On April 23, 2015, the U.S. House of Representatives passed the National Cybersecurity Protection Advancement (“NCPA”) Act, a bill that offers liability protections to companies who share information regarding cybersecurity threats with other companies and the Department of Homeland Security. As we noted in a prior post, the NCPA is similar to two other bills passed by the House (the Protecting Cyber Networks Act) and Senate (the Cybersecurity Information Sharing Act of 2015).
The two House bills will now be combined and sent to the Senate for consideration. Although the NCPA is being touted as the bill that offers the greatest privacy protections for personal data, the Senate bill is attractive to corporate stakeholders because it extends antitrust liability protections and provides a mechanism for the federal government to share information about cybersecurity threats with companies in real time. Ultimately, the House and Senate must hammer out one unified bill that will pass muster with the President. Though it has released a statement generally supporting both House bills, the White House also voiced concerns about “sweeping liability protections.”