[Senate Report 115-151] [From the U.S. Government Publishing Office] Calendar No. 207 115th Congress } { Report SENATE 1st Session } { 115-151 ====================================================================== INTELLIGENCE AUTHORIZATION ACT FOR FISCAL YEAR 2018 _______ September 7, 2017.--Ordered to be printed _______ Mr. Burr, from the Select Committee on Intelligence, submitted the following R E P O R T together with ADDITIONAL AND MINORITY VIEWS [To accompany S. 1761] The Select Committee on Intelligence, having considered an original bill (S. 1761) to authorize appropriations for fiscal year 2018 for intelligence and intelligence-related activities of the United States Government, the Community Management Account, and the Central Intelligence Agency Retirement and Disability System, and for other purposes, reports favorably thereon and recommends that the bill do pass. Classified Annex to the Committee Report On June 12, 2017, acting pursuant to Section 364 of the Intelligence Authorization Act for Fiscal Year 2010 (Public Law 111-259), the Director of National Intelligence (DNI) publicly disclosed that the President's aggregate request for the National Intelligence Program for Fiscal Year 2018 is $57.7 billion. Other than for limited unclassified appropriations, primarily the Intelligence Community Management Account, the classified nature of United States intelligence activities precludes any further disclosure, including by the Committee, of the details of its budgetary recommendations. Accordingly, the Committee has prepared a classified annex to this report that contains a classified Schedule of Authorizations. The classified Schedule of Authorizations is incorporated by reference in the Intelligence Authorization Act (the ``Act'') and has the legal status of public law. The classified annex is made available to the Committees on Appropriations of the Senate and the House of Representatives and to the President. It is also available for review by any Member of the Senate subject to the provisions of Senate Resolution 400 of the 94th Congress (1976). Section-by-Section Analysis and Explanation The following is a section-by-section analysis and explanation of the Intelligence Authorization Act for Fiscal Year 2018 that is being reported by the Committee. TITLE I--INTELLIGENCE ACTIVITIES Section 101. Authorization of appropriations Section 101 lists the United States Government departments, agencies, and other elements for which the Act authorizes appropriations for intelligence and intelligence-related activities for Fiscal Year 2018. Section 102. Classified Schedule of Authorizations Section 102 provides that the details of the amounts authorized to be appropriated for intelligence and intelligence-related activities for Fiscal Year 2018 are contained in the classified Schedule of Authorizations and that the classified Schedule of Authorizations shall be made available to the Committees on Appropriations of the Senate and House of Representatives and to the President. Section 103. Personnel ceiling adjustments Section 103 provides that the DNI may authorize employment of civilian personnel in Fiscal Year 2018 in excess of the number of authorized positions by an amount not exceeding three percent of the total limit applicable to each Intelligence Community (IC) element under Section 102, and ten percent of the number of civilian personnel authorized under such schedule for the purposes of contractor conversions. The DNI may do so only if necessary to the performance of important intelligence functions. Section 104. Intelligence Community Management Account Section 104 authorizes appropriations in the amount of $550,200,000 for the Intelligence Community Management Account (ICMA) of the Office of the Director of National Intelligence (ODNI) for the elements within the ICMA for Fiscal Year 2018. TITLE II--CENTRAL INTELLIGENCE AGENCY RETIREMENT AND DISABILITY SYSTEM Section 201. Authorization of appropriations Section 201 authorizes appropriations in the amount of $514,000,000 for the Central Intelligence Agency Retirement and Disability Fund for Fiscal Year 2018. TITLE III--GENERAL INTELLIGENCE COMMUNITY MATTERS Section 301. Restriction on conduct of intelligence activities Section 301 provides that the authorization of appropriations by the Act shall not be deemed to constitute authority for the conduct of any intelligence activity that is not otherwise authorized by the Constitution or laws of the United States. Section 302. Increase in employee compensation and benefits authorized by law Section 302 provides that funds authorized to be appropriated by the Act for salary, pay, retirement, and other benefits for federal employees may be increased by such additional or supplemental amounts as may be necessary for increases in compensation or benefits authorized by law. Section 303. Modification of special pay authority for science, technology, engineering, or mathematics positions and addition of special pay authority for cyber positions Section 303 provides an increased yearly cap for Science, Technology, Engineering, or Mathematics (STEM) employee positions in the IC who perform critical cyber missions. Section 304. Director of National Intelligence review of placement of positions within the intelligence community on the Executive Schedule Section 304 requires the DNI to conduct a review of the positions within the IC that may be appropriate for inclusion on the Executive Schedule, and the appropriate levels for inclusion. Section 305. Modification of appointment of Chief Information Officer of the Intelligence Community Section 305 changes the position of IC Chief Information Officer from being subject to presidential appointment to being subject to appointment by the DNI. Section 306. Supply Chain and Counterintelligence Risk Management Task Force Section 306 requires the