United States of America: Applicability of Cybersecurity Information Sharing Act of 2015 including government access to data provisions ends
Description
Applicability of Cybersecurity Information Sharing Act of 2015 including government access to data provisions ends
On 30 January 2026, the Cybersecurity Information Sharing Act of 2015 (S.754) expires unless reauthorised by Congress. The expiration ends the Law’s provisions on government access to data, including the authorisation for private entities to share cyber threat indicators with the federal government and the requirement for automatic distribution to designated agencies. It also terminates associated data protection obligations, such as the removal of personal information not directly related to cybersecurity threats and the federal duties for privacy review, oversight, and audit.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Government access to data
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
legislature
Government Body
parliament
Complete timeline of this policy change
Hide details
2015-03-17
under deliberation
2015-12-18
in force
2025-11-12
to be revoked