From Bank Info Security:

The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information. “The one issue that has made it difficult for us to put together any kind of comprehensive cybersecurity security has been our inability to agree on what kind of liability is appropriate,” Sen. Tom Carper, the Delaware Democrat who chairs the Senate Homeland Security and Governmental Affairs Committee, said during a March 26 hearing he called on cyberthreat information sharing between the federal government and the private sector.