offenses, and the need for an effective deterrent and appropriate punishment to prevent such offenses; (B) consider the following factors and the extent to which the guidelines may or may not account for them-- (i) the potential and actual loss resulting from the offense; (ii) the level of sophistication and planning involved in the offense; (iii) whether the offense was committed for purposes of commercial advantage or private financial benefit; (iv) whether the defendant acted with malicious intent to cause harm in committing the offense; (v) the extent to which the offense violated the privacy rights of individuals harmed; (vi) whether the offense involved a computer used by the government in furtherance of national defense, national security, or the administration of justice; (vii) whether the violation was intended to or had the effect of significantly interfering with or disrupting a critical infrastructure; and (viii) whether the violation was intended to or had the effect of creating a threat to public health or safety, or injury to any person; (C) a.s.sure reasonable consistency with other relevant directives and with other sentencing guidelines; (D) account for any additional aggravating or mitigating circ.u.mstances that might justify exceptions to the generally applicable sentencing ranges; (E) make any necessary conforming changes to the sentencing guidelines; and (F) a.s.sure that the guidelines adequately meet the purposes of sentencing as set forth in section 3553(a)(2) of t.i.tle 18, United States Code.
(c) Study and Report on Computer Crimes.--Not later than May 1, 2003, the United States Sentencing Commission shall submit a brief report to Congress that explains any actions taken by the Sentencing Commission in response to this section and includes any recommendations the Commission may have regarding statutory penalties for offenses under section 1030 of t.i.tle 18, United States Code.
(d) Emergency Disclosure Exception.-- (1) * * *
(2) Reporting of disclosures.--A government ent.i.ty that receives a disclosure under section 2702(b) of t.i.tle 18, United States Code, shall file, not later than 90 days after such disclosure, a report to the Attorney General stating the paragraph of that section under which the disclosure was made, the date of the disclosure, the ent.i.ty to which the disclosure was made, the number of customers or subscribers to whom the information disclosed pertained, and the number of communications, if any, that were disclosed. The Attorney General shall publish all such reports into a single report to be submitted to Congress 1 year after the date of enactment of this Act.
Subt.i.tle D--Office of Science and Technology
SEC. 231. [6 U.S.C. 161] ESTABLISHMENT OF OFFICE; DIRECTOR.
(a) Establishment.-- (1) In general.--There is hereby established within the Department of Justice an Office of Science and Technology (hereinafter in this t.i.tle referred to as the ''Office'').
(2) Authority.--The Office shall be under the general authority of the a.s.sistant Attorney General, Office of Justice Programs, and shall be established within the National Inst.i.tute of Justice.
(b) Director.--The Office shall be headed by a Director, who shall be an individual appointed based on approval by the Office of Personnel Management of the executive qualifications of the individual.
SEC. 232. [6 U.S.C. 162] MISSION OF OFFICE; DUTIES.
(a) Mission.--The mission of the Office shall be-- (1) to serve as the national focal point for work on law enforcement technology; and (2) to carry out programs that, through the provision of equipment, training, and technical a.s.sistance, improve the safety and effectiveness of law enforcement technology and improve access to such technology by Federal, State, and local law enforcement agencies.
(b) Duties.--In carrying out its mission, the Office shall have the following duties: (1) To provide recommendations and advice to the Attorney General.
(2) To establish and maintain advisory groups (which shall be exempt from the provisions of the Federal Advisory Committee Act (5 U.S.C. App.)) to a.s.sess the law enforcement technology needs of Federal, State, and local law enforcement agencies.
(3) To establish and maintain performance standards in accordance with the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113) for, and test and evaluate law enforcement technologies that may be used by, Federal, State, and local law enforcement agencies.
(4) To establish and maintain a program to certify, validate, and mark or otherwise recognize law enforcement technology products that conform to standards established and maintained by the Office in accordance with the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113). The program may, at the discretion of the Office, allow for supplier's declaration of conformity with such standards.
(5) To work with other ent.i.ties within the Department of Justice, other Federal agencies, and the executive office of the President to establish a coordinated Federal approach on issues related to law enforcement technology.
(6) To carry out research, development, testing, evaluation, and cost-benefit a.n.a.lyses in fields that would improve the safety, effectiveness, and efficiency of law enforcement technologies used by Federal, State, and local law enforcement agencies, including, but not limited to-- (A) weapons capable of preventing use by unauthorized persons, including personalized guns; (B) protective apparel; (C) bullet-resistant and explosion- resistant gla.s.s; (D) monitoring systems and alarm systems capable of providing precise location information; (E) wire and wireless interoperable communication technologies; (F) tools and techniques that facilitate investigative and forensic work, including computer forensics; (G) equipment for particular use in counterterrorism, including devices and technologies to disable terrorist devices; (H) guides to a.s.sist State and local law enforcement agencies; (I) DNA identification technologies; and (J) tools and techniques that facilitate investigations of computer crime.
(7) To administer a program of research, development, testing, and demonstration to improve the interoperability of voice and data public safety communications.
(8) To serve on the Technical Support Working Group of the Department of Defense, and on other relevant interagency panels, as requested.
(9) To develop, and disseminate to State and local law enforcement agencies, technical a.s.sistance and training materials for law enforcement personnel, including prosecutors.
(10) To operate the regional National Law Enforcement and Corrections Technology Centers and, to the extent necessary, establish additional centers through a compet.i.tive process.
(11) To administer a program of acquisition, research, development, and dissemination of advanced investigative a.n.a.lysis and forensic tools to a.s.sist State and local law enforcement agencies in combating cybercrime.
(12) To support research fellows.h.i.+ps in support of its mission.
(13) To serve as a clearinghouse for information on law enforcement technologies.
(14) To represent the United States and State and local law enforcement agencies, as requested, in international activities concerning law enforcement technology.
(15) To enter into contracts and cooperative agreements and provide grants, which may require in- kind or cash matches from the recipient, as necessary to carry out its mission.
(16) To carry out other duties a.s.signed by the Attorney General to accomplish the mission of the Office.
(c) Compet.i.tion Required.--Except as otherwise expressly provided by law, all research and development carried out by or through the Office shall be carried out on a compet.i.tive basis.
<script>