Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act or the RANSOMWARE Act
This bill requires the Federal Trade Commission to report on cross-border complaints received that involve ransomware or other cyber-related attacks committed by certain foreign individuals, companies, and governments. The report must focus specifically on attacks committed by (1) Russia, China, North Korea, or Iran; or (2) individuals or companies that are located in or have ties to those countries.
[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 4551 Introduced in House (IH)]
<DOC>
117th CONGRESS
1st Session
H. R. 4551
To amend the U.S. SAFE WEB Act of 2006 to provide for reporting with
respect to cross-border complaints involving ransomware or other cyber-
related attacks, and for other purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
July 20, 2021
Mr. Bilirakis introduced the following bill; which was referred to the
Committee on Energy and Commerce
_______________________________________________________________________
A BILL
To amend the U.S. SAFE WEB Act of 2006 to provide for reporting with
respect to cross-border complaints involving ransomware or other cyber-
related attacks, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Reporting Attacks from Nations
Selected for Oversight and Monitoring Web Attacks and Ransomware from
Enemies Act'' or the ``RANSOMWARE Act''.
SEC. 2. RANSOMWARE AND OTHER CYBER-RELATED ATTACKS.
Section 14 of the U.S. SAFE WEB Act of 2006 (Public Law 109-455;
120 Stat. 3382) is amended--
(1) in the matter preceding paragraph (1)--
(A) by striking ``Not later than 3 years after the
date of enactment of this Act,'' and inserting ``Not
later than 1 year after the date of enactment of the
Reporting Attacks from Nations Selected for Oversight
and Monitoring Web Attacks and Ransomware from Enemies
Act, and every 2 years thereafter,''; and
(B) by inserting ``, with respect to the 2-year
period preceding the date of the report (or, in the
case of the first report transmitted under this section
after the date of the enactment of the Reporting
Attacks from Nations Selected for Oversight and
Monitoring Web Attacks and Ransomware from Enemies Act,
the 1-year period preceding the date of the report)''
after ``include'';
(2) in paragraph (8), by striking ``; and'' and inserting a
semicolon;
(3) in paragraph (9), by striking the period at the end and
inserting ``; and''; and
(4) by adding at the end the following:
``(10) the number and details of cross-border complaints
received by the Commission that involve ransomware or other
cyber-related attacks--
``(A) that were committed by individuals located in
foreign countries or with ties to foreign countries;
and
``(B) that were committed by companies located in
foreign countries or with ties to foreign countries.''.
SEC. 3. REPORT ON RANSOMWARE AND OTHER CYBER-RELATED ATTACKS BY CERTAIN
FOREIGN INDIVIDUALS, COMPANIES, AND GOVERNMENTS.
(a) In General.--Not later than 1 year after the date of the
enactment of this Act, and every 2 years thereafter, the Federal Trade
Commission shall transmit to the Committee on Energy and Commerce of
the House of Representatives and the Committee on Commerce, Science,
and Transportation of the Senate a report describing its use of and
experience with the authority granted by the U.S. SAFE WEB Act of 2006
(Public Law 109-455) and the amendments made by such Act. The report
shall include the following:
(1) The number and details of cross-border complaints
received by the Commission (including which such complaints
were acted upon and which such complaints were not acted upon)
that relate to incidents that were committed by individuals,
companies, or governments described in subsection (b), broken
down by each type of individual, type of company, or government
described in a paragraph of such subsection.
(2) The number and details of cross-border complaints
received by the Commission (including which such complaints
were acted upon and which such complaints were not acted upon)
that involve ransomware or other cyber-related attacks that
were committed by individuals, companies, or governments
described in subsection (b), broken down by each type of
individual, type of company, or government described in a
paragraph of such subsection.
(3) A description of trends in the number of cross-border
complaints received by the Commission that relate to incidents
that were committed by individuals, companies, or governments
described in subsection (b), broken down by each type of
individual, type of company, or government described in a
paragraph of such subsection.
(4) Identification and details of foreign agencies
(including foreign law enforcement agencies (as defined in
section 4 of the Federal Trade Commission Act (15 U.S.C. 44)))
located in Russia, China, North Korea, or Iran with which the
Commission has cooperated and the results of such cooperation,
including any foreign agency enforcement action or lack
thereof.
