SOS Act

Securing our Secrets Act or the SOS Act

This bill requires Department of State employees engaging in work-related electronic communications to use only state.gov email accounts, telephonic systems owned and managed by the State Department, or other systems owned and managed by the State Department or another appropriate federal agency.

The State Department may temporarily waive these requirements for an employee, or a group of up to 10 employees, by certifying that: (1) the waiver is in the foreign policy or national security interest of the United States, and (2) all work-related written communications on nongovernmental systems will be appropriately archived.

The State Department must report annually on: (1) every security violation, including unauthorized transfers of classified information into electronic systems, transmissions, or storage not certified for handling classified information; and (2) its justification for failing to terminate an employee who commits a violation after having committed previous security violations during the prior 10 years or to request a Federal Bureau of Investigation review of such a violation.

State Department employees holding security clearances are subject to the Bureau of Diplomatic Security's quarterly collection of random samples of their emails to detect classified information spillage.

The State Department must submit a plan to train State Department employees to: (1) identify classified information in materials subject to Freedom of Information Act requests, (2) ensure that intelligence community officials have an opportunity to make classification determinations on information potentially originating with the intelligence community, and (3) certify annually that they have archived their emails and documents in accordance with federal law.