Protecting Critical Infrastructure Act

This bill raises punishments for hacking or other computer crimes that target “critical infrastructure” (as defined in federal law). If a crime involves these essential systems, courts could issue heavy fines and prison time of at least 30 years, up to life. It also requires the U.S. to punish people or companies outside the country who knowingly try to access these systems to harm national security or the safety of Americans, including freezing their assets in the U.S. and blocking or revoking their visas .

Key points

• Who is affected: Anyone who commits computer crimes involving critical infrastructure; and foreign individuals or entities that try to access these systems to cause harm. “Foreign person” includes any person that is not a U.S. person, and “person” can mean an individual or an entity.
• What changes: Courts can impose fines and 30 years to life in prison for these offenses. The President must freeze assets tied to offending foreign persons and make them inadmissible to the U.S.; any current visas must be canceled right away. Breaking the asset-freeze rules can bring federal penalties. There’s a narrow exception to meet U.N. Headquarters obligations, and the President may grant short waivers (up to 180 days) if needed for national security .
• When: Within 90 days of becoming law, the President must issue rules to carry this out. Visa cancellations take effect immediately .