US Code
SUBCHAPTER I— GENERAL
§ 4111. Annual report by Comptroller General of the United States on cybersecurity and surveillance threats to Congress

(a) Annual report requiredNot later than 180 days after December 20, 2019, and not less frequently than once each year thereafter, the Comptroller General of the United States shall submit to the congressional intelligence committees a report on cybersecurity and surveillance threats to Congress.
(b) StatisticsEach report submitted under subsection (a) shall include statistics on cyber attacks and other incidents of espionage or surveillance targeted against Senators or the immediate families or staff of the Senators, and Representatives, Delegates, and the Resident Commissioner, or the immediate families or staff of the Representatives, Delegates, and the Resident Commissioner, in which the nonpublic communications and other private information of such targeted individuals were lost, stolen, or otherwise subject to unauthorized access.
(c) ConsultationIn preparing a report to be submitted under subsection (a), the Comptroller General shall consult with the Director of National Intelligence, the Secretary of Homeland Security, the Sergeant at Arms of the House of Representatives, and the Sergeant at Arms and Doorkeeper of the Senate.
(d) FormThe report under subsection (a), including the contents of the report in subsection (b), shall be submitted in unclassified form, but may include a classified annex to protect sources and methods and any appropriate redactions of personally identifiable information.