New Legislation Does Little to Improve Cybersecurity and Data Protections


Recurring Theme:  Data Privacy


Summary Analysis: 

When President Obama signed the Omnibus bill last week, it included the Cybersecurity Act of 2015 – the culmination of several House and Senate bills passed earlier this year. The legislation is Congress’ response to growing cybersecurity threats; however, critics argue that it falls short in adequately raising the bar for corporations’ treatment of personal information and information sharing.  Especially in the wake of the European Court of Justice’s (ECJ) decision to invalidate the European Union (EU) – United States (US) Safe Harbor, more substantial data protections could have helped to ease mounting tensions.

The legislation establishes standards for information sharing, government use of corporate data, and defensive measures to guard against cybersecurity threats.