Cyber Security Information Act

Cyber Security Information Act - Authorizes any Federal entity to expressly designate a request for the voluntary provision of information relating to cyber security (defined as the vulnerability of any computing system, software program, or critical infrastructure to, or its ability to resist, intentional interference, compromise, or incapacitation through misuse of the Internet or public or private telecommunications systems or other similar conduct that violates Federal, State, or international law, harms interstate commerce, or threatens public health or safety), including cyber security statements (conveyances of information by means of a cyber security Internet website relating to cyber security), as a cyber security data gathering request.

Specifies that such a request shall: (1) specify an entity to gather responses to the request; (2) be from a private entity to a Federal entity; or (3) be deemed to have been made and to have specified such a private entity when the Federal entity has voluntarily been given cyber security information gathered by that private entity, including by means of a cyber security Internet website.

Provides that a cyber security statement or other such information provided by a party in response to a request: (1) shall be exempt from disclosure under the Freedom of Information Act; (2) shall not be disclosed to or by any third party; and (3) may not be used by any Federal or State entity or by any third party in any civil action arising under Federal or State law. Makes exceptions regarding separately obtained information submitted in response to a request through the use of independent legal authorities and regarding information disclosed generally or broadly to the public with the express consent of the party.

(Sec. 5) Makes the antitrust laws inapplicable to conduct engaged in solely for facilitating or communicating about the correction or avoidance of a cyber security related problem. Makes an exception with respect to conduct that involves or results in an agreement to boycott any person, to allocate a market, or to fix prices or output.

(Sec. 6) Authorizes the President to establish working groups of Federal employees who will engage outside organizations in discussions to address cyber security and to share information related to cyber security.