More than likely...
... this is how a public-private sharing regime will come into existence, not some sweeping Uber-law.
The US government has posted a new set of rules outlining how cloud providers should report IT security cockups that involve Uncle Sam's data. The new Department of Defense (DoD) rules [PDF] include requirements on how contractors who handle government information should deal with computer network breaches and attacks, and how …
Washington based contracts generally get legislated and penned into existence through corporate lobbyists, with them writing most of the text. Would hate to read the fine print on this latest batch. Sure to leave contractors blameless and will as always let the taxpayer foot the bill.
" sharing any malware ".
And how does one report to the government that one is being snooped on by same government? Does one first report to the government that is the customer, or is one supposed to report attacks on one's infrastructure straight to the FBI or Homeland Security? See, one fool can ask more questions than any government can ever answer...