DHS/CISA may get administrative subpoena authority for subscriber information

[Sean Donelan <sean () donelan com>]

https://fcw.com/articles/2019/12/12/cisa-bill-new-authority-johnson.aspx

The Cybersecurity Vulnerability Identification and Notification Act of 
2019 would allow CISA to subpoena subscriber information for enterprise 
devices or systems [...]

Subpoenas would be issued when the director of CISA identifies internet 
connected systems with specific vulnerabilities, is unable to identify the 
entity at risk and "has reason to believe" it relates to critical 
infrastructure. The Senate bill, which was obtained by FCW, adds a 
provision not included in the original DHS proposal specifying that the 
authority cannot not be used for information relating to "personal devices 
and systems, such as consumer mobile devices, home computers, residential 
wireless routers, or residential Internet enabled consumer devices."
[...]