cyberthreat-sharing billA bill was passed in the U.S. House of Representatives on Wednesday which aims to enhance cybersecurity by encouraging companies to share details of computer breaches with the federal government. This bill, which is now moving on to the Senate, is part of an effort by the government to help strengthen security in the wake of multiple high-profile data breaches over the past couple of years. In addition to breaches at major U.S. companies like Anthem and Target, the government itself has seen several breaches — including the White House and Pentagon, according to the Wall Street Journal. American citizens and government officials alike are worried, and legislation like this aim to try and help make changes toward better security. The cyberthreat-sharing bill passed easily in the House 307-116, with a majority of Democrats and Republicans in favor.

What exactly will this cyberthreat-sharing bill do?

This bill will encourage companies to share certain information about security threats with the federal government. In exchange, these companies can receive liability protection. Each company will be required to scrub customer information (like names and social security numbers) from any data that is shared. The government, in turn, will be able to share the information it receives with other agencies, like the National Security Agency. It’s not clear what the agencies will do with the information, but the assumption is it’ll be used to find the root of the breach. Any time the government shares data, it will be scrubbed a second time to ensure all personal customer information has been completely removed. Companies will not be compelled to participate, which means this legislation will only be as effective as companies make it.

Are there concerns I should know about?

Some tech companies and people within the government are questioning whether legislation like this, and others that are being written and passed through the House and Senate right now, might give the government more power to conduct surveillance and collect data. In response to these fears, the House made changes to the bill before it was passed which require it to be phased out in seven years. Other legislation, such as a proposed law that would require companies to notify customers within 30 days of a data breach, is receiving less enthusiasm due to low support from business owners. It is worth being concerned about the ability of the government to gather data, but overall, efforts being made by the U.S. government to protect consumers are a positive. Identity theft is a real, growing issue, and hackers are getting smarter. Companies and the government need to strengthen their security, in turn.

To learn more about protecting your personal data, visit our identity theft protection reviews and continue following our blog for more tips and news about data breaches.