- Record: Senate Floor
- Section type: Amendments
- Chamber: Senate
- Date: June 24, 2026
- Congress: 119th Congress
- Why this source matters: This section came from the Senate floor portion of the record.
SA 6059. Mr. SCOTT of South Carolina (for himself and Mr. Hagerty) submitted an amendment intended to be proposed by him to the bill S. 4784, to authorize appropriations for fiscal year 2027 for military activities of the Department of Defense, for military construction, and for defense activities of the Department of Energy, to prescribe military personnel strengths for such fiscal year, and for other purposes; which was ordered to lie on the table; as follows:
At the end of division A, add the following:
TITLE XVII—INFORMATION AND COMMUNICATIONS TECHNOLOGY AND SERVICES
SUPPLY CHAINS
SEC. 1701. ASSISTANT SECRETARY OF COMMERCE FOR INFORMATION
AND COMMUNICATIONS TECHNOLOGY SUPPLY CHAINS.
Part III of the Export Control Reform Act of 2018 (50
U.S.C. 4851 et seq.) is amended—
(1) in the part heading, by striking “administrative
authorities” and inserting “organization of bureau of
industry and security”; and
(2) by adding at the end the following:
“SEC. 1783. ASSISTANT SECRETARY OF COMMERCE FOR INFORMATION
AND COMMUNICATIONS TECHNOLOGY SUPPLY CHAINS.
“(a) In General.—The President shall appoint, by and with
the advice and consent of the Senate, and in addition to the
Assistant Secretaries of Commerce appointed under section
1782, an Assistant Secretary of Commerce for Information and
Communications Technology Supply Chains (in this section
referred to as the `Assistant Secretary'), who shall report
to the Under Secretary of Commerce for Industry and Security.
“(b) Responsibilities.—The Assistant Secretary shall be
responsible for overseeing the Office of Information and
Communications Technology and Services established by section
1784.”.
SEC. 1702. OFFICE OF INFORMATION AND COMMUNICATIONS
TECHNOLOGY AND SERVICES.
Part III of the Export Control Reform Act of 2018, as
amended by section 1701, is further amended by adding at the
end the following:
“SEC. 1784. OFFICE OF INFORMATION AND COMMUNICATIONS
TECHNOLOGY AND SERVICES.
“(a) Establishment.—The Secretary shall establish an
Office of Information and Communications Technology and
Services (in this section referred to as the `Office') within
the Bureau of Industry and Security.
“(b) Organizational Structure.—The head of the Office
shall report directly to the Assistant Secretary of Commerce
for Information and Communications Technology Supply Chains.
“(c) Duties.—The Office shall—
“(1) administer part IV; and
“(2) carry out such other duties as the Secretary or the
Assistant Secretary of Commerce for Information and
Communications Technology Supply Chains may assign.
“(d) Availability of Information to Congress.—
“(1) In general.—Any information obtained at any time by
the Office in carrying out the duties of the Office under
subsection (c), including in administering part IV, shall be
made available to a committee or subcommittee of Congress of
appropriate jurisdiction, upon the request of the chairman or
ranking minority member of the committee or subcommittee.
“(2) Prohibition on further disclosure.—No committee or
subcommittee referred to in paragraph (1), or any member
thereof, may disclose any information made available under
paragraph (1) that is submitted on a confidential basis
unless the full committee determines that the withholding of
that information is contrary to the national interest.”.
SEC. 1703. SECURITY OF INFORMATION AND COMMUNICATIONS
TECHNOLOGY AND SERVICES SUPPLY CHAINS.
(a) In General.—The Export Control Reform Act of 2018, as
amended by sections 1701 and 1702, is further amended by
adding at the end the following:
“PART IV—SECURITY OF INFORMATION AND COMMUNICATIONS TECHNOLOGY AND
SERVICES SUPPLY CHAINS
“SEC. 1785. DEFINITIONS.
“In this part:
“(1) Appropriate congressional committees.—The term
`appropriate congressional committees' means the Committee on
Banking, Housing, and Urban Affairs of the Senate and the
Committee on Foreign Affairs of the House of Representatives.
