There is 1 version of this bill. View text

Click the check-box to add or remove the section, click the text link to scroll to that section.
Titles Actions Overview All Actions Cosponsors Committees Related Bills Subjects Latest Summary All Summaries

Titles (3)

Short Titles

Short Titles - Senate

Short Titles as Introduced

PATCH Act of 2017
Protecting Our Ability to Counter Hacking Act of 2017

Official Titles

Official Titles - Senate

Official Titles as Introduced

A bill to establish the Vulnerability Equities Review Board, and for other purposes.


Actions Overview (1)

Date Actions Overview
05/17/2017Introduced in Senate

All Actions (1)

Date All Actions
05/17/2017Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Action By: Senate

Cosponsors (3)

* = Original cosponsor
CosponsorDate Cosponsored
Sen. Johnson, Ron [R-WI]* 05/17/2017
Sen. Gardner, Cory [R-CO]* 05/17/2017
Sen. Klobuchar, Amy [D-MN] 10/02/2017

Committees (1)

Committees, subcommittees and links to reports associated with this bill are listed here, as well as the nature and date of committee activity and Congressional report number.

Committee / Subcommittee Date Activity Related Documents
Senate Homeland Security and Governmental Affairs05/17/2017 Referred to

A related bill may be a companion measure, an identical bill, a procedurally-related measure, or one with text similarities. Bill relationships are identified by the House, the Senate, or CRS, and refer only to same-congress measures.


Latest Summary (1)

There is one summary for S.1157. View summaries

Shown Here:
Introduced in Senate (05/17/2017)

Protecting Our Ability to Counter Hacking Act of 2017 or the PATCH Act of 2017

This bill establishes the Vulnerability Equities Review Board to establish and make available to the public policies on matters relating to whether, when, how, to whom, and to what degree information about a vulnerability in a technology, product, system, service, or application that is not publicly known should be shared or released by the government to a non-federal entity. The board must submit to Congress and the President a draft of such policies, along with a description of challenges or impediments requiring legislative or administrative action.

Each federal agency shall, upon obtaining information about such a vulnerability, subject such information to a process established by the board for sharing or releasing the information. Process considerations shall include:

  • which technologies, products, systems, services, or applications are subject to the vulnerability;
  • the potential risks of leaving the vulnerability unpatched or unmitigated;
  • the likelihood that a non-federal entity will discover the vulnerability; and
  • whether the vulnerability can be patched or otherwise mitigated.

An agency may share or release such information to a non-federal entity without subjecting it to such process if the agency determines that the information is presumptively shareable or releasable.

If the board determines that such information should be shared with or released to the vendor that developed or maintains the technology, it shall provide the information to the Department of Homeland Security, which shall share or release the information as directed by the board.