CHAPTER 111—GENERAL
11103.
Applicability to national security systems.
§11101. Definitions
In this subtitle, the following definitions apply:
(1) Commercial product.—The term "commercial product" has the meaning given that term in section 103 of title 41.
(2) Executive agency.—The term "executive agency" has the meaning given that term in section 133 of title 41.
(3) Information resources.—The term "information resources" has the meaning given that term in section 3502 of title 44.
(4) Information resources management.—The term "information resources management" has the meaning given that term in section 3502 of title 44.
(5) Information system.—The term "information system" has the meaning given that term in section 3502 of title 44.
(6) Information technology.—The term "information technology"—
(A) with respect to an executive agency means any equipment or interconnected system or subsystem of equipment, used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency, if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency that requires the use—
(i) of that equipment; or
(ii) of that equipment to a significant extent in the performance of a service or the furnishing of a product;
(B) includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including support services), and related resources; but
(C) does not include any equipment acquired by a federal contractor incidental to a federal contract.
(Pub. L. 107–217, Aug. 21, 2002, 116 Stat. 1235; Pub. L. 108–199, div. F, title V, §535(b), Jan. 23, 2004, 118 Stat. 345; Pub. L. 111–350, §5(l)(24), Jan. 4, 2011, 124 Stat. 3852; Pub. L. 115–232, div. A, title VIII, §836(g)(7)(A), Aug. 13, 2018, 132 Stat. 1874.)
The text of 40:1401(1) is omitted as unnecessary because the complete name of the Director of the Office of Management and Budget is used the first time the term appears in a section.
Editorial Notes
Amendments
2018—Par. (1). Pub. L. 115–232, in heading, substituted "Commercial product" for "Commercial item" and, in text, substituted "The term 'commercial product' has" for "The term 'commercial item' has".
2011—Par. (1). Pub. L. 111–350, §5(l)(24)(A), substituted "section 103 of title 41" for "section 4 of the Office of Federal Procurement Policy Act (41 U.S.C. 403)".
Par. (2). Pub. L. 111–350, §5(l)(24)(B), substituted "section 133 of title 41" for "section 4 of the Act (41 U.S.C. 403)".
2004—Par. (6)(A). Pub. L. 108–199, §535(b)(1), inserted "analysis, evaluation," after "storage,".
Par. (6)(B). Pub. L. 108–199, §535(b)(2), substituted "ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer," for "ancillary equipment,".
Statutory Notes and Related Subsidiaries
Effective Date of 2018 Amendment
Amendment by Pub. L. 115–232 effective Jan. 1, 2020, subject to a savings provision, see section 836(h) of Pub. L. 115–232, set out as an Effective Date of 2018 Amendment; Savings Provision note under section 453b of Title 6, Domestic Security.
Executive Documents
Executive Order No. 13011
Ex. Ord. No. 13011, July 16, 1996, 61 F.R. 37657, as amended by Ex. Ord. No. 13284, §16, Jan. 23, 2003, 68 F.R. 4076; Ex. Ord. No. 13286, §18, Feb. 28, 2003, 68 F.R. 10623, which related to information technology policies and reforms for Federal agencies, was revoked by Ex. Ord. No. 13403, §6, May 12, 2006, 71 F.R. 28543.
Ex. Ord. No. 13103. Computer Software Piracy
Ex. Ord. No. 13103, Sept. 30, 1998, 63 F.R. 53273, provided:
The United States Government is the world's largest purchaser of computer-related services and equipment, purchasing more than $20 billion annually. At a time when a critical component in discussions with our international trading partners concerns their efforts to combat piracy of computer software and other intellectual property, it is incumbent on the United States to ensure that its own practices as a purchaser and user of computer software are beyond reproach. Accordingly, by the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:
Section 1. Policy. It shall be the policy of the United States Government that each executive agency shall work diligently to prevent and combat computer software piracy in order to give effect to copyrights associated with computer software by observing the relevant provisions of international agreements in effect in the United States, including applicable provisions of the World Trade Organization Agreement on Trade-Related Aspects of Intellectual Property Rights, the Berne Convention for the Protection of Literary and Artistic Works, and relevant provisions of Federal law, including the Copyright Act.
(a) Each agency shall adopt procedures to ensure that the agency does not acquire, reproduce, distribute, or transmit computer software in violation of applicable copyright laws.
(b) Each agency shall establish procedures to ensure that the agency has present on its computers and uses only computer software not in violation of applicable copyright laws. These procedures may include:
(1) preparing agency inventories of the software present on its computers;
(2) determining what computer software the agency has the authorization to use; and
(3) developing and maintaining adequate recordkeeping systems.
(c) Contractors and recipients of Federal financial assistance, including recipients of grants and loan guarantee assistance, should have appropriate systems and controls in place to ensure that Federal funds are not used to acquire, operate, or maintain computer software in violation of applicable copyright laws. If agencies become aware that contractors or recipients are using Federal funds to acquire, operate, or maintain computer software in violation of copyright laws and determine that such actions of the contractors or recipients may affect the integrity of the agency's contracting and Federal financial assistance processes, agencies shall take such measures, including the use of certifications or written assurances, as the agency head deems appropriate and consistent with the requirements of law.
(d) Executive agencies shall cooperate fully in implementing this order and shall share information as appropriate that may be useful in combating the use of computer software in violation of applicable copyright laws.