“(2) Country of concern.—The term `country of concern'
means—
“(A) the People's Republic of China, including the Hong
Kong and Macau Special Administrative Regions;
“(B) the Republic of Cuba;
“(C) the Islamic Republic of Iran;
“(D) the Democratic People's Republic of Korea; and
“(E) the Russian Federation.
“(3) Covered icts transaction.—The term `covered ICTS
transaction' means any transaction described in section
1785A(b) or a class of such transactions.
“(4) Information and communications technology or
services; icts.—The terms `information and communications
technology or services' and `ICTS' mean any hardware,
software, connected software applications, or other product
or service primarily intended to fulfill or enable the
function of information or data processing, storage,
retrieval, or communication by electronic means, including
through transmission, storage, or display.
“(5) Open-source software.—The term `open -source
software' means software for which the human-readable source
code is available in its entirety for use, study, reuse,
modification, enhancement, and redistribution by the users of
the software.
“SEC. 1785A. PROHIBITION ON TRANSACTIONS THAT THREATEN
SECURITY OF INFORMATION AND COMMUNICATIONS
TECHNOLOGY AND SERVICES SUPPLY CHAINS.
“(a) In General.—Except as otherwise specifically
provided in this part, a transaction described in subsection
(b) is prohibited.
“(b) Transactions Described.—A transaction described in
this subsection is any acquisition, importation, transfer,
installation, dealing in, or use of any information and
communications technology or service by any person, or with
respect to any property, subject to the jurisdiction of the
United States, if the Secretary, in consultation with the
heads of the relevant Federal agencies, has determined that
the transaction—
“(1) involves information and communications technology or
services designed, developed, manufactured, or supplied by
persons owned by, controlled by, or subject to the
jurisdiction or direction of a country of concern; and
“(2)(A) poses an undue risk of sabotage to or subversion
of the design, integrity, manufacturing, production,
distribution, installation, operation, or maintenance of
information and communications technology or services in the
United States;
“(B) poses an undue risk of catastrophic effects on the
security or resiliency of United States critical
infrastructure or the digital economy of the United States;
or
“(C) otherwise poses an unacceptable risk to the national
security of the United States or the security and safety of
United States persons.
“(c) Exception for Information and Informational
Materials.—The prohibition under subsection (a) shall not
include a prohibition intended to prevent the importation
from any country, or the exportation to any country, whether
commercial or otherwise, of any expressive materials,
including—
“(1) publications, films, posters, photographs, artworks,
news wire feeds, digital streaming content, podcasts, social
media posts, blogs, online news articles, and other
electronically distributed media; and
“(2) items and transactions described in section 203(b) of
the International Emergency Economic Powers Act (50 U.S.C.
1702(b)).
“(d) Exception for Open-source Software.—The prohibition
under subsection (a) does not include a prohibition on
transactions specifically intended to provide the public with
access to open-source software.
“(e) Effect on Contracts and Permits.—The prohibition
under subsection (a) applies notwithstanding any contract
entered into or license or permit granted before the date of
the enactment of this part.
“SEC. 1785B. AUTHORIZATION TO PRESCRIBE REGULATIONS WITH
RESPECT TO COVERED ICTS TRANSACTIONS AND
PERSONS AND JURISDICTIONS OF CONCERN.
“If Secretary determines that, for certain classes of
covered ICTS transactions, the prohibition under subsection
(a) of section 1785A may not effectively address the undue or
unacceptable risks described in subsection (b)(2) of that
section, the Secretary may—
“(1) prescribe regulations that—
“(A) identify particular covered ICTS transactions or
persons or jurisdictions of concern that pose such a risk;
“(B) impose mitigation measures and prohibitions to
address the risk posed by such transactions, persons, or
jurisdictions;
“(C) establish criteria by which particular covered ICTS
transactions or particular classes of participants in the
covered ICTS transaction supply chain may be recognized as
categorically included in or as categorically excluded from
mitigation measures or prohibitions imposed under
subparagraph (B);
“(D) establish particular classes of covered ICTS
transactions or parties to such transactions that are
required to abide by such mitigation measures and
prohibitions; and
“(E) establish procedures to authorize or license
transactions otherwise prohibited pursuant to a regulation
prescribed under this section; and
“(2) prescribe such other regulations as the Secretary
determines to be necessary or appropriate to address the
undue or unacceptable risks described in section 1785A(b)(2).
