At the end of the day, I think the difference is between allowing organizations to share for potential breaches not yet seen versus the current regime which requires that the breach has been seen or is occurring. There is a big difference in my opinion.
On February 17th, 2015. See this statement in context.