United States of America: Cybersecurity Information Sharing Act of 2015 (SB 754) including data protection regulation enters into force through Consolidated Appropriations Act 2016

On 18 December 2015, the Cybersecurity Information Sharing Act of 2015 (SB 754) as Division N of the HR 2029 – Consolidated Appropriations Act, 2016. The Law applies to federal entities and private organisations that voluntarily share cyber threat indicators and defensive measures. The Law imposes obligations on the federal government to remove personal information not directly related to cybersecurity threats prior to data use or dissemination, mandates the implementation of privacy and civil liberties guidelines by all participating federal agencies, and requires oversight by agency Inspectors General.