3 lawmakers in the United States introduced a bill - Protect Our Universities Act - on 12 March 2019 that would bar researchers who work on many federally funded projects from using any technology from those companies – or from any other companies with close ties to the Russian or Chinese governments. The goal is to ensure it’s just as hard for Russian and Chinese government-linked hackers to steal important U.S. academic research as it is for them to steal government secrets.
The Act applies to projects that receive funding from the intelligence community, Pentagon and Energy departments, but not to classified projects, which are subject to numerous other security requirements. It would also apply to projects dealing with technology that the State and Commerce departments have restricted from being sold abroad to some degree.
The cybersecurity provisions in the bill are part of a larger set of security measures that include requiring the intelligence community to conduct background checks on students and researchers who work on those projects and who are citizens of Russia, China, Iran or North Korea.
Concurrent with the above, the US government is also creating a committee to review cybersecurity and national security dangers posed by all federal contractors and to recommend banning the riskiest ones — including companies with ties to governments such as Russia and China that U.S. officials don’t trust. The Protect Our Universities Act would create a similar commission to determine which companies are too risky to be trusted near sensitive research projects and to share the list of those companies with universities.
The list, which would be regularly updated, should also include any companies that are controlled by or have deep financial ties to the Russian or Chinese governments or to Iran or North Korea.
