Sec. 9. (a) After June 30, 2023, a qualified entity may not enter into an agreement relating to critical infrastructure with a company if: (1) under the agreement, the company would be able to directly or remotely access or control critical infrastructure or a cybersecurity system of a critical infrastructure; and (2) the company is: (A) owned by, or the majority of stock or other ownership interest of the company is held or controlled by: (i) individuals who are citizens of China, Iran, North Korea, Russia, or a country designated as a threat to critical infrastructure by the governor under section 8(b) of this chapter; or (ii) a company or other entity, including a governmental entity, that is owned or controlled by citizens of, or is directly controlled by the government of, China, Iran, North Korea, Russia, or a country designated as a threat to critical infrastructure by the governor under section 8(b) of this chapter; or (B) headquartered in China, Iran, North Korea, Russia, or a country designated as a threat to critical infrastructure by the governor under section 8(b) of this chapter. (b) The prohibition set forth in subsection (a) applies regardless of whether: (1) the securities of the company, or of the company's parent company, are publicly traded; or (2) the company or the company's parent company is listed as a company of a country designated as a threat by the governor under section 8(b) of this chapter or a Chinese, Iranian, North Korean, or Russian company on a public stock exchange; as applicable.
‹ Prev All Indiana sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.