The U.S. Senate, by unanimous consent, passed S. 3611, the “Intelligence Authorization Act for Fiscal Year 2010,” which would require government agencies engaged in "cybersecurity programs" to make regular privacy assessments of those programs and report on them to Congress. Section 336 of the bill, if enacted into law, would establish more congressional oversight over cybersecurity activities through notifications from the White House, independent audits and reviews, and reports from heads of agencies and their inspectors general. That section also requires reports on the sharing of cyber-threat information with the private sector. And, notably, it asks for reports on ways cybersecurity might be improved -- including "data retention requirements." The House version of the authorization bill (H.R. 2701), which passed the House on February 26, contains an almost identical provision, so it is likely the language will remain largely intact when the bills are reconciled in conference.