Request For Comment
The request for comment period for this draft concludes on Thursday, December 19. Comments received after the December 19th deadline will be welcomed and may be included in future adjudication and revision periods.
Information Sharing and Analysis Organizations (ISAOs) and similar organizations can be a critical resource in providing cyber threat information and deterrence and resilience support to states and localities. In connection with such activities, parties must be aware of the fact that state and local laws have the potential to affect both service and compliance.
Recently, ISAOs have been compelled by developments to focus attention on state and local legislation and regulation, particularly with respect to the communication and retention of Personally Identifiable Information. Additionally, many states have enacted, or are considering, legislation modeled upon the GDPR.
This document is intended to highlight current examples of legislation so that ISAOs know what types of developments to watch for and consider. It is not intended to be comprehensive, exhaustive, or to provide legal advice. Information reporting and sharing is a dynamic and changing environment which any entity must monitor.
Submitted Comments
The ISAO SO invited the public to provide comments on this document from November 19, 2019 – December 19, 2019. Both fields listed below (line number and comment) are the exact contents as submitted by the commenter.
Line Reference | Comment | SO Disposition |
---|---|---|