By the authority vested in me as President by the Constitution and the laws of the United States of America, including section 1 of title II of the Act of June 15, 1917, as amended (46 U.S.C. 70051) (the “Act”), and in addition to the finding in Executive Order 10173 of October 18, 1950, and any other declaration or finding in force under section 1 of the Act, I find that the security of the United States is endangered by reason of disturbances in the international relations of the United States that exist as a result of persistent and increasingly sophisticated malicious cyber campaigns against the United States, and that such disturbances continue to endanger such relations, and hereby order that:

Section 1.  Amendments.  Part 6 of title 33 of the Code of Federal Regulations is amended by:

(a)  Amending section 6.01-3 to read as follows:

“6.01-3.  Captain of the Port.  Captain of the Port, as used in this part, means the officer of the Coast Guard, under the command of a District Commander, so designated by the Commandant for the purpose of giving immediate direction to Coast Guard law enforcement activities within the Captain of the Port’s assigned area.  In addition, the District Commander will be Captain of the Port with respect to the remaining areas in the District not assigned to officers designated by the Commandant as Captain of the Port.”;

     (b)  Amending section 6.01-5 to read as follows:

“6.01-5.  Security zone.  Security zone, as used in this part, means all areas of land, water, or land and water, which are so designated by the Captain of the Port for such time as the Captain of the Port deems necessary to prevent damage or injury to any vessel or waterfront facility, to safeguard ports, harbors, territories, or waters of the United States or to secure the observance of the rights and obligations of the United States.”;

     (c)  Adding after the existing section 6.01-6 the following new section:

“6.01-7.  Damage.  Damage, as used in this part in connection with any data, information, network, program, system, or other digital infrastructure, has the meaning ascribed to “damage” under 18 U.S.C. 1030(e)(8).”;

     (d)  Adding after the new section 6.01-7 the following new section:

“6.01-8.  Cyber incident.  Cyber incident, as used in this part, has the meaning ascribed to an “incident” under 44 U.S.C. 3552(b)(2).”;

     (e)  Amending section 6.04-5 to read as follows:

“6.04-5.  Preventing access of persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, to vessels, or waterfront facilities.  The Captain of the Port may prevent any person, article, or thing, including any data, information, network, program, system, or other digital infrastructure, from boarding or being taken or placed on board any vessel or entering or being taken into or upon or placed in or upon any waterfront facility whenever it appears to the Captain of the Port that such action is necessary in order to secure such vessel from damage or injury or to prevent damage or injury to any vessel, or waterfront facility, including any data, information, network, program, system, or other digital infrastructure therein or thereon, or waters of the United States, or to secure the observances of rights and obligations of the United States.”;

     (f)  Amending section 6.04-6 to read as follows:

“6.04-6.  Establishing security zones; prohibitions with respect thereto.  The Captain of a Port may establish security zones subject to the terms and conditions specified in § 6.01–5.  No person or vessel shall enter a security zone without the permission of the Captain of the Port.  No person shall board or take or place any article or thing, including any data, information, network, program, system, or other digital infrastructure, on board any vessel in a security zone without the permission of the Captain of the Port.  No person shall take or place any article or thing upon any waterfront facility in any such zone without such permission.”;

     (g)  Amending section 6.04-7 to read as follows:

“6.04-7.  Visitation, search, and removal.  As consistent with law, the Captain of the Port may cause to be inspected and searched at any time any vessel, waterfront facility, or security zone, or any person, article, or thing, including any data, information, network, program, system, or other digital infrastructure thereon or therein, within the jurisdiction of the United States, may place guards upon any such vessel, waterfront facility, or security zone and may remove therefrom any and all persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, not specifically authorized by the Captain of the Port to go or remain thereon or therein.”;

     (h)  Amending section 6.04-8 to read as follows:

“6.04-8.  Possession and control of vessels.  The Captain of the Port may supervise and control the movement of any vessel and shall take full or partial possession or control of any vessel or any part thereof, within the territorial waters of the United States under the Captain of the Port’s jurisdiction, whenever it appears to the Captain of the Port that such action is necessary in order to secure such vessel from damage or injury, including damage to any data, information, network, program, system, or other digital infrastructure thereon or therein, or to prevent damage or injury to any vessel or waterfront facility or waters of the United States, or to secure the observance of rights and obligations of the United States.”;

     (i)  Amending section 6.10-7 to read as follows:

