A new bill introduced Wednesday would add transparency to a controversial oversight framework currently used by federal agencies known as the Vulnerabilities Equities Process.
The Protecting Our Ability to Counter Hacking Act, or PATCH Act, looks to codify the VEP into law and answer some of the tough questions that surround the current framework, including who sits on the multi-agency review board responsible for decisions and when public disclosure is appropriate.
Sens. Brian Schatz, D-Hawaii, Ron Johnson, R-Wis., and Cory Gardner, R-Colo., and Reps. Ted Lieu, D-Calif., and Blake Farenthold, R-Texas, sponsor the bill.
The PATCH Act also offers a brief decision-making criteria and broadly describes certain considerations that must be weighed by board members, including the Secretary of Commerce and the Directors of National Intelligence.
Find more about the new legislation in Chris Bing’s coverage on CyberScoop.