{"bills":[{"photos":{"featured":"https://assets.countable.us/bill/photo/hr3868-115/featured_treasury-innovation-act-1509735989.jpg","featured_large":"https://assets.countable.us/bill/photo/hr3868-115/featured_large_treasury-innovation-act-1509735989.jpg","shareable":"https://n.countable.us/share-images/bills/hr3868-115.png"},"introduced_on":"2017-09-28","title_override":"Should the Treasury Have a “Bug Bounty” Program to Expose & Fix Vulnerabilities in its Computer Systems?","summary_override":"

This bill would establish a “bug bounty” pilot program within the Treasury Department in which vetted computer professionals could apply to “hack” and try to penetrate weaknesses in the Treasury’s servers in exchange for a cash payment. Participants would be chosen through an application process and subjected to a background check, and would be protected from prosecution for carrying out authorized activities in the bug bounty program. A total of $100,000 would be authorized for fiscal year 2019 to carry out the program.

The Secretary of the Treasury would be required to designate mission critical operations that should be excluded from the bug bounty program, and develop it in consultation with Dept. of Defense offices that put together the “Hack the Pentagon” program in 2016.

The program would be established within 180 days of the bill’s enactment, and 90 days after the bug bounty program is completed the Treasury would have to submit a report on its effectiveness to relevant congressional committees.

