Cyberthreat Data Sharing Legislation Advances

The House on April 22 passed legislation granting liability protections to U.S. companies that share cyberthreat information with each other and the federal government. The Protecting Cyber Networks Act (H.R. 1560) would allow companies to voluntarily share information on cyberthreat indicators and defensive measures while requiring them to remove any personal data before providing the data to the government. If shared in good faith, the company would receive protection from private and regulatory actions arising from the disclosure; liability protections would not extend to willful misconduct. A new National Cyber Threat Intelligence Integration Center would be the lead agency to collect and disseminate cyberthreat data on behalf of the federal government. An amendment to the bill adopted a “sunset” provision of seven years.
The House is expected to vote today on another, similar bill, the National Cybersecurity Protection Advancement Act of 2015 (H.R. 1731). That bill also would provide liability protections for sharing information on cyberattacks, but would designate the Department of Homeland Security’s National Cybersecurity and Communications Integration Center as the lead agency for sharing information. If enacted, the bill would be combined with H.R. 1560 and sent to the Senate for consideration.


Back to top