DNI to establish a task force to standardize information sharing between the IC and the United States Government acquisition community with respect to supply chain and counterintelligence risks. Section 306 further provides requirements for membership, security clearances, and annual reports. Section 307. Inspector General of the Intelligence Community auditing authority Section 307 permits the IC IG to hire contractor or expert auditors to meet audit requirements, similar to other Federal IGs. Section 307 responds to the Committee's concerns that the IC Inspector General (IC IG) is at risk of failing to meet its legislative requirements due to its inability to hire qualified auditors by granting the IC IG independent hiring practices identical to other IGs. Section 308. Inspectors General studies on classification Section 308 requires each designated IG to carry out and submit to the congressional intelligence committees a report on the application of classification and handling markings on a representative sample of finished products, to include compartments. Section 308 also directs an analysis of compliance with declassification procedures and a review of the process for identifying topics of public or historical importance that merit prioritization for declassification review. TITLE IV--MATTERS RELATING TO ELEMENTS OF THE INTELLIGENCE COMMUNITY Subtitle A--Office of the Director of National Intelligence Section 401. Authority for the protection of current and former employees of the Office of the Director of National Intelligence Section 401 amends Title 50, section 3506, to provide protection for current and former ODNI personnel and designated immediate family members, if there is a national security threat that warrants such protection. Section 402. Information sharing with State election officials Section 402 requires the DNI, within 30 days of enactment, to sponsor a security clearance for each eligible chief election official of a State, territory, or the District of Columbia (and up to one eligible designee), up to the top secret level. Section 402 also requires the DNI to share appropriate classified information-related threats to election systems and to the integrity of the election process with chief election officials and their designees who possess the aforementioned security clearances. Section 403. Technical modification to the Executive Schedule Section 403 amends Title 50, section 5313, to add the Director of the National Counterintelligence and Security Center. Section 404. Modification to the designation of the program manager- information sharing environment Section 404 changes the status of the Program Manager for the Information Sharing Environment from being subject to presidential appointment to being subject to appointment by the DNI. Subtitle B--Other Elements Section 411. Repeal of foreign language proficiency requirement for certain senior level positions in the Central Intelligence Agency Section 411 repeals Title 50, section 3036(g), with conforming amendments to section 611 of the Intelligence Authorization Act for Fiscal Year 2005 (Public Law 108-487). Subtitle C--Other Elements Section 421. Designation of the Counterintelligence Directorate of the Defense Security Service as an element of the intelligence community Section 421 adds the Defense Security Service's (DSS's) Counterintelligence (CI) Directorate to the IC elements in 50 U.S.C. 3003(4), and requires all IC requirements that apply to IC elements to apply to the DSS CI as of the date of enactment. TITLE V--SECURING ENERGY INFRASTRUCTURE Section 501. Short title Section 501 provides that this title may be cited as the ``Securing Energy Infrastructure Act of 2017.'' Section 502. Definitions Section 502 provides the relevant definitions as cited throughout this title. Section 503. Pilot program for securing energy infrastructure Section 503 requires the Director of Intelligence and Counterintelligence of the Department of Energy (hereinafter in this title, ``Director''), within 180 days of enactment, to establish a two-year control systems implementation pilot program within the National Labs. This pilot program will partner with covered entities in the energy sector to identify new security vulnerabilities, and for purposes of researching, developing, testing, and implementing technology platforms and standards in partnership with such entities. Section 504. Working group to evaluate program standards and develop strategy Section 504 requires the Director to establish a working group composed of identified private and public sector entities, to evaluate the technology platforms and standards for the pilot program specified in Section 503 and develop a national cyber-informed engineering strategy to isolate and defend covered entities from security vulnerabilities. Section 505. Reports on the program Section 505 requires the Director within 180 days after the date on which funds are first disbursed to submit to the congressional intelligence committees, the Committee on Energy and Natural Resources of the Senate, and the Committee on Energy and Commerce of the House of Representatives, an interim report that describes the pilot program's results, provides a feasibility analysis, and describes the working group's evaluations. Section 505 further requires the Director, within two years of funding, to submit to the aforementioned committees a progress report on the pilot program specified in Section 503, an analysis of the feasibility of the methods studied, and a description of the working group's evaluation results. Section 506. No new regulatory authority for Federal agencies Section 506 provides that nothing in this title permits the Director or the head of any other Federal agency to issue new regulations. Section 507. Exemption from disclosure Section 507 provides that information shared by