Last progress June 11, 2025 (5 months ago)
Introduced on June 11, 2025 by Elissa Slotkin
Read twice and referred to the Committee on Banking, Housing, and Urban Affairs.
This bill creates a new office inside the Department of Commerce to guard U.S. tech systems from foreign risks. The office will review certain tech-related deals and supply chains and can demand information, investigate, set cybersecurity conditions, force risky parts or software to be removed, or block a deal if the risk can’t be fixed . Existing rules that protect the tech supply chain stay in place, and the office can update or add new rules as needed . The Director of National Intelligence must provide regular risk reports to help target the highest‑risk companies, countries, and transactions . A technical advisory committee with industry and academic experts will also advise the office .
If a company breaks the rules, it can face steep fines, lose approvals, be barred from certain deals, and in serious cases face criminal penalties, including fines up to $1 million and up to 20 years in prison . The Commerce Department and the Justice Department can subpoena records, go to court to enforce orders, and take other actions to protect U.S. networks and data; sensitive information submitted to the government will be kept confidential as required by law .
| Key point | What it means |
|---|---|
| Who is affected | Tech and telecom companies, suppliers, and others involved in information and communications technology and services; the public benefits from safer networks . |
| What changes | A new office reviews risky tech deals, can set conditions, require removing risky components, or block deals; strong investigation and enforcement tools; penalties for violations . |
| When | Existing rules continue now; the DNI must deliver initial risk assessments within 180 days; the advisory committee must be set up within 180 days . |