Sponsors (16)
Extending and retroactively preserving private–government cyber threat information sharing through 2035 maintains and strengthens cyber defenses and reduces breach costs for businesses, but does so at the expense of greater privacy risks, potential delays to reform, and continued compliance burdens.
Tech workers and federal employees: continuing statutory authority for private–government sharing of cyber threat indicators through 2035 preserves and improves detection and response capabilities against cyber attacks.
Financial institutions, utilities, and other businesses: access to timely shared threat indicators can reduce breach losses and recovery costs by enabling faster defensive action.
Federal agencies and the public sector workforce: making the authority retroactively effective to Oct 1, 2025 prevents a legal gap and maintains continuous cyber defense operations.
Tech workers and privacy-concerned members of the public: extending broad information-sharing authority through 2035 may increase private-sector disclosures of user data to government, raising privacy and civil‑liberty risks.
Taxpayers and civil‑liberties advocates: locking in a longer (10‑year) authorization could delay or forestall more comprehensive privacy protections or oversight reforms while the program remains in force.
Small-business owners and some financial institutions: continued mandatory or de facto expectations to collect and share indicators may impose ongoing compliance costs and operational burdens.
Based on analysis of 2 sections of legislative text.
Introduced October 7, 2025 by Gary C. Peters · Last progress October 7, 2025
Extends existing federal cybersecurity information-sharing authorities for ten more years by moving their statutory expiration from September 30, 2025, to September 30, 2035, and makes that extension effective retroactively as if enacted on October 1, 2025. Also replaces the current short title used in the Homeland Security Act with a new short title and updates that short title wherever it appears in Title XXII. The measure does not create new programs, change substantive obligations, or add new spending; it preserves and renames current information-sharing authorities so they remain available through 2035.