“SEC. 1785C. ADMINISTRATION.
“(a) In General.—The head of the Office of Information
and Communications Technology and Services established under
section 1784 (in this section referred to as the `head of the
Office') shall administer this part.
“(b) Mitigation and Approval of Covered ICTS
Transactions.—The head of the Office, in consultation with
the heads of the relevant Federal agencies, may—
“(1) design, negotiate, and impose mitigation measures
with respect to a covered ICTS transaction; and
“(2) approve the transaction if those measures are
implemented.
“(c) Regulations.—The Secretary, acting through the head
of the Office, may prescribe regulations to carry out this
part.
“SEC. 1785D. JUDICIAL REVIEW.
“(a) Exclusive Jurisdiction.—A claim or petition
challenging this part or any final action or determination
under this part may be filed only in the United States Court
of Appeals for the District of Columbia Circuit.
Notwithstanding the preceding sentence, the United States
District Court for the District of Columbia Circuit shall
have the jurisdiction and power to order and require
compliance with any subpoena issued under this part.
“(b) In Camera and Ex Parte Review.—
“(1) In general.—The following information may be
included in the administrative record and shall be submitted
only to the court ex parte and in camera:
“(A) Sensitive security information, as defined in section
1520.5 of title 49, Code of Federal Regulations.
“(B) Records or information compiled for law enforcement
purposes, as described in section 552(b)(7) of title 5,
United States Code.
“(C) Classified information, as defined in section 1(a) of
the Classified Information Procedures Act (18 U.S.C. App.).
“(2) Treatment of information filed in camera and ex
parte.—Any information that is part of the administrative
record filed ex parte and in camera under paragraph (1), or
cited by the court in any decision, shall be treated by the
court consistent with the provisions of this section. In no
event shall such information be released to the claimant or
petitioner or as part of the public record, or shall the
petitioner be permitted to review information submitted to
the court ex parte and in camera.
“(c) Exclusive Remedy.—A determination by the court under
this section shall be the exclusive judicial remedy for any
claim or petition for review challenging this part or any
final action or determination under this part against the
United States, any agency, or any component or official of
any such agency.
“(d) Rule of Construction.—Nothing in this section may be
construed as limiting, superseding, or preventing the
invocation of any privileges or defenses that are otherwise
available at law or in equity to protect against the
disclosure of information.
“(e) Statute of Limitations.—A challenge to any final
action or determination under this part may only be brought
not later than 180 days after the date of such an action or
determination.
“SEC. 1785E. PENALTIES.
“(a) Unlawful Acts.—It shall be unlawful for a person to
violate, attempt to violate, conspire to violate, or cause a
violation of any regulation, order, direction, prohibition,
or other authorization or directive issued under this part.
“(b) Criminal Penalties.—A person who willfully commits,
willfully attempts to commit, or willfully conspires to
commit, or aids and abets in the commission of an unlawful
act described in subsection (a)—
“(1) shall be fined not more than $1,000,000; and
“(2) in the case of the individual, shall be imprisoned
for not more than 20 years, or both.
“(c) Civil Penalties.—
“(1) In general.—The Secretary may impose the following
civil penalties on a person for each violation by that person
of this part or any regulation, order, or license issued
under this part:
“(A) A fine that is the greater of $1,500,000 or an amount
that is 5 times the value of the transaction that is the
basis of the violation with respect to which the penalty is
imposed.
“(B) Revocation of any mitigation measure or authorization
issued under this part to the person.
“(C) A prohibition or other restriction on the ability of
the person to engage in any covered ICTS transaction.