or with the Federal Government or a State, tribal, or local government under this title shall be deemed to be voluntarily shared and exempt from disclosure under relevant laws requiring such disclosure. Section 508. Protection from liability Section 508 provides covered entities participating in the pilot program with protection from causes of action. Section 508 further provides that covered entities cannot be subject to causes of action for refraining from participation. Section 509. Authorization of appropriations Section 509 authorizes $10,000,000 to carry out the pilot program specified in Section 503, and $1,500,000 to carry out the working group and reporting provisions. TITLE VI--REPORTS AND OTHER MATTERS Section 601. Technical correction to Inspector General study Section 601 amends Title 50, section 11001(d), by replacing the IC IG's ``audit'' requirement for Inspectors General with employees having classified material access, with a ``review'' requirement. Section 602. Governance for security clearance, suitability and fitness for employment, and credentialing Section 602 establishes an interagency council comprised of representatives from the ODNI, Office of Management and Budget, Office of Personnel Management, Under Secretary of Defense for Intelligence, and National Background Investigation Bureau, to govern decisions and processes related to security clearances, suitability and fitness for employment, and credentialing. Section 602 further establishes the DNI as the government's Security Executive Agent and the Director of the Officer of Personnel Management as the government's Suitability Executive Agent and the Credentialing Executive Agent, specifying roles and responsibilities for each. Section 603. Process for security clearances Section 603 incorporates several provisions relating to the security clearance process. Section 603 requires the following reviews: of the alignment among the Standard Form 86 background investigation questionnaire, the Federal Investigative Standards, and the adjudicative guidelines contained in Security Executive Agent Directive 4 (``National Security Adjudicative Guidelines''), as well as their collective utility in anticipating future insider threats; of certain methods to improve the background investigation process; and of the utility of the timelines for processing security clearances, as contained in the Intelligence Reform and Terrorism Prevention Act of 2004. Section 603 also directs the DNI, as the government's Security Executive Agent, to establish a policy on the issuance of interim security clearances; establish a policy for consistent treatment in the security clearance process between government and contractor personnel; issue a strategy and implementation plan for conducting periodic reinvestigations based on risk, not a specified time interval; issue a policy for the government's use of automated records checks conducted for prior employment purposes; and establish a policy and issue an implementation plan for sharing information between and among government agencies and industry related to security clearances, consistent with privacy concerns. Section 604. Reports on the vulnerabilities equities policy and process of the Federal Government Section 604 requires the head of each IC element to submit within 90 days of enactment to the congressional intelligence committees a report detailing the process and criteria the head of each IC element uses for determining to submit a vulnerability for review under the Federal Government's vulnerabilities equities policy and process. Section 604 further requires the report to contain information about vulnerability disclosures to vendors, how many vulnerabilities have been patched, and when a patch or mitigation has been made publicly available. Section 605. Bug bounty programs Section 605 directs the Under Secretary for Intelligence and Analysis of the Department of Homeland Security to submit to congressional leadership and the congressional intelligence committees a strategic plan to implement bug bounty programs at appropriate agencies and departments of the United States Government. Section 605 further requires the plan to include an assessment of the ``Hack the Pentagon'' pilot program and subsequent bug bounty programs. Section 605 also requires the plan to provide recommendations on the feasibility of initiating bug bounty programs across the United States Government. Section 606. Report on cyber attacks by foreign governments against United States election infrastructure Section 606 directs the Under Secretary for Intelligence and Analysis of the Department of Homeland Security to submit to congressional leadership and the congressional intelligence committees a report on cyber attacks and attempted cyber attacks by foreign governments on United States election infrastructure, in connection with the 2016 Presidential election. Section 606 further requires this report to include identification of the States and localities affected and include efforts to attack voter registration databases, voting machines, voting-related computer networks, and the networks of secretaries of State and other election officials. Section 607. Review of intelligence community's posture to collect against and analyze Russian efforts to influence the presidential election Section 607 requires the DNI to submit to the congressional intelligence committees within one year of enactment a report on the Director's review of the IC's posture to collect against and analyze Russian efforts to interfere with the 2016 United States presidential election. Section 607 further requires the review to include assessments of IC resources, information sharing, and legal authorities. Section 608. Assessment of foreign intelligence threats to Federal elections Section 608 requires the DNI, in coordination with the