2018 US Code
Title 10 - Armed Forces
Subtitle A - General Military Law
Part I - Organization and General Military Powers
Chapter 21 - Department of Defense Intelligence Matters
Subchapter I - General Matters
Sec. 428 - Defense industrial security
| 10 U.S.C. § 428 (2018) |
| §428. Defense industrial security |
|
(a) Responsibility for Defense Industrial Security.—The Secretary of Defense shall be responsible for the protection of classified information disclosed to contractors of the Department of Defense. (b) Consistency With Executive Orders and Directives.—The Secretary shall carry out the responsibility assigned under subsection (a) in a manner consistent with Executive Order 12829 (or any successor order to such executive order) and consistent with policies relating to the National Industrial Security Program (or any successor to such program). (c) Performance of Industrial Security Functions for Other Agencies.—The Secretary may perform industrial security functions for other agencies of the Federal government upon request or upon designation of the Department of Defense as executive agent for the National Industrial Security Program (or any successor to such program). (d) Regulations and Policy Guidance.—The Secretary shall prescribe, and from time to time revise, such regulations and policy guidance as are necessary to ensure the protection of classified information disclosed to contractors of the Department of Defense. (e) Dedication of Resources.—The Secretary shall ensure that sufficient resources are provided to staff, train, and support such personnel as are necessary to fully protect classified information disclosed to contractors of the Department of Defense. |
|
(Added Pub. L. 110–417, [div. A], title VIII, §845(a)(1), Oct. 14, 2008, 122 Stat. 4541, §438; renumbered §428, Pub. L. 111–84, div. A, title X, §1073(a)(4), Oct. 28, 2009, 123 Stat. 2472; Pub. L. 111–383, div. A, title X, §1075(b)(11), Jan. 7, 2011, 124 Stat. 4369; Pub. L. 115–91, div. A, title X, §1051(a)(3), Dec. 12, 2017, 131 Stat. 1560.) |
|
REFERENCES IN TEXT
Executive Order 12829, referred to in subsec. (b), is set out as a note under section 3161 of Title 50, War and National Defense. AMENDMENTS2017—Subsec. (f). Pub. L. 115–91 struck out subsec. (f) which related to biennial reports on expenditures and activities of the Department of Defense in carrying out the requirements of this section. 2011—Subsec. (f). Pub. L. 111–383 struck out ", United States Code," after "title 31". 2009—Pub. L. 111–84 renumbered section 438 of this title as this section. PILOT PROGRAM FOR DEPARTMENT OF DEFENSE CONTROLLED UNCLASSIFIED INFORMATION IN THE HANDS OF INDUSTRYPub. L. 115–232, div. A, title X, §1048, Aug. 13, 2018, 132 Stat. 1961, provided that: "(a) In General.—The Secretary of Defense— "(1) shall establish and implement a pilot program for oversight of designated Department of Defense controlled unclassified information in the hands of defense contractors with foreign ownership, control, or influence concerns; and "(2) may designate an entity within the Department to be responsible for the pilot program under paragraph (1). "(b) Program Requirements.—The pilot program under subsection (a) shall have the following elements: "(1) The use of a capability to rapidly identify companies subject to foreign ownership, control, or influence that are processing designated controlled unclassified information, including unclassified controlled technical information. "(2) The use, in consultation with the Chief of Information Officer of the Department, of a capability or means for assessing industry compliance with Department cybersecurity standards. "(3) A means of demonstrating whether and under what conditions the risk to national security posed by access to Department controlled unclassified information, including unclassified controlled technical information, by a company under foreign ownership, control, or influence company can be mitigated and how such mitigation could be enforced. "(c) Briefing Required.—By not later than 30 days after the completion of the pilot program under this section, but in no case later than December 1, 2019, the Secretary shall provide to the congressional defense committees [Committees on Armed Services and Appropriations of the Senate and the House of Representatives] a briefing on the results of the pilot program and any decisions about whether to implement the pilot program on a Department-wide basis." REQUIREMENT FOR ENTITIES WITH FACILITY CLEARANCES THAT ARE NOT UNDER FOREIGN OWNERSHIP CONTROL OR INFLUENCE MITIGATIONPub. L. 111–383, div. A, title VIII, §845, Jan. 7, 2011, 124 Stat. 4285, provided that: "(a) Requirement.—The Secretary of Defense shall develop a plan to ensure that covered entities employ and maintain policies and procedures that meet requirements under the national industrial security program. In developing the plan, the Secretary shall consider whether or not covered entities, or any category of covered entities, should be required to establish government security committees similar to those required for companies that are subject to foreign ownership control or influence mitigation measures. "(b) Covered Entity.—A covered entity under this section is an entity— "(1) to which the Department of Defense has granted a facility clearance; and "(2) that is not subject to foreign ownership control or influence mitigation measures. "(c) Guidance.—The Secretary of Defense shall issue guidance, including appropriate compliance mechanisms, to implement the requirement in subsection (a). To the extent determined appropriate by the Secretary, the guidance shall require covered entities, or any category of covered entities, to establish government security committees similar to those required for companies that are subject to foreign ownership control or influence mitigation measures. "(d) Report.—Not later than 270 days after the date of the enactment of this Act [Jan. 7, 2011], the Secretary shall submit to the Committees on Armed Services of the Senate and the House of Representatives a report on the plan developed pursuant to subsection (a) and the guidance issued pursuant to subsection (c). The report shall specifically address the rationale for the Secretary's decision on whether or not to require covered entities, or any category of covered entities, to establish government security committees similar to those required for companies that are subject to foreign ownership control or influence mitigation measures." SUBMISSION OF FIRST BIENNIAL REPORTPub. L. 110–417, [div. A], title VIII, §845(b), Oct. 14, 2008, 122 Stat. 4542, required the first biennial report under former subsec. (f) of this section to be submitted no later than Sept. 1, 2009. |
| United States Code, 2018 Edition, Title 10 - ARMED FORCES |
| Bills and Statutes |
| United States Code |
| Y 1.2/5: |
| Title 10 - ARMED FORCES Subtitle A - General Military Law PART I - ORGANIZATION AND GENERAL MILITARY POWERS CHAPTER 21 - DEPARTMENT OF DEFENSE INTELLIGENCE MATTERS SUBCHAPTER I - GENERAL MATTERS Sec. 428 - Defense industrial security |
| section 428 |
| 2018 |
| January 14, 2019 |
| Yes |
| standard |
| Executive Order 12829 |
| 122 Stat. 4541, 4542 123 Stat. 2472 124 Stat. 4369, 4285 131 Stat. 1560 132 Stat. 1961 |
| Public Law 110-417, Public Law 111-84, Public Law 111-383, Public Law 115-91, Public Law 115-232 |