Sec. 2. Responsibilities of Agency Heads. In connection with the acquisition and use of computer software, the head of each executive agency shall:
(a) ensure agency compliance with copyright laws protecting computer software and with the provisions of this order to ensure that only authorized computer software is acquired for and used on the agency's computers;
(b) utilize performance measures as recommended by the Chief Information Officers Council pursuant to section 3 of this order to assess the agency's compliance with this order;
(c) educate appropriate agency personnel regarding copyrights protecting computer software and the policies and procedures adopted by the agency to honor them; and
(d) ensure that the policies, procedures, and practices of the agency related to copyrights protecting computer software are adequate and fully implement the policies set forth in this order.
Sec. 3. Chief Information Officers Council. The Chief Information Officers Council ("Council") established by section 3 of Executive Order No. 13011 of July 16, 1996 [set out above], shall be the principal interagency forum to improve executive agency practices regarding the acquisition and use of computer software, and monitoring and combating the use of unauthorized computer software. The Council shall provide advice and make recommendations to executive agencies and to the Office of Management and Budget regarding appropriate government-wide measures to carry out this order. The Council shall issue its initial recommendations within 6 months of the date of this order.
Sec. 4. Office of Management and Budget. The Director of the Office of Management and Budget, in carrying out responsibilities under the Clinger-Cohen Act [probably means the Clinger-Cohen Act of 1996, div. D (§§4001–4402) and div. E (§§5001–5703) of Pub. L. 104–106, see Tables for classification], shall utilize appropriate oversight mechanisms to foster agency compliance with the policies set forth in this order. In carrying out these responsibilities, the Director shall consider any recommendations made by the Council under section 3 of this order regarding practices and policies to be instituted on a government-wide basis to carry out this order.
Sec. 5. Definition. "Executive agency" and "agency" have the meaning given to that term in section 4(1) of the Office of Federal Procurement Policy Act (41 U.S.C. 403(1)).
Sec. 6. National Security. In the interest of national security, nothing in this order shall be construed to require the disclosure of intelligence sources or methods or to otherwise impair the authority of those agencies listed at [former] 50 U.S.[C.] 401a(4) [now 50 U.S.C. 3003(4)] to carry out intelligence activities.
Sec. 7. Law Enforcement Activities. Nothing in this order shall be construed to require the disclosure of law enforcement investigative sources or methods or to prohibit or otherwise impair any lawful investigative or protective activity undertaken for or by any officer, agent, or employee of the United States or any person acting pursuant to a contract or other agreement with such entities.
Sec. 8. Scope. Nothing in this order shall be construed to limit or otherwise affect the interpretation, application, or operation of 28 U.S.C. 1498.
Sec. 9. Judicial Review. This Executive order is intended only to improve the internal management of the executive branch and does not create any right or benefit, substantive or procedural, at law or equity by a party against the United States, its agencies or instrumentalities, its officers or employees, or any other person.
William J. Clinton.
§11102. Sense of Congress
It is the sense of Congress that, during the five-year period beginning with 1996, executive agencies should achieve each year through improvements in information resources management by the agency—
(1) at least a five percent decrease in the cost (in constant fiscal year 1996 dollars) incurred by the agency in operating and maintaining information technology; and
(2) a five percent increase in the efficiency of the agency operations.
(Pub. L. 107–217, Aug. 21, 2002, 116 Stat. 1236.)
§11103. Applicability to national security systems
(a) Definition.—
(1) National security system.—In this section, the term "national security system" means a telecommunications or information system operated by the Federal Government, the function, operation, or use of which—
(A) involves intelligence activities;
(B) involves cryptologic activities related to national security;
(C) involves command and control of military forces;
(D) involves equipment that is an integral part of a weapon or weapons system; or
(E) subject to paragraph (2), is critical to the direct fulfillment of military or intelligence missions.
(2) Limitation.—Paragraph (1)(E) does not include a system to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications).
(b) In General.—Except as provided in subsection (c), chapter 113 of this title does not apply to national security systems.
(c) Exceptions.—
(1) In general.—Sections 11313, 11315, and 11316 of this title apply to national security systems.
(2) Capital planning and investment control.—The heads of executive agencies shall apply sections 11302 and 11312 of this title to national security systems to the extent practicable.
(3) Applicability of performance-based and results-based management to national security systems.—
(A) In general.—Subject to subparagraph (B), the heads of executive agencies shall apply section 11303 of this title to national security systems to the extent practicable.
(B) Exception.—National security systems are subject to section 11303(b)(5) of this title, except for subparagraph (B)(iv).
(Pub. L. 107–217, Aug. 21, 2002, 116 Stat. 1236.)
Statutory Notes and Related Subsidiaries
Exemption From Requirement for Capital Planning and Investment Control for Information Technology Equipment Included as Integral Part of a Weapon or Weapon System
Pub. L. 114–328, div. A, title VIII, §895, Dec. 23, 2016, 130 Stat. 2326, as amended by Pub. L. 117–81, div. A, title XVII, §1702(l)(9), Dec. 27, 2021, 135 Stat. 2161, provided that:
"(a) Waiver Authority.—Notwithstanding subsection (c)(2) of section 11103 of title 40, United States Code, a national security system described in subsection (a)(1)(D) of such section shall not be subject to the requirements of paragraphs (2) through (5) of section 11312(b) of such title unless the milestone decision authority determines in writing that application of such requirements is appropriate and in the best interests of the Department of Defense.
"(b) Milestone Decision Authority Defined.—In this section, the term 'milestone decision authority' has the meaning given the term in section 4251(d)(5) of title 10, United States Code."