Director of the CIA, the Director of the NSA, the Director of the FBI, the Secretary of Homeland Security, and the heads of other relevant IC elements, to commence assessments of security vulnerabilities of State election systems one year before regularly scheduled Federal elections. Section 608 further requires the DNI to submit a report on such assessments to congressional leadership and to the congressional intelligence committees 180 days before regularly scheduled Federal elections, and an updated assessment 90 days before regularly scheduled Federal election. Section 609. Strategy for countering Russian cyber threats to United States elections Section 609 requires the DNI, in coordination with the Secretary of Homeland Security, the Director of FBI, the Director of CIA, the Secretary of State, the Secretary of Defense, and the Secretary of the Treasury, to develop a whole- of-government strategy for countering Russian cyber threats against United States electoral systems and processes. Section 609 further requires this strategy to include input from solicited Secretaries of State and chief election officials. Section 609 requires the DNI and the Secretary of Homeland Security to brief the congressional intelligence committees on the required strategy within 90 days of enactment. Section 610. Limitation relating to establishment or support of cyber security unit with the Government of Russia Section 610 prohibits the Federal Government from expending any funds to establish or support a cybersecurity unit or other cyber agreement that is jointly established or otherwise implemented by the United States Government and the Russian Government, unless the DNI submits a report to the congressional intelligence committees at least 30 days prior to any such agreement. The report shall include the agreement's purpose, intended shared intelligence, value to national security, counterintelligence concerns, and any measures taken to mitigate such concerns. Section 611. Report on returning Russian compounds Section 611 requires the IC to produce, within 180 days of enactment of this Act, both classified and unclassified reports on the intelligence risks of returning the two diplomatic compounds--one in New York and one in Maryland--taken from Russia as a reprisal for Russian meddling in the 2016 United States presidential election. Section 611 also establishes an ongoing requirement for producing similar assessments for future assignment of diplomatic compounds within the United States. Section 612. Intelligence community assessment on threat of Russian money laundering to the United States Section 612 requires the DNI, in coordination with the Secretary of the Treasury, to submit to the congressional intelligence committees within 180 days of enactment an IC assessment on the threat of Russian money laundering to the United States. Section 612 requires the assessment to be based on all-source intelligence from both the IC and the Office of Terrorism and Financial Intelligence of the Treasury Department and cover global nodes and entry points; vulnerabilities; connections between oligarchs, organized crime, and/or the Russian Government; counterintelligence threats to the United States; and challenges to United States Government efforts to enforce sanctions and combat organized crime. Section 613. Notification of an active measures campaign Section 613 requires the DNI to notify the Chairman and Vice Chairman or Ranking Member of the congressional intelligence committees each time the DNI has determined there is credible information that a foreign power has, is, or will attempt to employ a covert influence or active measures campaign with regard to the modernization, employment, doctrine, or force posture of the nuclear deterrent or missile defense. Section 613 further requires that such notification must include information about the actions that the United States has taken to expose or halt such attempts. Section 614. Notification of travel by accredited diplomatic and consular personnel of the Russian Federation in the United States Section 614 requires the Secretary of State, in executing the advance notification requirements of the Intelligence Authorization Act for Fiscal Year 2017, to ensure the Russian Federation provides two business days of advance notice to the Secretary prior to Russian diplomatic or consular travel, and to ensure that the Secretary provides further notification of this travel within one hour to the DNI and the Director of the Federal Bureau of Investigation. Section 615. Modification of certain reporting requirement on travel of foreign diplomats Section 615 amends a provision in the Intelligence Authorization Act for Fiscal Year 2017, to require reporting of ``a best estimate'' of known or suspected violations of certain travel requirements by accredited diplomatic and consular personnel of the Russian Federation. Section 616. Semiannual report on referrals to Department of Justice by elements of the intelligence community regarding unauthorized disclosure of classified information Section 616 requires the Assistant Attorney General of the Department of Justice, in consultation with the Director of the FBI, to submit to the congressional intelligence committees a semiannual report on the status of IC referrals to the Department regarding unauthorized disclosures of classified information. Section 617. Notifications on designation of an intelligence officer as a persona non grata Section 617 requires the DNI, in consultation with the Secretary of State, to submit to the congressional intelligence committees a notification within 30 days of an intelligence officer--either of the United States or of a foreign intelligence service stationed in the United States--being designated as a persona non grata. Section 617 further requires the notifications to include the basis