Sponsors (16)
The bill preserves and extends cyber threat‑information sharing authorities and legal protections through 2035 to sustain public–private defenses and continuity, while extending privacy‑risk protections and introducing some retroactive and administrative legal uncertainty.
Federal, state, and local government cyber teams and private-sector partners (including banks, utilities, and tech firms) keep authority to share cyber threat indicators and retain liability protections through Sept. 30, 2035, preserving active defenses and public–private threat-sharing relationships.
Critical infrastructure operators retain clear legal protections and operational frameworks for sharing cyber threat information with government partners, reducing legal risk for cooperation that underpins everyday services (banking, energy, communications).
Federal, state, and local governments and programs avoid a coverage gap because the law’s retroactive effective date preserves authorities back to Oct. 1, 2025, maintaining continuity for programs and contracts that depend on uninterrupted legal authority.
Extending authorities to 2035 prolongs liability protections and information‑sharing exceptions that privacy advocates say can weaken privacy safeguards for individuals.
Making the law retroactive could change legal exposure or obligations for organizations and individuals between Oct. 1, 2025 and enactment, creating uncertainty for affected businesses and institutions.
Renaming the statute may cause administrative and citation confusion during the transition and require updates to contracts, guidance, and legal references for government and partner organizations.
Based on analysis of 2 sections of legislative text.
Extends the Cybersecurity Information Sharing Act's expiration to Sept 30, 2035 (retroactive to Oct 1, 2025) and renames the statute throughout the U.S. Code.
Introduced October 7, 2025 by Gary C. Peters · Last progress October 7, 2025
Extends the temporary effectiveness of the Cybersecurity Information Sharing Act of 2015 by moving its statutory expiration from September 30, 2025 to September 30, 2035 and makes that extension retroactive to take effect as if enacted October 1, 2025. It also renames the 2015 Act throughout the U.S. Code to a new short title and updates cross-references. The measure does not create new programs or authorize new funding; its substantive effects are limited to extending existing information-sharing authorities and changing the statutory short title and references.