","official_title":"To establish a bug bounty pilot program within the Department of the Treasury, and for other purposes.","short_title":"Treasury Innovation Act","popular_title":null,"short_summary":"Treasury Innovation Act\n\nThis bill directs the Department of the Treasury to establish a bug bounty pilot program to minimize vulnerabilities to Treasury information systems.\n\n \"Bug bounty pilot program\" is a program under which an approved computer security specialist or security researcher is temporarily authorized to identify and report vulnerabilities within Treasury information systems in exchange for cash payment.\n\nUnder such program, Treasury shall:\n\n provide monetary compensation for reports of previously unidentified security vulnerabilities within the websites, applications, and other Treasury information systems that are accessible to the public; develop an expeditious process by which computer security researchers can register for the program, submit to a background check, and receive a determination as to approval for program participation; designate mission-critical operations within Treasury that should be excluded; consult with the Department of Justice on how to ensure ...","summarized":true,"cost":null,"cost_commentary":"A CBO cost estimate is unavailable.","impact":"Participants in the bug bounty program; congressional committees; relevant federal agencies; and the Treasury Department.","argument_for":"A bug bounty program would be an effective, secure way to test the vulnerabilities in the Treasury Department’s information systems to ensure taxpayer information is protected.","argument_against":"A bug bounty program could expose weaknesses in the Treasury Department’s information systems that aren’t fixed, allowing them to be exploited by real hackers.","bill_type":"hr","published":true,"type":"FederalBill","id":"hr3868-115","bill_id":"hr3868-115","formal_id":"H.R. 3868","chamber":"house","congress":115,"last_action_at":"2017-09-28T00:00:00.000Z","active":false,"enacted":false,"enacted_at":null,"vetoed":false,"last_vote_at":null,"debated_on":null,"congress_url":"https://www.congress.gov/bill/115th/house-bill/3868","plain_text_url":"https://www.gpo.gov/fdsys/pkg/BILLS-115hr3868ih/html/BILLS-115hr3868ih.htm","shareable_image_url":"https://n.countable.us/share-images/bills/hr3868-115.png","congress_full_text_url":"https://www.congress.gov/bill/115th/house-bill/3868/text","is_current_congress":false,"last_version_on":"2017-09-28","related_bill_ids":["hr2774-115","s1281-115"],"progress":"Introduced","house_passage_result":false,"senate_passage_result":false,"position_count":402,"committees":[{"name":"Committee on Financial Services","chamber":"house","committee_id":"HSBA","subcommittee":false},{"name":"Committee on Ways and Means","chamber":"house","committee_id":"HSWM","subcommittee":false}],"links":{"rollCalls":"/api/roll_calls?bill_id=hr3868-115","details":"/api/bills/hr3868-115/details","sharingMessage":"/api/sharing_messages/hr3868-115","positionsFor":"/api/bills/hr3868-115/positions/for","positionsAgainst":"/api/bills/hr3868-115/positions/against"},"upcoming":false,"cosponsors_count":0,"slug":"hr3868-115-treasury-innovation-act","latest_chamber_votes_id":null,"official_url":null,"target_video":true,"following":false,"vote_count":2867,"yea_vote_count":2147,"nay_vote_count":711,"passed_house":false,"passed_senate":false,"vote_id":null,"my_position_id":null,"topic_ids":["government"],"issue_ids":["technology","federal-agencies","government"],"sponsor_id":1498}],"votes":[],"issues":[{"id":"technology","name":"Technology","slug":"technology","description":"Vote on the latest federal legislation regarding Technology . Make your voice heard about the issues you care about. ","page_title":"Technology Legislation - Vote on Bills, Stay informed, Hold Your Reps Accountable","icons":{"black":"https://assets.countable.us/issue/icon/technology/black_technology-1429042051.svg","grey":"https://assets.countable.us/issue/icon/technology/grey_technology-1429042051.svg","white":"https://assets.countable.us/issue/icon/technology/white_technology-1429042051.svg"},"cover_image_url":null,"is_following":false},{"id":"federal-agencies","name":"Federal Agencies","slug":"federal-agencies","description":"Vote on the latest federal legislation regarding Federal Agencies. Make your voice heard about the issues you care about. \r\n","page_title":"Federal Agencies Legislation - Vote on Bills, Stay informed, Hold Your Reps Accountable","icons":{"black":"https://assets.countable.us/issue/icon/federal-agencies/black_federal-agencies-1429042054.svg","grey":"https://assets.countable.us/issue/icon/federal-agencies/grey_federal-agencies-1429042054.svg","white":"https://assets.countable.us/issue/icon/federal-agencies/white_federal-agencies-1429042054.svg"},"cover_image_url":null,"is_following":false},{"id":"government","name":"Government","slug":"government","description":"Federal legislation related to the operations of the US Federal Government. Bills can encompass government administration, regulation of political parties, the US postal service, US territories and public contracts.","page_title":"US Government - Federal legislation - Vote on Bills, Stay informed, Hold Your Reps Accountable","icons":{"black":"https://assets.countable.us/issue/icon/government/black_government-1453508811.svg","grey":"https://assets.countable.us/issue/icon/government/grey_government-1453508811.svg","white":"https://assets.countable.us/issue/icon/government/white_government-1453508811.svg"},"cover_image_url":null,"is_following":false}],"users":[{"name":"Simon","vote_count":116,"photos":{"large":"https://assets.countable.us/user/avatar/A9G8nwAW/large_a9g8nwaw-1507350608.jpg","small":"https://assets.countable.us/user/avatar/A9G8nwAW/small_a9g8nwaw-1507350608.jpg","tiny":"https://assets.countable.us/user/avatar/A9G8nwAW/tiny_a9g8nwaw-1507350608.jpg"},"links":{"following":"/api/users/A9G8nwAW/following","followers":"/api/users/A9G8nwAW/followers"},"about_me":null,"twitter_id":null,"facebook_id":null,"youtube_id":null,"google_plus_id":null,"website":null,"slug":null,"issue_count":28,"is_following":null,"influence_score":0,"influence_level":0,"follower_count":0,"following_count":3,"position_count":15,"id":"A9G8nwAW","partner_id":null},{"name":"Kenneth","vote_count":95,"photos":{"large":"https://assets.countable.us/user/avatar/QZOR2X2W/large_qzor2x2w-1509243334.jpg","small":"https://assets.countable.us/user/avatar/QZOR2X2W/small_qzor2x2w-1509243334.jpg","tiny":"https://assets.countable.us/user/avatar/QZOR2X2W/tiny_qzor2x2w-1509243334.jpg","facebook":"https://graph.facebook.com/10210516404890952/picture"},"links":{"following":"/api/users/QZOR2X2W/following","followers":"/api/users/QZOR2X2W/followers"},"about_me":"","twitter_id":null,"facebook_id":null,"youtube_id":null,"google_plus_id":null,"website":null,"slug":null,"issue_count":12,"is_following":null,"influence_score":670,"influence_level":30,"follower_count":10,"following_count":16,"position_count":47,"id":"QZOR2X2W","partner_id":null},{"name":"DarkPulsar","vote_count":49,"photos":{"large":"https://assets.countable.us/user/avatar/emQLYJEZ/large_emqlyjez-1507675317.jpg","small":"https://assets.countable.us/user/avatar/emQLYJEZ/small_emqlyjez-1507675317.jpg","tiny":"https://assets.countable.us/user/avatar/emQLYJEZ/tiny_emqlyjez-1507675317.jpg"},"links":{"following":"/api/users/emQLYJEZ/following","followers":"/api/users/emQLYJEZ/followers"},"about_me":null,"twitter_id":null,"facebook_id":null,"youtube_id":null,"google_plus_id":null,"website":null,"slug":"darkpulsar","issue_count":13,"is_following":null,"influence_score":30,"influence_level":10,"follower_count":1,"following_count":0,"position_count":19,"id":"emQLYJEZ","partner_id":null}],"bill_position":{"flagged":false,"id":"ec46e774-4c56-4e56-9220-37193a5f4411","argument_for":"A lot of forward thinking companies employ white hat hackers to discover vulnerabilities so this makes a lot of sense. Although government IT systems are usually 15-20 years out of date and are easily hacked, this should be done if nothing else to maybe modernize the system more.","argument_against":null,"show_argument_for":true,"show_argument_against":false,"upvote_count":2,"upvotes_for_count":2,"upvotes_against_count":null,"has_upvoted":false,"endorsement_count":2,"links":{"self":"https://www.countable.us/positions/ec46e774-4c56-4e56-9220-37193a5f4411"},"body":"A lot of forward thinking companies employ white hat hackers to discover vulnerabilities so this makes a lot of sense. Although government IT systems are usually 15-20 years out of date and are easily hacked, this should be done if nothing else to maybe modernize the system more.","stance":"yea","created_at":"2017-11-04T18:22:28.013Z","shareable_image_url":"https://n.countable.us/share-images/positions/ec46e774-4c56-4e56-9220-37193a5f4411.png","note_color":null,"note_text":null,"bill_id":"hr3868-115","user_id":"A9G8nwAW","endorser_ids":["QZOR2X2W","emQLYJEZ"]}}

Like Countable?

Simon

Should the Treasury Have a “Bug Bounty” Program to Expose & Fix Vulnerabilities in its Computer Systems?