for the designation and a justification for the expulsion. Section 618. Biennial report on foreign investment risks Section 618 requires the DNI to establish an IC working group on foreign investment risks and prepare a biennial report to the congressional intelligence committees. Section 618 further requires the report to include an identification, analysis, and explanation of national security vulnerabilities, foreign investment trends, foreign countries' strategies to exploit vulnerabilities, and market distortions caused by foreign countries. Section 619. Report on surveillance by foreign governments against United States telecommunications networks Section 619 requires the DNI, in coordination with the Director of the CIA, the Director of the NSA, the Director of the FBI, and the Secretary of Homeland Security, to submit to the congressional intelligence committees within 180 days of enactment a report on known attempts by foreign governments to exploit cybersecurity vulnerabilities in United States telecommunications networks to target for surveillance United States persons, and any actions that the IC has taken to protect United States Government agencies and personnel from such surveillance. Section 620. Reports on authorities of the Chief Intelligence Officer of the Department of Homeland Security Section 620 requires the Secretary of Homeland Security, in consultation with the Under Secretary for Intelligence and Analysis, to submit to the congressional intelligence committees a report on the adequacy of the Under Secretary's authorities required as the Chief Intelligence Officer to organize the Homeland Security Intelligence Enterprise, and the legal and policy changes necessary to coordinate, organize, and lead Department of Homeland Security intelligence activities. Section 621. Report on geospatial commercial activities for basic and applied research and development Section 621 requires the Director of the National Geospatial-Intelligence Agency to submit, within 30 days of enactment, to the congressional intelligence committees and the armed services committees a report on the authorities that the Director deems necessary to conduct certain commercial activities to engage in specified basic and applied research, data transfers, and development projects. This report should address how the Director would use such authorities, consistent with applicable laws and procedures to protect sources and methods. Section 622. Technical amendments related to the Department of Energy Section 622 provides technical corrections to certain provisions regarding the Department of Energy's Office of Intelligence and Counterintelligence. Section 623. Sense of Congress on WikiLeaks Section 623 provides a Sense of Congress that WikiLeaks and its senior leadership resemble a non-state hostile intelligence service, often abetted by state actors, and should be treated as such. Committee Comments Management of intelligence community workforce The Committee repeats direction from the Intelligence Authorization Act for Fiscal Year 2017 that IC elements should build, develop, and maintain a workforce appropriately balanced among its civilian, military, and contractor workforce sectors to meet the missions assigned to it in law and by the president. Starting in fiscal year 2019, the Committee will no longer authorize position ceiling levels in the annual Schedule of Authorizations. The bill, in Section 103, again includes authority for IC elements to adjust personnel ceilings by three percent, and by ten percent specifically for the purposes of contractor conversions. These flexibilities are temporary management tools to optimize the workforce this year that will cease in fiscal year 2019 when the IC can benefit from full implementation of the multi-sector workforce initiative. The Committee looks forward to working with the ODNI as it develops an implementation strategy and sets standards for workforce cost analysis tools. Protection of the supply chain in intelligence community acquisition decisions The Committee continues to have significant concerns about risks to the supply chain in IC acquisitions. The report to accompany the Intelligence Authorization Act for Fiscal Year 2017 directed the DNI to review and consider changes to Intelligence Community Directive (ICD) 801 (``Acquisition'') to reflect issuance in 2013 of ICD 731 (``Supply Chain Risk Management'') and issues associated with cybersecurity. It specifically recommended the review examine whether to: expand risk management criteria in the acquisition process to include cyber and supply chain threats; require counterintelligence and security assessments as part of the acquisition and procurement process; propose and adopt new education requirements for acquisition professionals on cyber and supply chain threats; and factor in the cost of cyber and supply chain security. This review is due in November 2017, with a report on the process for updating ICD 801 due in December 2017. As part of this review, the Committee directs three other considerations to be addressed: changes in the Federal Acquisition Regulation that may be necessary; how changes should apply to all acquisition programs; and how security risks must be addressed across development, procurement, and operational phases of acquisition. The Committee further directs the DNI to submit a plan to implement necessary changes within 60 days of completion of this review. National Geospatial-Intelligence Agency use of VERA and VSIP Authorities The Committee encourages the use by the National Geospatial-Intelligence Agency (NGA) of Voluntary Early Retirement Authority (VERA) and Voluntary Separation Incentive Program (VSIP) offers to meet its future goals of building a workforce more attuned to automation of data production, automation of analytic processes, and establishment of development