A bipartisan group of five lawmakers has introduced a bill that seeks to add accountability and transparency in the federal government’s vulnerabilities equities process.
Sens. Brian Schatz’s (D-Hawaii) office said Wednesday the Protecting our Ability To Counter Hacking Act aims would update the current process for agencies to determine if they should disclose or withhold vulnerabilities in technology products, applications, services and systems.
Schatz crafted the bill with fellow Sens. Ron Johnson (R-Wisconsin) and Cory Gardner (R-Colorado) as well as Reps. Ted Lieu (D-California) and Blake Farenthold (R-Texas).
“The PATCH Act requires the government to swiftly balance the need to disclose vulnerabilities with other national security interests while increasing transparency and accountability to maintain public trust in the process,” said Johnson, chairman of the Senate Homeland Security and Governmental Affairs Committee.
The bill would establish a Department of Homeland Security-led interagency review board to develop a consistent policy on how the government should assess vulnerabilities for disclosure and retention.
The Coalition for Cybersecurity Policy and Law and companies such as McAfee and Mozilla support the bill.
Lawmakers proposed the PATCH Act in the wake of a global ransomware attack that compromised at least 200,000 computers.