Secure Federal File Sharing Act - Requires the Director of the Office of Management and Budget (OMB) to issue guidance to: (1) prohibit the download, installation, or use by government employees and contractors of open-network peer-to-peer file sharing software on all federal computers, computer systems, and networks, unless approved in accordance with procedures under this Act; and (2) address the download, installation, or use by government employees and contractors of such software on home or personal computers as it relates to telework and remotely accessing federal computers, computer systems, and networks.
Requires the Director to develop a procedure for receiving requests from heads or chief information officers of agencies for approval for use by government employees and contractors of specific open-network peer-to-peer file sharing software programs that are: (1) necessary for day-to-day business operations, for use in the course of a law enforcement investigation, or to perform official agency business; or (2) instrumental in completing a particular task or project that directly supports the agency's overall mission.
Requires the Director to direct agencies to: (1) establish or update personal use policies to be consistent with the guidance issued under this Act; (2) require contracts to require contractor compliance with that guidance; (3) update their information technology security or ethics training policies to ensure that all employees are aware of the requirements of that guidance and the consequences of engaging in prohibited conduct; and (4) ensure that proper security controls are in place to prevent, detect, and remove file sharing software that is prohibited.
Provides that nothing in this Act shall be construed to require the disclosure of any information relating to any confidential government operation or investigation.
[Congressional Bills 111th Congress]
[From the U.S. Government Publishing Office]
[S. 3484 Introduced in Senate (IS)]
111th CONGRESS
2d Session
S. 3484
To require the Director of the Office of Management and Budget to issue
guidance on the use of peer-to-peer file sharing software to prohibit
the personal use of such software by Government employees, and for
other purposes.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
June 14, 2010
Mrs. McCaskill (for herself and Mr. Bennett) introduced the following
bill; which was read twice and referred to the Committee on Homeland
Security and Governmental Affairs
_______________________________________________________________________
A BILL
To require the Director of the Office of Management and Budget to issue
guidance on the use of peer-to-peer file sharing software to prohibit
the personal use of such software by Government employees, and for
other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Secure Federal File Sharing Act''.
SEC. 2. REQUIREMENTS.
(a) Updated Guidance on Use of Certain Software Programs.--Not
later than 90 days after the date of the enactment of this Act, the
Director of the Office of Management and Budget, after consultation
with the Federal Chief Information Officers Council, shall issue
guidance on the use of peer-to-peer file sharing software--
(1) to prohibit the download, installation, or use by
Government employees and contractors of open-network peer-to-
peer file sharing software on all Federal computers, computer
systems, and networks, including those operated by contractors
of the Government, unless such software is approved in
accordance with procedures under subsection (b); and
(2) to address the download, installation, or use by
Government employees and contractors of such software on home
or personal computers as it relates to telework and remotely
accessing Federal computers, computer systems, and networks,
including those operated by contractors of the Government.
(b) Approval Process for Certain Software Programs.--Not later than
90 days after the date of the enactment of this Act, the Director of
the Office of Management and Budget shall develop a procedure by which
the Director, in consultation with the Chief Information Officer, may
receive requests from heads of agencies or chief information officers
of agencies for approval for use by Government employees and
contractors of specific open-network peer-to-peer file sharing software
programs that are--
(1) necessary for the day-to-day business operations of the
agency;
(2) instrumental in completing a particular task or project
that directly supports the agency's overall mission;
(3) necessary for use between, among, or within Federal,
State, or local government agencies in order to perform
official agency business; or
(4) necessary for use during the course of a law
enforcement investigation.
(c) Agency Responsibilities.--Not later than 180 days after the
date of enactment of this Act, the Director of the Office of Management
and Budget shall--
(1) direct agencies to establish or update personal use
policies of the agency to be consistent with the guidance
issued pursuant to subsection (a);
(2) direct agencies to require any contract awarded by the
agency to include a requirement that the contractor comply with
the guidance issued pursuant to subsection (a) in the
performance of the contract;
(3) direct agencies to update their information technology
security or ethics training policies to ensure that all
employees, including those working for contractors of the
Government, are aware of the requirements of the guidance
required by subsection (a) and the consequences of engaging in
prohibited conduct; and
(4) direct agencies to ensure that proper security controls
are in place to prevent, detect, and remove file sharing
software that is prohibited by the guidance issued pursuant to
subsection (a) from all Federal computers, computer systems,
and networks, including those operated by contractors of the
Government.
SEC. 3. ANNUAL REPORT.
(a) In General.--Not later than 1 year after the date of enactment
of this Act, and annually thereafter, the Director of the Office of
Management and Budget shall submit to the Committee on Oversight and
Government Reform of the House of Representatives and the Committee on
Homeland Security and Governmental Affairs of the Senate a report on
the implementation of this Act, including--
(1) a justification for each open-network peer-to-peer file
sharing software program that is approved under subsection (b);
and
(2) an inventory of the agencies where such programs are
being used.
(b) Rule of Construction.--Nothing in this section shall be
construed to require the disclosure of any information relating to any
confidential Government operation or investigation, including any law
enforcement, national security, or terrorism investigation.
SEC. 4. DEFINITIONS.
In this Act:
(1) Agency.--The term ``agency''--
(A) means any executive department, military
department, Government corporation, Government-
controlled corporation, or other establishment in the
executive branch of the Government (including the
Executive Office of the President), or any independent
regulatory agency, the governments of the District of
Columbia and of the territories and possessions of the
United States, and their various subdivisions; and
(B) includes Government-owned contractor-operated
facilities, including laboratories engaged in national
defense research and production activities.
(2) Open-network.--The term ``open-network'', with respect
to software, means a network in which--
(A) access is granted freely, without limitation or
restriction; or
(B) there are little or no security measures in
place.
(3) Peer-to-peer file sharing software.--The term ``peer-
to-peer file sharing software''--
(A) means a program, application, or software that
is commercially marketed or distributed to the public
and that enables--
(i) a file or files on the computer on
which such program is installed to be
designated as available for searching and
copying to one or more other computers;
(ii) the searching of files on the computer
on which such program is installed and the
copying of any such file to another computer--
(I) at the initiative of such other
computer and without requiring any
action by an owner or authorized user
of the computer on which such program
is installed; and
(II) without requiring an owner or
authorized user of the computer on
which such program is installed to have
selected or designated another computer
as the recipient of any such file; and
(iii) an owner or authorized user of the
computer on which such program is installed to
search files on one or more other computers
using the same or a compatible program,
application, or software, and copy such files
to such owner or user's computer; and
(B) does not include a program, application, or
software designed primarily--
(i) to operate as a server that is
accessible over the Internet using the Internet
Domain Name system;
(ii) to transmit or receive email messages,
instant messaging, real-time audio or video
communications, or real-time voice
communications; or
(iii) to provide network or computer
security (including the detection or prevention
of fraudulent activities), network management,
maintenance, diagnostics, or technical support
or repair.
(4) Contractor.--The term ``contractor'' means a prime
contractor or a subcontractor, as defined by the Federal
Acquisition Regulation.
<all>
Introduced in Senate
Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Llama 3.2 · runs locally in your browser
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line