and operations (``DevOps'') software development processes. Therefore, the Committee directs the NGA to report to the congressional intelligence committees within 120 days of enactment of this Act on its plan for further use of VERA and VSIP incentives, to include how they can be used to develop an acquisition cadre skilled in ``DevOps'' software development processes. The report should specify metrics for retooling its workforce, including how it measures data literacy and computational skills in potential hires, and an accounting of the numbers of new hires who have met these higher standards. Report on engagement of National Reconnaissance Office with university community The Committee recognizes that the survivability and resiliency of United States satellites is critically important to the United States intelligence and defense communities. While the National Reconnaissance Office (NRO) engages with the university community in support of basic research and developing an education workforce pipeline to help advance new technologies and produce skilled professionals, it can do more in this regard to focus on space survivability. Therefore, the Committee directs the NRO to report within 120 days of enactment of this Act on NRO's current efforts and future strategies to engage with university partners that are strategically located, host secure information facilities, and offer a strong engineering curriculum, with a particular focus on space survivability and resiliency. This report should provide a summary of NRO's current and planned university engagement programs, levels of funding, and program research and workforce objectives and metrics. The report should also include an assessment of the strategic utility of chartering a University Affiliated Research Center (UARC) in this domain. Clarification of oversight responsibilities The Committee reinforces the requirement for all IC agencies funded by the National Intelligence Program to respond in a full, complete, and timely manner to any request made by a member of the congressional intelligence committees. In addition, the Committee directs the DNI to issue guidelines within 90 days to ensure that this provision is carried out. Clarification on cooperation with investigation on Russian influence in the 2016 election The Committee reinforces the obligation for all IC agencies to cooperate in a full, complete, and timely manner with the Committee's investigation into Russian meddling in the 2016 Presidential election and all related inquiries being conducted by the Committee. Supervisory feedback as part of continuous evaluation program The Committee directs the DNI to review the results of ongoing pilots regarding the use of supervisory feedback as part of the periodic reinvestigation and continuous evaluation process and report within 180 days of enactment of this Act on the establishment of a policy for its use across the IC. National security threats to critical infrastructure The Committee is aware of significant threats to our critical infrastructure and industrial control systems posed by foreign adversaries. The sensitive nature of the information related to these threats make the role of the IC of vital importance to United States defensive efforts. The Committee has grave concerns that current IC resources dedicated to these threats and their analysis are neither sufficient nor closely coordinated. The Committee includes provisions within this legislation to address these concerns. Inspector General of the Intelligence Community role and responsibilities The Inspector General of the Intelligence Community (IC IG) was established by the Intelligence Authorization Act for Fiscal Year 2010 to initiate and ``conduct independent reviews investigations, inspections, audits, and reviews on programs and activities within the responsibility and authority of the Director of National Intelligence'' and to lead the IG community in its activities. The Committee is concerned that this intent is not fully exercised by the IC IG and reiterates the Congress's intent that it consider its role as an IG over all IC-wide activities in addition to the ODNI. To support this intent, the Committee has directed a number of requirements to strengthen the IC IG's role and expects full cooperation from all Offices of Inspector General across the IC. The Committee remains concerned about the level of protection afforded to whistleblowers within the IC and the level of insight congressional committees have into their disclosures. It is the Committee's expectation that all Offices of Inspector General across the IC will fully cooperate with the direction provided elsewhere in the bill to ensure both the Director of National Intelligence and the congressional committees have more complete awareness of the disclosures made to any IG about any National Intelligence Program funded activity. Space launch facilities The Committee continues to believe it is critical to preserve a variety of launch range capabilities to support national security space missions, and encourages planned launches such as the U.S. Air Force Orbital/Sub-Orbital Program (OSP)-3 National Reconnaissance Office (NRO-111) mission, to be launched in 2018 on a Minotaur 1 from the Mid-Atlantic Regional Spaceport at Wallops Flight Facility. In the Fiscal Year 2017 Intelligence Authorization Act, the Committee directed a brief from the ODNI, in consultation with the Department of Defense and the U.S. Air Force, on their plans to utilize state-owned and operated spaceports, which leverage non-federal public and private investments to bolster United States launch capabilities and provide access to mid-to-low or polar-to-high inclination orbits for national security missions. The Committee directs that the ODNI supplement this brief to consider how state investments in these spaceports may support