U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. News
  3. Publication Library
  4. DHS/CISA/PIA-038 Use of Administrative Subpoenas for Cybersecurity Vulnerability Identification and Notification

DHS/CISA/PIA-038 Use of Administrative Subpoenas for Cybersecurity Vulnerability Identification and Notification

The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) has established a process that permits CISA, pursuant to statutory authority, the use of administrative subpoenas for cybersecurity vulnerability identification and notification. This process allows CISA to issue administrative subpoenas and receive customer or subscriber contact information from service providers to identify and notify owners or operators of covered systems and devices related to critical infrastructure that have a specific security vulnerability. CISA is conducting this Privacy Impact Assessment (PIA) because responses to administrative subpoenas will include the personally identifiable information (PII) of individuals identified by subpoenaed service providers, such as Internet Service Providers (ISPs), as relevant points of contact. May 2021

Associated SORN(s):

  • DHS/CISA-005 Administrative Subpoenas for Cybersecurity Vulnerability Identification and Notification System of Records

Attachment Ext. Size Date
DHS/CISA/PIA-038 Use of Administrative Subpoenas for Cybersecurity Vulnerability Identification and Notification PDF 426.89 KB 05/13/2021
Last Updated: 03/31/2023
Was this page helpful?
This page was not helpful because the content