Protection from liability

6 U.S.C. § 1505

• Title: 6 — Domestic Security
• Chapter: SUBCHAPTER I—CYBERSECURITY INFORMATION SHARING

Text

(a) Monitoring of information systems
No cause of action shall lie or be maintained in any court against any private entity, and such action shall be promptly dismissed, for the monitoring of an information system and information under section 1503(a) of this title that is conducted in accordance with this subchapter.
(b) Sharing or receipt of cyber threat indicators
No cause of action shall lie or be maintained in any court against any private entity, and such action shall be promptly dismissed, for the sharing or receipt of a cyber threat indicator or defensive measure under section 1503(c) of this title if—
(1) such sharing or receipt is conducted in accordance with this subchapter; and
(2) in a case in which a cyber threat indicator or defensive measure is shared with the Federal Government, the cyber threat indicator or defensive measure is shared in a manner that is consistent with section 1504(c)(1)(B) of this title and the sharing or receipt, as the case may be, occurs after the earlier of—
(A) the date on which the interim policies and procedures are submitted to Congress under section 1504(a)(1) of this title and guidelines are submitted to Congress under section 1504(b)(1) of this title; or
(B) the date that is 60 days after December 18, 2015.
(c) Construction
Nothing in this subchapter shall be construed—
(1) to create—
(A) a duty to share a cyber threat indicator or defensive measure; or
(B) a duty to warn or act based on the receipt of a cyber threat indicator or defensive measure; or
(2) to undermine or limit the availability of otherwise applicable common law or statutory defenses.

History

(Pub. L. 114–113, div. N, title I, §106, Dec. 18, 2015, 129 Stat. 2950.)