infrastructure improvements, such as payload integration and launch capabilities, for national security launches. Committee Action On July 27, 2017, a quorum being present, the Committee met to consider the bill and amendments. The Committee took the following actions: Votes on amendments to committee bill, this report and the classified annex By unanimous consent, the Committee made the Chairman and Vice Chairman's bill, together with the classified annex, the base text for purposes of amendment. By voice vote, the Committee adopted en bloc eight amendments to the classified annex, as sponsored by: (1) Chairman Burr and Vice Chairman Warner, as modified by a second-degree amendment by Chairman Burr and Senator Cotton; (2) Chairman Burr and Vice Chairman Warner; (3) Chairman Burr and Vice Chairman Warner; (4) Vice Chairman Warner and Senator Manchin; (5) Senator Manchin, as modified by a second-degree amendment by Chairman Burr; (6) Senator Lankford, as modified by a second-degree amendment by Senator Lankford and Vice Chairman Warner; (7) Senator Rubio, as modified by a second- degree amendment also by Senator Rubio; and (8) Senator Rubio, Senator Cornyn, and Senator Manchin. By voice vote, the Committee adopted en bloc the following eleven amendments to the bill: (1) an amendment by Chairman Burr and Vice Chairman Warner to Section 505, regarding reports on an energy infrastructure pilot program; (2) an amendment by Vice Chairman Warner and Senator Heinrich, regarding Russia cyber threat strategy; (3) an amendment by Chairman Burr and Senator Rubio to Section 402, regarding information sharing with state election officials; (4) an amendment by Senator Collins, Senator Lankford, and Senator Manchin that requires the Department of Justice to report on Intelligence Community leaks; (5) an amendment by Senator Cotton that modifies a report requirement on certain Russia travel violations; (6) an amendment by Senator Heinrich, Senator King, and Senator Harris that requires reporting on the government's Vulnerabilities Equities Policy and Process; (7) an amendment by Senator Lankford to Section 608, regarding an assessment of foreign intelligence threats to federal elections; (8) an amendment by Senator Harris requiring an Intelligence Community review on Russian influence; (9) an amendment by Senator Wyden and Senator Manchin requiring a report on Russian money laundering; (10) an amendment by Senator Wyden prohibiting a United States- Russia cyber unit; and (11) an amendment by Senator Wyden requiring a report on foreign government surveillance against United States telecommunications networks. By voice vote, the Committee adopted a second-degree amendment by Senator King to an amendment by Senator Wyden that would have stricken Section 623 of the bill. Section 623 originally provided a Sense of Congress that WikiLeaks and its senior leadership constitute a non-state hostile intelligence service. By a vote of 13 ayes to 2 noes, the Committee adopted the amendment by Senator Wyden that would have stricken Section 623 of the bill, as modified by the second-degree amendment by Senator King, to provide a Sense of Congress that WikiLeaks and its senior leadership resemble a non-state hostile intelligence service. The votes in person or by proxy were as follows: Chairman Burr--aye; Senator Risch--aye; Senator Rubio--aye; Senator Collins--aye; Senator Blunt--aye; Senator Lankford-- aye; Senator Cotton--aye; Senator Cornyn--aye; Vice Chairman Warner--aye; Senator Feinstein--aye; Senator Wyden--no; Senator Heinrich--aye; Senator King--aye; Senator Manchin--aye; and Senator Harris--no. Senator Feinstein offered an amendment regarding civil injunction actions and an amendment to require reports on terrorist activities, both of which she subsequently withdrew. Senator Wyden offered an amendment regarding whistleblower protections for Intelligence Community contractors, which he subsequently withdrew. Senator Cotton offered three amendments, which he subsequently withdrew, as follows: (1) an amendment to require a declassification review of materials relating to the Iran Joint Comprehensive Plan of Action; (2) an amendment to make a conforming edit to 18 U.S.C. 2709, to clarify that the government is permitted to obtain non-content electronic communications transactional records; and (3) an amendment to reauthorize Title VII of the Foreign Intelligence Surveillance Act. Vote to report the committee bill The Committee voted to report the bill, as amended, by a vote of 14 ayes and 1 no. The votes in person or by proxy were as follows: Chairman Burr--aye; Senator Risch--aye; Senator Rubio--aye; Senator Collins--aye; Senator Blunt--aye; Senator Lankford--aye; Senator Cotton--aye; Senator Cornyn--aye; Vice Chairman Warner--aye; Senator Feinstein--aye; Senator Wyden-- no; Senator Heinrich--aye; Senator King--aye; Senator Manchin-- aye; and Senator Harris--aye. By unanimous consent, the Committee authorized the staff to make technical and conforming changes, following the completion of the mark-up. Compliance With Rule XLIV Rule XLIV of the Standing Rules of the Senate requires publication of a list of any ``congressionally directed spending item, limited tax benefit, and limited tariff benefit'' that is included in the bill or the committee report accompanying the bill. Consistent with the determination of the Committee not to create any congressionally directed spending items or earmarks, none have been included in the bill, the report to accompany it, or the classified schedule of authorizations. The bill, report, and classified schedule also contain no limited tax benefits or limited tariff benefits. Estimate of Costs Pursuant to paragraph 11(a)(3) of rule XXVI of the Standing Rules of the Senate, the Committee deems it impractical to include an estimate of the costs incurred in carrying out the