United States of America: Cybersecurity Information Sharing Act of 2015 (SB 754) including government access to data provisions enters into force through Consolidated Appropriations Act 2016

On 18 December 2015, the Cybersecurity Information Sharing Act of 2015 (SB 754) as Division N of HR 2029 – Consolidated Appropriations Act 2016 enters into force. The Law applies to private entities and federal agencies engaged in the voluntary exchange of cyber threat indicators and defensive measures. The Law authorises private entities to share information with the federal government through a real-time system operated by the Department of Homeland Security and requires automatic distribution to designated agencies. It limits government use of received data to cybersecurity purposes and specified criminal offences, and mandates that personal information unrelated to cybersecurity threats be removed prior to further use.