HR 7856 Reported in House – FY 2021 Intel Authorization

The House Permanent Select Committee on Intelligence recently published their Report on HR 7856, the Intelligence Authorization Act for Fiscal Year 2021. The reported version of the bill contains no significant changes to the cybersecurity provisions that were included in the introduced version and no new cybersecurity provisions. The Report only includes two discussions of cybersecurity issues.

Cybersecurity and the ABMS

The first cybersecurity discussion is found on pages 17 thru 18 under the heading “Advanced Battle Management Family of Systems”. The Committee insists that given “the sensitive nature of the intelligence information that will act as the backbone of ABMS, it is vital that ABMS use only the most secure tools and technology. To this end the Committee directs the Air Force to work with the National Security Agency to establish “minimum security standards, and build these recommendations into the requirements for ABMS” and to then vet those “technologies to ensure that they meet such standards”.

Cybersecurity and UAS

The other discussion of cybersecurity issues in this report is found on pages 26 thru 27 under the heading “Countering the Malicious Use of Unmanned Aircraft Systems (UAS) in the United States”. The Committee notes that both DHS and the FBI report that UAS can be used maliciously in a number of ways, “including kinetic attacks with payloads of firearms, explosives, or weapons of mass destruction and cyber-attacks against wireless devices or networks [emphasis added]. The Committee directs the Director of National Intelligence to prepare an assessment of the potential UAS threat and a report on potential congressional actions necessary to counteract that threat. The Committee is specifically asking the DNI to:

“Propose what the Federal Government would need—with respect to authorities, regulations, policies, protections for civil liberties and privacy, and resources—to carry out feasibility studies and pilot programs enabling U.S. airports, state and local law enforcement, and critical infrastructure owners [emphasis added] to counter the malicious use of UAS.”

Moving Forward

This is typically considered to be one of those ‘must pass bill’ that is generally produced in a bipartisan manner in Committee and then taken up by the Whole House in a fairly collegial manner. That has not been the case this year.  The ‘Minority Views’ section of the Report (starting on page 151) lays out the Republican objections to this bill in quite some vociferous detail. This bill is likely to move to the floor of the House where it will pass on nearly party lines.

The Senate has not taken up their version of the bill (S 3905). If HR 7856 is passed in the House early enough, the Senate could take it up and substitute the language from S 3905. That language has some minor Democratic opposition {see Sen Widen’s (D,OR) short comment section on pages 18 and 19 of that Committee Report}, but probably not enough to stop the bill from being considered. There would be significant differences to be worked out in a Conference Committee, so many differences that they would probably not be able to be worked out before the 116^th Congress closes next month.

I suspect that there are, however, on-going backroom negotiations that could allow for a Division in an FY 2021 spending bill to address necessary intelligence authorization issues. It is an open question on what cybersecurity provisions could make its way into such a division.