provisions of this report due to the classified nature of the operations conducted pursuant to this legislation. On July 27, 2017, the Committee transmitted this bill to the Congressional Budget Office and requested an estimate of the costs incurred in carrying out the unclassified provisions. Evaluation of Regulatory Impact In accordance with paragraph 11(b) of rule XXVI of the Standing Rules of the Senate, the Committee finds that no substantial regulatory impact will be incurred by implementing the provisions of this legislation. ADDITIONAL VIEWS OF SENATOR HARRIS I support the Senate Select Committee on Intelligence's Fiscal Year 2018 Intelligence Authorization Act because it advances a number of important intelligence oversight goals ranging from transparency on cyber vulnerabilities to tracking foreign threats to our elections. Nevertheless, despite my overall support for the bill, it is not perfect. In particular, I have reservations about Section 623, which establishes a Sense of Congress that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service. The Committee's bill offers no definition of ``non-state hostile intelligence service'' to clarify what this term is and is not. Section 623 also directs the United States to treat WikiLeaks as such a service, without offering further clarity. To be clear, I am no supporter of WikiLeaks, and believe that the organization and its leadership have done considerable harm to this country. This issue needs to be addressed. However, the ambiguity in the bill is dangerous because it fails to draw a bright line between WikiLeaks and legitimate journalistic organizations that play a vital role in our democracy. I supported efforts to remove this language in Committee and look forward to working with my colleagues as the bill proceeds to address my concerns. Kamala D. Harris. MINORITY VIEWS OF SENATOR WYDEN The Fiscal Year 2018 Intelligence Authorization bill includes three important amendments I offered. The first amendment requires that the Director of National Intelligence, in coordination with the Secretary of the Treasury, produce a report on the threat to the United States from Russian money laundering. It has become apparent that following the trail of illicit Russian money is a central component of any counterintelligence investigation related to Russia. Russian money laundering also threatens the U.S. financial system as well as efforts to enforce sanctions and fight organized crime. This report will bring together the resources of the Intelligence Community and elements of the Treasury Department under the Office of Terrorism and Financial Intelligence, such as the Financial Crimes Enforcement Network (FinCEN), so that the government and the Congress can understand the complex and hidden networks of shell companies and other money laundering instruments overseas and here in the United States. The second amendment prohibits the U.S.-Russia cyber security unit announced by the President on July 9, 2017, or any other U.S.-Russia cyber agreement, unless Congress has full information about what the administration intends. The President's statement that this unit will ensure that ``election hacking, & many other negative things, will be guarded and safe'' raises numerous counterintelligence concerns, given Russia's hacking in connection with the 2016 U.S. election. My amendment thus requires the DNI, at least 30 days prior to any such agreement, to report on what intelligence will be shared with Russia, the counterintelligence concerns associated with any such agreement, and what will be done to mitigate those concerns. The third amendment requires a report on the threat that cyber security vulnerabilities in telecommunications networks, including Signaling System No. 7 (SS7), could result in foreign government surveillance of Americans, including U.S. government personnel. A Department of Homeland Security report from April highlighted the risks of SS7 vulnerabilities. My amendment will require the whole of the Intelligence Community to report on whether foreign government surveillance is occurring as a result of this known vulnerability, and what the IC is doing about it. One important reform lacking from the bill is whistleblower protections for Intelligence Community contractors, who are not afforded the protections provided either to Intelligence Community employees or to contractors outside the Intelligence Community. By addressing this gap, Congress potentially could save the taxpayers millions of dollars. Extending whistleblower protections to IC contractors also helps discourage leaks by granting potential leakers protected classified channels to express concerns. It is my intent to continue to work with colleagues to address this shortcoming in whistleblower protections in the near future. My opposition to the bill is based on a provision stating that it is the Sense of Congress ``that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.'' My concern with this language does not relate to the actions of WikiLeaks, which, as I have stressed in the past, was part of a direct attack on our democracy. My concern is that the use of the novel phrase ``non-state hostile intelligence service'' may have legal, constitutional, and policy implications, particularly should it be applied to journalists inquiring about secrets. The language in the bill suggesting that the U.S. government has some unstated course of action against ``non-state hostile intelligence services'' is equally troubling. The damage done by WikiLeaks to the United States is clear. But with any new challenge to our country, Congress ought not react in a manner that could have negative consequences, unforeseen or not, for our constitutional principles. The introduction of vague, undefined new categories of enemies constitutes such an ill-considered reaction. Ron Wyden. [all]