(5) A description of Commission litigation, in relation to
cross-border complaints described in paragraphs (1) and (2),
brought in foreign courts and the results of such litigation.
(6) Any recommendations for legislation that may advance
the mission of the Commission in carrying out the U.S. SAFE WEB
Act of 2006 and the amendments made by such Act.
(7) Any recommendations for legislation that may advance
the security of the United States and United States companies
against ransomware and other cyber-related attacks.
(8) Any recommendations for United States citizens and
United States businesses to implement best practices on
mitigating ransomware and other cyber-related attacks.
(b) Individuals, Companies, and Governments Described.--The
individuals, companies, and governments described in this subsection
are the following:
(1) An individual located within Russia or with direct or
indirect ties to the Government of the Russian Federation.
(2) A company located within Russia or with direct or
indirect ties to the Government of the Russian Federation.
(3) The Government of the Russian Federation.
(4) An individual located within China or with direct or
indirect ties to the Government of the People's Republic of
China.
(5) A company located within China or with direct or
indirect ties to the Government of the People's Republic of
China.
(6) The Government of the People's Republic of China.
(7) An individual located within North Korea or with direct
or indirect ties to the Government of the Democratic People's
Republic of Korea.
(8) A company located within North Korea or with direct or
indirect ties to the Government of the Democratic People's
Republic of Korea.
(9) The Government of the Democratic People's Republic of
Korea.
(10) An individual located within Iran or with direct or
indirect ties to the Government of the Islamic Republic of
Iran.
(11) A company located within Iran or with direct or
indirect ties to the Government of the Islamic Republic of
Iran.
(12) The Government of the Islamic Republic of Iran.
<all>
Introduced in House
Introduced in House
Referred to the House Committee on Energy and Commerce.
Referred to the Subcommittee on Consumer Protection and Commerce.
Subcommittee Consideration and Mark-up Session Held.
Forwarded by Subcommittee to Full Committee by the Yeas and Nays: 22 - 0 .
Committee Consideration and Mark-up Session Held.
Ordered to be Reported by the Yeas and Nays: 53 - 0.
Reported by the Committee on Energy and Commerce. H. Rept. 117-439.
Reported by the Committee on Energy and Commerce. H. Rept. 117-439.
Placed on the Union Calendar, Calendar No. 343.
Mr. Pallone moved to suspend the rules and pass the bill.
Considered under suspension of the rules. (consideration: CR H7115-7116)
Llama 3.2 · runs locally in your browser
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line
DEBATE - The House proceeded with forty minutes of debate on H.R. 4551.
At the conclusion of debate, the Yeas and Nays were demanded and ordered. Pursuant to the provisions of clause 8, rule XX, the Chair announced that further proceedings on the motion would be postponed.
Pursuant to the provisions of H. Res. 1254, proceedings on H.R. 4551 are considered vacated.
Passed/agreed to in House: Pursuant to section 5 of H. Res. 1254, and the motion offered by Mr. Kildee, the following bills passed under suspension of the rules: H.R. 623, as amended; H.R. 3952, as amended; H.R. 3962, as amended; H.R. 4551; H.R. 5313, as amended; H.R. 6933; H.R. 7132, as amended; H.R. 7361; H.R. 7569; H.R. 7624, as amended; H.R. 7733, as amended; and H.R. 7981, as amended.(consideration: CR H7197-7211, H7219-7220, H7223-7237; text: 07/26/2022 CR H7115)
Pursuant to section 5 of H. Res. 1254, and the motion offered by Mr. Kildee, the following bills passed under suspension of the rules: H.R. 623, as amended; H.R. 3952, as amended; H.R. 3962, as amended; H.R. 4551; H.R. 5313, as amended; H.R. 6933; H.R. 7132, as amended; H.R. 7361; H.R. 7569; H.R. 7624, as amended; H.R. 7733, as amended; and H.R. 7981, as amended. (consideration: CR H7197-7211, H7219-7220, H7223-7237; text: 07/26/2022 CR H7115)
Received in the Senate and Read twice and referred to the Committee on Commerce, Science, and Transportation.