The IT Law Wiki


Department of Homeland Security and Department of Justice, Privacy and Civil Liberties Interim Guidelines: Cybersecurity Information Sharing Act of 2015 (Feb. 16, 2016) (full-text).


This document establishes privacy and civil liberties guidelines governing the receipt, retention, use, and dissemination of cyber threat indicators by a federal entity obtained in connection with the activities authorized by the Cybersecurity Information Sharing Act of 2015 (CISA), consistent with the need to protect information systems from cybersecurity threats and mitigate cybersecurity threats, any other applicable provisions of law, and the Fair Information Practice Principles (FIPPs) set forth in Appendix A of the National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy.

Federal entities engaging in activities authorized by CISA shall do so in full compliance with the U.S. Constitution and all other applicable laws of the United States, Executive Orders and other Executive Branch directives, regulations, policies and procedures, court orders and all other legal, policy and oversight requirements.

Nothing in these guidelines shall affect the conduct of authorized law enforcement or intelligence activities or modify the authority of a department or agency of the Federal Government to protect classified information and sources and methods and the national security of the United States.