“6.10-7.  Identification credentials.  The identification credential to be issued by the Commandant shall be known as the Coast Guard Port Security Card, and the form of such credential, and the conditions and the manner of its issuance shall be as prescribed by the Commandant after consultation with the Secretary of Labor.  The Commandant shall not issue a Coast Guard Port Security Card unless the Commandant is satisfied that the character and habits of life of the applicant therefor are such as to authorize the belief that the presence of such individual on board a vessel or within a waterfront facility would not be inimical to the security of the United States.  The Commandant shall revoke and require the surrender of a Coast Guard Port Security Card when the Commandant is no longer satisfied that the holder is entitled thereto.  The Commandant may recognize for the same purpose such other credentials as the Commandant may designate in lieu of the Coast Guard Port Security Card.”;

     (j)  Amending section 6.14-1 to read as follows:

“6.14-1.  Safety measures.  The Commandant, in order to achieve the purposes of this part, may prescribe such conditions and restrictions relating to the safety of waterfront facilities and vessels in port as the Commandant finds to be necessary under existing circumstances.  Such conditions and restrictions may extend, but shall not be limited to, the inspection, operation, maintenance, guarding, and manning of, and fire-prevention measures for, such vessels and waterfront facilities.  Such conditions and restrictions relating to the safety of waterfront facilities and vessels in port may also extend to measures the Commandant finds to be necessary under existing circumstances to prevent, detect, assess, and remediate an actual or threatened cyber incident that could cause damage or injury to vessels, harbors, ports, or waterfront facilities.”;

     (k)  Amending section 6.14-2 to read as follows:

“6.14-2.  Condition of waterfront facility a danger to vessel.  Whenever the Captain of the Port finds that the mooring of any vessel to a wharf, dock, pier, or other waterfront structure would endanger such vessel, or any other vessel, or the harbor or any facility therein by reason of conditions existing on or about such wharf, dock, pier, or other waterfront structure, including inadequate guard service, insufficient lighting, fire hazards, inadequate fire protection, unsafe machinery, internal disturbance, damage to any data, information, network, program, system, or other digital infrastructure, actual or threatened cyber incident, or unsatisfactory operation, the Captain of the Port may prevent the mooring of any vessel to such wharf, dock, pier, or other waterfront structure until the unsatisfactory condition or conditions so found are corrected, and the Captain of the Port may, for the same reasons, after any vessel has been moored, compel the shifting of such vessel from any such wharf, dock, pier, or other waterfront structure.”;

     (l)  Amending section 6.16-1 to read as follows:

“6.16-1.  Reporting of sabotage, subversive activity, or an actual or threatened cyber incident.  Evidence of sabotage, subversive activity, or an actual or threatened cyber incident involving or endangering any vessel, harbor, port, or waterfront facility, including any data, information, network, program, system, or other digital infrastructure thereon or therein, shall be reported immediately to the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency (for any cyber incident), and the Captain of the Port, or to their respective representatives.”;

     (m)  Amending section 6.16-3 to read as follows:

“6.16-3.  Precautions against sabotage.  The master, owner, agent, or operator of a vessel or waterfront facility shall take all necessary precautions to protect the vessel, waterfront facility, and cargo, including any data, information, network, program, system, or other digital infrastructure thereon or therein, from sabotage.”; and

     (n)  Amending section 6.19-1 to read as follows:

“6.19-1.  Primary responsibility.  Nothing contained in this part shall be construed as relieving the masters, owners, operators, and agents of vessels or other waterfront facilities from their primary responsibility for the protection and security of such vessels or waterfront facilities, including any data, information, network, program, system, or other digital infrastructure thereon or therein.”.

     Sec. 2.  Coordination.  In enforcing regulations amended by this order, the Commandant shall coordinate with the Department of Justice and other relevant executive departments and agencies, as appropriate under applicable law or policy.

     Sec. 3.  General Provisions.  (a)  Nothing in this order shall be construed to impair or otherwise affect:

(i)   the authority granted by law to an executive department or agency, or the head thereof; or

(ii)  the functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.

      (b) This order shall be implemented consistent with applicable law and subject to the availability of appropriations.

     (c) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

                              JOSEPH R. BIDEN JR.

THE WHITE HOUSE,
  February 21, 2024.

Stay Connected

Sign Up

We'll be in touch with the latest information on how President Biden and his administration are working for the American people, as well as ways you can get involved and help our country build back better.

Opt in to send and receive text messages from President Biden.

Scroll to Top Scroll to Top
Top