PATCH Act of 2017

[AI summary unavailable — showing source text] Protecting Our Ability to Counter Hacking Act of 2017 or the PATCH Act of 2017 This bill establishes the Vulnerability Equities Review Board to establish and make available to the public policies on matters relating to whether, when, how, to whom, and to what degree information about a vulnerability in a technology, product, system, service, or application that is not publicly known should be shared or released by the government to a non-federal entity. The board must submit to Congress and the President a draft of such policies, along with a description of challenges or impediments requiring legislative or administrative action. Each federal agency shall, upon obtaining information about such a vulnerability, subject such information to a process established by the board for sharing or releasing the information. Process considerations shall include: which technologies, products, systems, services, or applications are subject to the vulnerability; the potential risks of leaving the vulnerability unpatched or unmitigated; the likelihood that a non-federal entity will discover the vulnerability; and whether the vulnerability can be patched or otherwise mitigated. An agency may share …