TITLE 10 - US CODE - SUBCHAPTER II - INTELLIGENCE COMMERCIAL ACTIVITIES

10 USC 431 - Authority to engage in commercial activities as security for intelligence collection activities

(a) Authority.— 
The Secretary of Defense, subject to the provisions of this subchapter, may authorize the conduct of those commercial activities necessary to provide security for authorized intelligence collection activities abroad undertaken by the Department of Defense. No commercial activity may be initiated pursuant to this subchapter after December 31, 2010.
(b) Interagency Coordination and Support.— 
Any such activity shall
(1) be coordinated with, and (where appropriate) be supported by, the Director of the Central Intelligence Agency; and
(2) to the extent the activity takes place within the United States, be coordinated with, and (where appropriate) be supported by, the Director of the Federal Bureau of Investigation.
(c) Definitions.— 
In this subchapter:
(1) The term commercial activities means activities that are conducted in a manner consistent with prevailing commercial practices and includes
(A) the acquisition, use, sale, storage and disposal of goods and services;
(B) entering into employment contracts and leases and other agreements for real and personal property;
(C) depositing funds into and withdrawing funds from domestic and foreign commercial business or financial institutions;
(D) acquiring licenses, registrations, permits, and insurance; and
(E) establishing corporations, partnerships, and other legal entities.
(2) The term intelligence collection activities means the collection of foreign intelligence and counterintelligence information.

10 USC 432 - Use, disposition, and auditing of funds

(a) Use of Funds.— 
Funds generated by a commercial activity authorized pursuant to this subchapter may be used to offset necessary and reasonable expenses arising from that activity. Use of such funds for that purpose shall be kept to the minimum necessary to conduct the activity concerned in a secure manner. Any funds generated by the activity in excess of those required for that purpose shall be deposited, as often as may be practicable, into the Treasury as miscellaneous receipts.
(b) Audits.— 

(1) The Secretary of Defense shall assign an organization within the Department of Defense to have auditing responsibility with respect to activities authorized under this subchapter.
(2) That organization shall audit the use and disposition of funds generated by any commercial activity authorized under this subchapter not less often than annually. The results of all such audits shall be promptly reported to the intelligence committees (as defined in section 437 (d) of this title).

10 USC 433 - Relationship with other Federal laws

(a) In General.— 
Except as provided by subsection (b), a commercial activity conducted pursuant to this subchapter shall be carried out in accordance with applicable Federal law.
(b) Authorization of Waivers When Necessary to Maintain Security.— 

(1) If the Secretary of Defense determines, in connection with a commercial activity authorized pursuant to section 431 of this title, that compliance with certain Federal laws or regulations pertaining to the management and administration of Federal agencies would create an unacceptable risk of compromise of an authorized intelligence activity, the Secretary may, to the extent necessary to prevent such compromise, waive compliance with such laws or regulations.
(2) Any determination and waiver by the Secretary under paragraph (1) shall be made in writing and shall include a specification of the laws and regulations for which compliance by the commercial activity concerned is not required consistent with this section.
(3) The authority of the Secretary under paragraph (1) may be delegated only to the Deputy Secretary of Defense, an Under Secretary of Defense, an Assistant Secretary of Defense, or a Secretary of a military department.
(c) Federal Laws and Regulations.— 
For purposes of this section, Federal laws and regulations pertaining to the management and administration of Federal agencies are only those Federal laws and regulations pertaining to the following:
(1) The receipt and use of appropriated and nonappropriated funds.
(2) The acquisition or management of property or services.
(3) Information disclosure, retention, and management.
(4) The employment of personnel.
(5) Payments for travel and housing.
(6) The establishment of legal entities or government instrumentalities.
(7) Foreign trade or financial transaction restrictions that would reveal the commercial activity as an activity of the United States Government.

10 USC 434 - Reservation of defenses and immunities

The submission to judicial proceedings in a State or other legal jurisdiction, in connection with a commercial activity undertaken pursuant to this subchapter, shall not constitute a waiver of the defenses and immunities of the United States.

10 USC 435 - Limitations

(a) Lawful Activities.— 
Nothing in this subchapter authorizes the conduct of any intelligence activity that is not otherwise authorized by law or Executive order.
(b) Domestic Activities.— 
Personnel conducting commercial activity authorized by this subchapter may only engage in those activities in the United States to the extent necessary to support intelligence activities abroad.
(c) Providing Goods and Services to the Department of Defense.— 
Commercial activity may not be undertaken within the United States for the purpose of providing goods and services to the Department of Defense, other than as may be necessary to provide security for the activities subject to this subchapter.
(d) Notice to United States Persons.— 

(1) In carrying out a commercial activity authorized under this subchapter, the Secretary of Defense may not permit an entity engaged in such activity to employ a United States person in an operational, managerial, or supervisory position, and may not assign or detail a United States person to perform operational, managerial, or supervisory duties for such an entity, unless that person is informed in advance of the intelligence security purpose of that activity.
(2) In this subsection, the term United States person means an individual who is a citizen of the United States or an alien lawfully admitted to the United States for permanent residence.

