US Congress Senate Bill 2102 (Prior Session Legislation)

---

Spectrum: Partisan Bill (Democrat 2-0)
Status: Introduced on February 13 2012 - 25% progression, died in committee
Action: 2012-02-13 - Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
Pending: Senate Homeland Security And Governmental Affairs Committee
Text: Latest bill text (Introduced) [PDF]

Cybersecurity Information Sharing Act of 2012 - Authorizes private entities to monitor information systems for cybersecurity threats and operate countermeasures for protection, including the information systems of third parties authorizing such measures. Allows private entities to disclose lawfully obtained cybersecurity threat indicators to any other private entity, provided that the entities: (1) make efforts to safeguard information that can be used to identify specific persons, (2) comply with lawful use or disclosure restrictions, (3) not use the indicators to gain an unfair competitive advantage, and (4) use the indicators only for the purpose of protecting against or mitigating cybersecurity threats. Directs the Secretary of Homeland Security (DHS) to establish processes and procedures for: (1) designating appropriate federal and non-federal entities as cybersecurity exchanges, (2) sharing classified and unclassified cybersecurity threat information with designated cybersecurity exchanges and other appropriate entities, and (3) identifying certified entities to receive such classified information. Directs the Secretary to designate a federal entity as the lead cybersecurity exchange for cybersecurity information sharing among federal entities and with non-federal entities. Allows a non-federal entity to disclose lawfully obtained cybersecurity threat information to an exchange. Requires the Secretary to develop policies and procedures that govern a federal entity's receipt, retention, use, and disclosure of cybersecurity threat information in a manner that minimizes the impact on privacy and civil liberties. Directs: (1) the Secretary and the Attorney General (DOJ) to establish a mandatory program to oversee compliance with such policies and procedures, and (2) the heads of federal entities to develop and enforce appropriate sanctions for officers, employees, or agents of the federal entities who conduct prohibited activities. Provides legal protections for entities engaged in cybersecurity monitoring activities, including a good faith defense.

Cybersecurity Information Sharing Act of 2012

Sen. Dianne Feinstein [D-CA]

Sen. Barbara Mikulski [D-MD]

Date	Chamber	Action
2012-02-13	Senate	Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
2012-02-13	Senate	Sponsor introductory remarks on measure. (CR S568-569)

SB2105 (Related) 2012-02-16 - Committee on Homeland Security and Governmental Affairs. Hearings held. Hearings printed: S.Hrg. 112-524.
SB3414 (Related) 2012-11-14 - Upon reconsideration, cloture on the bill not invoked in Senate by Yea-Nay Vote. 51 - 47. Record Vote Number: 202. (consideration: CR S6784; text: CR S6784)

Type	Source
Summary	https://www.congress.gov/bill/112th-congress/senate-bill/2102/all-info
Text	https://www.congress.gov/112/bills/s2102/BILLS-112s2102is.pdf