Page:United States Statutes at Large Volume 101 Part 3.djvu/429

From Wikisource
Jump to: navigation, search
This page needs to be proofread.
PUBLIC LAW 100-000—MMMM. DD, 1987

PUBLIC LAW 100-235—JAN. 8, 1988

101 STAT. 1727

system on behalf of the Federal Government to accomplish a Federal function; "(4) the term 'sensitive information' means any information, the loss, misuse, or unauthorized access to or modification of which could adversely affect the national interest or the conduct of Federal programs, or the privacy to which individuals are entitled under section 552a of title 5, United States Code (the Privacy Act), but which has not been specifically authorized under criteria established by an Executive order or an Act of Congress to be kept secret in the interest of national defense or foreign policy; and "(5) the term 'Federal agency' has the meaning given such term by section 3(b) of the Federal Property and Administrative Services Act of 1949. "SEC. 21. (a) There is hereby established a Computer System 15 USC 278g-4. Security and Privacy Advisory Board within the Department of Commerce. The Secretary of Commerce shall appoint the chairman of the Board. The Board shall be composed of twelve additional members appointed by the Secretary of Commerce as follows: "(1) four members from outside the Federal Government who are eminent in the computer or telecommunications industry, at least one of whom is representative of small or medium sized companies in such industries; "(2) four members from outside the Federal Government who are eminent in the fields of computer or telecommunications = ".i?.vj technology, or related disciplines, but who are not employed by or representative of a producer of computer or telecommunications equipment; and "(3) four members from the Federal Government who have computer systems management experience, including experience in computer systems security and privacy, at least one of whom shall be from the National Security Agency. "(b) The duties of the Board shall be— "(1) to identify emerging managerial, technical, administrative, and physical safeguard issues relative to computer systems security and privacy; "(2) to advise the Bureau of Standards and the Secretary of Commerce on security and privacy issues pertaining to Federal computer systems; and "(3) to report its findings to the Secretary of Commerce, the Reports. Director of the Office of Management and Budget, the Director of the National Security Agency, and the appropriate committees of the Congress. "(c) The term of office of each member of the Board shall be four years, except that— "(1) of the initial members, three shall be appointed for terms of one year, three shall be appointed for terms of two years, three shall be appointed for terms of three years, and three shall be appointed for terms of four years; and "(2) any member appointed to fill a vacancy in the Board shall serve for the remainder of the term for which his predecessor was appointed. "(d) The Board shall not act in the absence of a quorum, which shall consist of seven members. "(e) Members of the Board, other than full-time employees of the Federal Government, while attending meetings of such committees or while otherwise performing duties at the request of the Board