10 USC 436 - Regulations

The Secretary of Defense shall prescribe regulations to implement the authority provided in this subchapter. Such regulations shall be consistent with this subchapter and shall at a minimum
(1) specify all elements of the Department of Defense who are authorized to engage in commercial activities pursuant to this subchapter;
(2) require the personal approval of the Secretary or Deputy Secretary of Defense for all sensitive activities to be authorized pursuant to this subchapter;
(3) specify all officials who are authorized to grant waivers of laws or regulations pursuant to section 433 (b) of this title, or to approve the establishment or conduct of commercial activities pursuant to this subchapter;
(4) designate a single office within the Defense Intelligence Agency to be responsible for the management and supervision of all activities authorized under this subchapter;
(5) require that each commercial activity proposed to be authorized under this subchapter be subject to appropriate legal review before the activity is authorized; and
(6) provide for appropriate internal audit controls and oversight for such activities.

10 USC 437 - Congressional oversight

(a) Proposed Regulations.— 
Copies of regulations proposed to be prescribed under section 436 of this title (including any proposed revision to such regulations) shall be submitted to the intelligence committees not less than 30 days before they take effect.
(b) Current Information.— 
Consistent with title V of the National Security Act of 1947 (50 U.S.C. 413 et seq.), the Secretary of Defense shall ensure that the intelligence committees are kept fully and currently informed of actions taken pursuant to this subchapter, including any significant anticipated activity to be authorized pursuant to this subchapter.
(c) Annual Report.— 
Not later each year than the date provided in section 507 of the National Security Act of 1947 (50 U.S.C. 415b), the Secretary shall submit to the congressional intelligence committees (as defined in section 3 of that Act (50 U.S.C. 401a)) a report on all commercial activities authorized under this subchapter that were undertaken during the previous fiscal year. Such report shall include (with respect to the fiscal year covered by the report) the following:
(1) A description of any exercise of the authority provided by section 433 (b) of this title.
(2) A description of any expenditure of funds made pursuant to this subchapter (whether from appropriated or non-appropriated funds).
(3) A description of any actions taken with respect to audits conducted pursuant to section 432 of this title to implement recommendations or correct deficiencies identified in such audits.
(4) A description of each corporation, partnership, or other legal entity that was established.

10 USC 438 - Defense industrial security

(a) Responsibility for Defense Industrial Security.— 
The Secretary of Defense shall be responsible for the protection of classified information disclosed to contractors of the Department of Defense.
(b) Consistency With Executive Orders and Directives.— 
The Secretary shall carry out the responsibility assigned under subsection (a) in a manner consistent with Executive Order 12829 (or any successor order to such executive order) and consistent with policies relating to the National Industrial Security Program (or any successor to such program).
(c) Performance of Industrial Security Functions for Other Agencies.— 
The Secretary may perform industrial security functions for other agencies of the Federal government upon request or upon designation of the Department of Defense as executive agent for the National Industrial Security Program (or any successor to such program).
(d) Regulations and Policy Guidance.— 
The Secretary shall prescribe, and from time to time revise, such regulations and policy guidance as are necessary to ensure the protection of classified information disclosed to contractors of the Department of Defense.
(e) Dedication of Resources.— 
The Secretary shall ensure that sufficient resources are provided to staff, train, and support such personnel as are necessary to fully protect classified information disclosed to contractors of the Department of Defense.
(f) Biennial Report.— 
The Secretary shall report biennially to the congressional defense committees on expenditures and activities of the Department of Defense in carrying out the requirements of this section. The Secretary shall submit the report at or about the same time that the Presidents budget is submitted pursuant to section 1105 (a) of title 31, United States Code, in odd numbered years. The report shall be in an unclassified form (with a classified annex if necessary) and shall cover the activities of the Department of Defense in the preceding two fiscal years, including the following:
(1) The workforce responsible for carrying out the requirements of this section, including the number and experience of such workforce; training in the performance of industrial security functions; performance metrics; and resulting assessment of overall quality.
(2) A description of funds authorized, appropriated, or reprogrammed to carry out the requirements of this section, the budget execution of such funds, and the adequacy of budgets provided for performing such purpose.
(3) Statistics on the number of contractors handling classified information of the Department of Defense, and the percentage of such contractors who are subject to foreign ownership, control, or influence.
(4) Statistics on the number of violations identified, enforcement actions taken, and the percentage of such violations occurring at facilities of contractors subject to foreign ownership, control, or influence.
(5) An assessment of whether major contractors implementing the program have adequate enforcement programs and have trained their employees adequately in the requirements of the program.
(6) Trend data on attempts to compromise classified information disclosed to contractors of the Department of Defense to the extent that such data are available.