This legislation is significant as it establishes a framework for evaluating and mitigating cybersecurity risks associated with foreign cranes, particularly those that may connect to U.S. port cyber infrastructures. By placing these cranes under stringent inspection protocols, the bill aims to fortify maritime transportation security. Additionally, if a contract for a foreign crane is signed after the bill's enactment, the bill prohibits the crane from being operated at U.S. ports, reflecting a robust approach to minimizing risk. These measures may reshape how port operators integrate foreign technology.
Summary
House Bill 3169, known as the Port Crane Security and Inspection Act of 2023, seeks to enhance security measures for foreign cranes used at U.S. ports. The bill mandates inspections of newly constructed foreign cranes deemed high risk to port security before they can be put into service. It also requires the Secretary of Homeland Security to assess the security threats posed by all existing and newly constructed foreign cranes and to ensure that any crane posing such risks is taken offline until cleared. The intent is to safeguard U.S. port operations against potential threats linked to foreign adversaries.
Contention
Notably, the bill defines a 'covered foreign country' as one identified by the U.S. intelligence community as a foreign adversary, thereby adding a layer of geopolitical scrutiny to the crane procurement process. This could potentially limit international trade and business relations within the maritime industry, raising concerns among stakeholders about the implications on operational efficiency and costs. As the bill seeks to revoke permissions for certain foreign cranes and software, it may face pushback from companies reliant on these technologies and could ignite debates about the balance between national security and trade accessibility.
Port Crane Security and Inspection Act of 2025 This bill limits the operation of foreign cranes at U.S. ports. In general, foreign cranes are those that have information technology and operational technology components that (1) were manufactured by companies that are subject to the ownership, control, or influence of a country designated as a foreign adversary; and (2) connect to ports' cyber infrastructure.Foreign cranes that are contracted for on or after the date of the bill's enactment may not operate at a U.S. port. Also, beginning five years after this bill is enacted, foreign cranes operating at U.S. ports may not use software or other technology manufactured by a company owned by a country designated as a foreign adversary.Additionally, the Cybersecurity and Infrastructure Security Agency (CISA) must (1) inspect foreign cranes for potential security risks or threats before they are placed into operation, (2) assess the threat posed by security risks or threats of existing or newly constructed foreign cranes, and (3) take any crane that poses a security risk or threat offline until the crane can be certified as no longer being a risk or threat.CISA must also report to Congress about security risks or threats posed by foreign cranes at U.S. ports.
Furthering Operations for Resiliency, Transparency, and Integrity to Fortify (FORTIFY) United States Research Act Research Integrity and Security Act of 2024