Don’t Sunset Cybersecurity

Congress is taking notable steps to protect Americans and their private information from cybersecurity threats by moving several pieces of information sharing legislation toward passage, with broad, bipartisan support.

The financial services industry, along with many other industries, are very supportive of these efforts and consumers should be too.

The House is currently considering two cyber threat information sharing bills and the Senate is gaining traction on another. The bills would all allow for financial institutions, the private sector, law enforcement and the government to share threat information in a timely manner while defending Americans’ private information.

Enacting strong cyber threat information sharing legislation is critical to protecting American consumers, businesses and the security of our nation.

While the Financial Services Roundtable and the financial services industry is largely supportive of these bills and commends lawmakers on their tremendous efforts to defend our nation against virtual attacks, an amendment set to be considered today in the House could work against the very core purpose of the legislation. The provision would “sunset” the legislation at the end of seven years, requiring congressional reauthorization.

One of the overarching goals of the various information sharing bills is to provide clarity and certainty to firms to encourage them to engage in the threat sharing process.  The proposed “sunset” amendment could weaken America’s cybersecurity efforts over time because companies may fail to engage in the sharing of threat information, the exact opposite of what information sharing legislation is intended to do. Companies will likely wait to see if the liability protections in the law actually work for other companies while also waiting to see if the law will get reauthorized in seven years.

As most of us know, getting laws reauthorized on Capitol Hill can be a painful process of procrastination that often leaves critical laws hanging in the balance.

On issues of national security, there is no room for this uncertainty.

“Sunset” amendments are often offered in the context of enhancing “good government.”  Congress should be required to review major laws every few years to afford the opportunity to update as needed, or even to allow a law to expire.

Such rationale can be very sound, in the right context.  But in this context, we’re talking about legislation that provides a set of legal tools that will greatly enhance our nation’s ability to battle cybercriminals.  Cyber threats aren’t abating, and in seven years – when we could potentially have to revisit this issue – they cyber world will be significantly more challenging than the one we face today.

FSR and the financial services industry continue to express our strong support for getting a well-crafted information sharing bill to President Obama’s desk, and remain poised to help. We urge lawmakers in the House to oppose “sunset” amendments, ensuring businesses have the tools they need today and into the future to protect American consumers from this ongoing problem.


Jason Kratovil is the Vice President of Government Affairs for Payments at FSR. FSR recently launched an advertising campaign supporting information sharing:

Morning Consult