Home > Legislation > 115th Congress > H.R.3868

H.R.3868 - Treasury Innovation Act115th Congress (2017-2018) |

Bill

Hide Overview
Sponsor: Rep. Budd, Ted [R-NC-13] (Introduced 09/28/2017)
Committees: House - Financial Services; Ways and Means
Latest Action: House - 09/28/2017 Referred to the Committee on Financial Services, and in addition to the Committee on Ways and Means, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.  (All Actions)

Tracker:

This bill has the status Introduced

Here are the steps for Status of Legislation:

  1. Introduced
  2. Passed House
  3. Passed Senate
  4. To President
  5. Became Law

More on This Bill

  • Constitutional Authority Statement
  • CBO Cost Estimates [0]

Subject — Policy Area:

Summary: H.R.3868 — 115th Congress (2017-2018)All Information (Except Text)

There is one summary for H.R.3868. Bill summaries are authored by CRS.

Shown Here:
Introduced in House (09/28/2017)

Treasury Innovation Act

This bill directs the Department of the Treasury to establish a bug bounty pilot program to minimize vulnerabilities to Treasury information systems.

"Bug bounty pilot program" is a program under which an approved computer security specialist or security researcher is temporarily authorized to identify and report vulnerabilities within Treasury information systems in exchange for cash payment.

Under such program, Treasury shall:

  • provide monetary compensation for reports of previously unidentified security vulnerabilities within the websites, applications, and other Treasury information systems that are accessible to the public;
  • develop an expeditious process by which computer security researchers can register for the program, submit to a background check, and receive a determination as to approval for program participation;
  • designate mission-critical operations within Treasury that should be excluded;
  • consult with the Department of Justice on how to ensure that program participants are protected from prosecution for activities authorized under the program;
  • award competitive contracts to manage the program and for executing the remediation of identified vulnerabilities; and
  • engage interested persons, including commercial sector representatives, about the structure of the program.