“(2) Inflation.—The fine under paragraph (1)(A) is
subject to adjustment pursuant to the Federal Civil Penalties
Inflation Adjustment Act of 1990 (Public Law 101-410; 28
U.S.C. 2461 note).
“(3) Standards for levels of civil penalty.—The Secretary
may by regulation provide standards for establishing levels
of civil penalty under paragraph (1) based upon factors that
include—
“(A) the seriousness of the violation to the national
security of the United States;
“(B) the intent or actions of the violator, including any
pattern of reckless behavior; and
“(C) any mitigating factors, such as a record of
cooperation of the violator with the Federal Government in
disclosing the violation.
“SEC. 1785F. RELATIONSHIP TO OTHER LAWS.
“(a) Rule of Construction Relating to Other Law.—Nothing
in this part shall be construed to alter or affect any other
authority, process, regulation, investigation, enforcement
measure, or review provided by or established under any other
provision of Federal law.
“(b) Administrative Procedure Exceptions.—Except with
respect to a civil penalty imposed pursuant to section
1785E(c), any function exercised under this part is not
subject to sections 551, 553 through 559, and 701 through 706
of title 5, United States Code.
“(c) Paperwork Reduction Act Exception.—The requirements
of chapter 35 of title 44, United States Code (commonly
referred to as the `Paperwork Reduction Act'), shall not
apply to any action to implement this part.
“(d) Defense Production Act of 1950.—
“(1) Rule of construction.—Nothing in this part shall
prevent or preclude the President or the Committee on Foreign
Investment in the United States from exercising any authority
under section 721 of the Defense Production Act of 1950 (50
U.S.C. 4565) that would be available in the absence of this
part.
“(2) Coordination of reviews.—The Secretary shall
terminate the review of a covered ICTS transaction under this
part if—
“(A) the transaction involves the acquisition of ICTS
items by a United States person as a party to a transaction
authorized under the Defense Production Act of 1950 (50
U.S.C. 4501 et seq.); or
“(B) the Committee on Foreign Investment in the United
States is conducting a review or investigation of the
transaction under section 721 of the Defense Production Act
of 1950 (50 U.S.C. 4565).
“(e) Executive Orders 13873 and 14034.—
“(1) Rule of construction.—Nothing in this part may be
construed as altering any of the authority of the Secretary
under Executive Order 13873 (50 U.S.C. 1701 note; relating to
securing the information and communications technology and
services supply chain) or Executive Order 14034 (50 U.S.C.
1701 note; relating to protecting Americans' sensitive data
from foreign adversaries).
“(2) Continuation in effect.—Any regulation the Secretary
prescribed under Executive Order 13873 (50 U.S.C. 1701 note;
relating to securing the information and communications
technology and services supply chain) or Executive Order
14034 (50 U.S.C. 1701 note; relating to protecting Americans'
sensitive data from foreign adversaries) before the date of
the enactment of this part shall continue in effect on and
after such date of enactment.
“SEC. 1785G. AUTHORIZATION OF OTHER ACTIONS.
“In carrying out the requirements of this part, the
Secretary may take any other actions that the Secretary
determines to be necessary or appropriate, including
prescribing new regulations, amending regulations, publishing
any notices in the Federal Register (including with respect
to mitigation measures and prohibitions imposed under section
1785B), issuing guidance, establishing procedures, revoking
or amending authorizations, and terminating or amending any
determination.
“SEC. 1785H. ANNUAL REPORTS.
“Not later than 180 days after the date of the enactment
of this part, and annually thereafter, the head of the Office
of Information and Communications Technology and Services
shall submit to the appropriate congressional committees a
report on actions taken to carry out this part during the
one-year period preceding submission of the report.
“SEC. 1785I. TERMINATION.
“The prohibition under section 1785A(a) and the
requirements of and authorities provided by this part
terminate on the date that is 5 years after the date of the
enactment of this part.”.
(b) Conforming Amendment.—Section 1742(13)(A) of the
Export Control Reform Act of 2018 (50 U.S.C. 4801(13)(A)) is
amended, in the matter preceding clause (i), by striking
“part I” and inserting “parts I and IV”.