Policy Visualization

Bill Overview

Title: RANSOMWARE Act

Description: This bill requires the Federal Trade Commission to report on cross-border complaints received that involve ransomware or other cyber-related attacks committed by certain foreign individuals, companies, and governments. The report must focus specifically on attacks committed by (1) Russia, China, North Korea, or Iran; or (2) individuals or companies that are located in or have ties to those countries.

Sponsors: Rep. Bilirakis, Gus M. [R-FL-12]

Target Audience

Population: Individuals and entities at risk of cyber-attacks globally

Estimated Size: 330000000

Ransomware and cyber-related attacks are a global issue affecting individuals, businesses, and governments across the world. The internet has no borders, meaning any person or entity connected online could potentially be a target.
The bill targets individuals, companies, and governments from Russia, China, North Korea, and Iran, suggesting it is aimed at deterring actors likely originating from or associated with these countries.
This legislation could impact all entities involved in cybersecurity, reporting procedures, and international digital relations.
It highlights the importance of cross-border digital security efforts which are relevant to global populations due to the interconnected nature of cyber networks.

Reasoning

Ransomware and cyberattacks are increasingly common threats faced by individuals, businesses, and institutions in the United States, given its advanced digital infrastructure.
The proposed policy specifically targets activities originating from specific high-risk countries known for engaging in or supporting cyberattacks.
The budget constraints necessitate focusing on areas with substantial impact potential like large businesses, essential governmental bodies, and areas with past attack histories.
Many individuals and small businesses may not feel the direct impact of the policy immediately but may benefit indirectly from improved security measures and reporting.
People working in or closely with cybersecurity industries or international businesses with digital operations might experience more significant impacts from such a policy.

Simulated Interviews

IT Security Specialist (San Francisco, CA)

Age: 45 | Gender: female

Wellbeing Before Policy: 7

Duration of Impact: 5.0 years

Commonness: 3/20

Statement of Opinion:

The policy is a necessary step for prioritizing issues that tech companies face due to international cyber threats.
Enhanced reporting will hopefully reduce attack frequency over time.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	8	7
Year 2	7	7
Year 3	7	6
Year 5	8	6
Year 10	9	5
Year 20	9	4

Small Business Owner (Austin, TX)

Age: 32 | Gender: male

Wellbeing Before Policy: 5

Duration of Impact: 3.0 years

Commonness: 4/20

Statement of Opinion:

I hope the policy will prevent future attacks on small businesses like mine.
It might take time to see the actual benefits, but awareness is a good start.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	5
Year 2	7	5
Year 3	7	4
Year 5	6	4
Year 10	7	3
Year 20	7	3

Software Developer (New York, NY)

Age: 27 | Gender: male

Wellbeing Before Policy: 6

Duration of Impact: 2.0 years

Commonness: 5/20

Statement of Opinion:

It's good that there is more focus on international cyber threats, but will small companies get enough support?
The policy should include resources for startups to better protect their data.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	6
Year 2	6	6
Year 3	7	6
Year 5	6	5
Year 10	6	4
Year 20	5	3

Government Policy Advisor (Washington, D.C.)

Age: 54 | Gender: female

Wellbeing Before Policy: 8

Duration of Impact: 10.0 years

Commonness: 1/20

Statement of Opinion:

This policy helps align international effort and resources towards mitigating cyber threats from hostile nations.
Success would depend on cooperation among agencies and countries.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	9	8
Year 2	8	8
Year 3	9	8
Year 5	9	7
Year 10	9	7
Year 20	10	6

Cybersecurity Consultant (Chicago, IL)

Age: 38 | Gender: other

Wellbeing Before Policy: 6

Duration of Impact: 6.0 years

Commonness: 2/20

Statement of Opinion:

The policy will help frame more robust defense strategies for my clients.
There's a need for more financial resources towards practical defenses rather than just monitoring.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	6
Year 2	7	6
Year 3	8	5
Year 5	8	5
Year 10	8	4
Year 20	7	4

Freelance Graphic Designer (Philadelphia, PA)

Age: 30 | Gender: female

Wellbeing Before Policy: 8

Duration of Impact: 1.0 years

Commonness: 10/20

Statement of Opinion:

I don't feel directly impacted by this policy as my work is not data-sensitive.
It’s nice to see efforts in place to prevent cyber threats though.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	8	8
Year 2	8	8
Year 3	8	8
Year 5	8	8
Year 10	8	8
Year 20	8	8

Retired University Professor (Seattle, WA)

Age: 65 | Gender: male

Wellbeing Before Policy: 7

Duration of Impact: 3.0 years

Commonness: 7/20

Statement of Opinion:

It's an imperative step towards safeguarding digital infrastructure.
Hope it leads to educating public more on digital security and cyber law reforms.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	7
Year 2	8	7
Year 3	8	7
Year 5	7	6
Year 10	6	5
Year 20	6	4

College Student (Miami, FL)

Age: 22 | Gender: male

Wellbeing Before Policy: 5

Duration of Impact: 2.0 years

Commonness: 8/20

Statement of Opinion:

Good to see actions against cyber threats, though it seems far removed from my daily concerns.
The awareness this policy could generate is a step in the right direction.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	6	5
Year 2	6	5
Year 3	6	5
Year 5	6	5
Year 10	6	4
Year 20	6	4

Healthcare Administrator (Houston, TX)

Age: 48 | Gender: female

Wellbeing Before Policy: 6

Duration of Impact: 5.0 years

Commonness: 3/20

Statement of Opinion:

The policy might enhance the security of healthcare data if executed well.
Cybersecurity is crucial due to increasing cyber threats to healthcare systems.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	7	6
Year 2	7	6
Year 3	8	5
Year 5	8	5
Year 10	8	5
Year 20	8	5

CEO of a Tech Startup (Los Angeles, CA)

Age: 39 | Gender: male

Wellbeing Before Policy: 7

Duration of Impact: 10.0 years

Commonness: 2/20

Statement of Opinion:

Hoping this policy adds extra layers of security for businesses engaging in international digital commerce.
There's a need for wider adoption and transparency to truly make a difference.

Wellbeing Over Time (With vs Without Policy)

Year	With Policy	Without Policy
Year 1	8	7
Year 2	8	7
Year 3	8	6
Year 5	9	5
Year 10	9	5
Year 20	9	5

Cost Estimates

Year 1: $50000000 (Low: $30000000, High: $70000000)

Year 2: $45000000 (Low: $25000000, High: $65000000)

Year 3: $45000000 (Low: $25000000, High: $65000000)

Year 5: $40000000 (Low: $20000000, High: $60000000)

Year 10: $35000000 (Low: $15000000, High: $55000000)

Year 100: $20000000 (Low: $0, High: $40000000)

Key Considerations

Cross-border cooperation and information sharing with international partners will be crucial for the success of the policy.
There may be resistance or challenges from foreign entities or countries targeted by this policy, which could impact its implementation.
Balancing privacy concerns with the need for extensive monitoring and data collection will be necessary.
The evolving nature of cyber threats implies that costs and strategies may need regular updates.