Protecting Stolen Encrypted Data Act of 2026

Margaret Wood Hassan

Democrat · NH · Senator

Source: Congress.gov · FEC

• Marsha Blackburn (R-TN)Original· 2026-03-26

Read twice and referred to the Select Committee on Intelligence.

2026-03-26

Source: Congress.gov

This bill would likely create new legal protections and penalties related to stolen encrypted data that affects national security or the military. It probably aims to strengthen how the government handles cases where sensitive encrypted information is stolen, potentially by establishing clearer rules about what counts as a serious crime and what punishments apply. The bill would primarily affect federal law enforcement agencies, military personnel, and possibly cybersecurity professionals who work with classified information.

AI-assisted summary generated from the official bill metadata (title, subjects, actions) sourced from Congress.gov. Cached and reviewed. Always verify against the official text linked below.

[Congressional Bills 119th Congress] [From the U.S. Government Publishing Office] [S. 4230 Introduced in Senate (IS)] <DOC> 119th CONGRESS 2d Session S. 4230 To require the Federal Government to identify and address stolen sensitive data and classified information, and for other purposes. _______________________________________________________________________ IN THE SENATE OF THE UNITED STATES March 26, 2026 Ms. Hassan (for herself and Mrs. Blackburn) introduced the following bill; which was read twice and referred to the Select Committee on Intelligence _______________________________________________________________________ A BILL To require the Federal Government to identify and address stolen sensitive data and classified information, and for other purposes. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Protecting Stolen Encrypted Data Act of 2026''. SEC. 2. ADDRESSING STOLEN SENSITIVE DATA. (a) Definitions.--In this section: (1) Classified information.--The term ``classified information'' has the meaning given such term in section 805 of the National Security Act of 1947 (50 U.S.C. 3164). (2) Covered data.--The term ``covered data'' means includes the following: (A) Financial, medical, and biometric data of United States persons. (B) Intellectual property of United States persons. (C) Trade secrets of United States persons. (3) United states person.--The term ``United States person'' has the meaning given such term in section 101 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801). (b) Addressing Stolen Sensitive Data.-- (1) Strategies to identify.--The President shall, acting through the Secretary of Defense and the Director of National Intelligence, develop strategies to identify-- (A) covered data and classified information unlawfully held by foreign entities; (B) whether such data and information were encrypted; and (C) whether such data and information have been decrypted by such foreign entities. (2) Strategies to address.--The President shall, acting through the Secretary of Defense and the Director of National Intelligence, develop strategies regarding how to address stolen covered data and classified information. (3) Destruction, manipulation, or recovery.-- (A) Determination of economic and national security interest.--The Secretary and the Director shall jointly determine whether the destruction, manipulation, or recovery of covered data and classified information identified pursuant to the strategies developed under paragraph (1) would be in the economic and national security interest of the United States. (B) Destruction, manipulation, or recovery.--In a case in which the Secretary and the Director jointly determine under subparagraph (A) that destroying, manipulating, or recovering covered data or classified information is in the economic and national security interested of the United States, the Secretary and the Director may jointly-- (i) pursuant to strategies required by paragraph (1), identify encrypted covered data and classified information that is unlawfully held by a foreign entity that has not been decrypted by the foreign entity; (ii) pursuant to the strategies required by paragraph (2), attempt to destroy, manipulate, or recover the data and information identified pursuant to clause (i); and (iii) when practicable, inform the lawful owners of covered data or classified information-- (I) of the intent of the Secretary or the Director, as the case may be, to destroy, manipulate, or recover the covered data or classified information; and (II) upon successful destruction, manipulation, or recovery of the covered data or classified information. (c) Report.-- (1) In general.--Not later than 1 year after the date of the enactment of this Act, the Secretary and the Director shall jointly submit to Congress a report on the strategies developed under paragraphs (1) and (2) of subsection (c) and the actions taken under paragraph (3) of such subsection. (2) Recommendations.--The report submitted pursuant to paragraph (1) shall include such recommendations as…

the Secretary and the Director may have for legislative or administrative action to carry out subsection (c). (3) Form.--The report submitted pursuant to paragraph (1) shall be submitted in unclassified form, but may include a classified annex. <all>

• S4578Gateway to Careers Act of 2026
  Referred to Committee · 2026-05-20
• S4510Relief for Families of the Fallen Act
  Referred to Committee · 2026-05-13
• SRES687A resolution supporting the designation of the week of April 27 through May 1, 2026, as "National Specialized Instructional Support Personnel Appreciation Week".
  Referred to Committee · 2026-04-27
• S4332Medication Competition Act
  Referred to Committee · 2026-04-16