Senate ready to move on cybersecurity legislation, but differences remain

Senators are set to tackle legislation to protect the nation’s computer system when the upper chamber returns from its July 4th recess, but the efforts are being hampered by disagreements over the government’s role in overseeing cybersecurity standards.

Senate Majority Leader Harry (D-Nev.) has repeatedly said he believes cybersecurity legislation is critical, and he is expected to push for a vote in July.

"There hasn't been a time that I've talked with [Reid] in the last year where he hasn't talked about the need to get cybersecurity to the floor," Sen. Jay RockefellerJohn (Jay) Davison RockefellerSenate GOP rejects Trump’s call to go big on gun legislation Overnight Tech: Trump nominates Dem to FCC | Facebook pulls suspected baseball gunman's pages | Uber board member resigns after sexist comment Trump nominates former FCC Dem for another term MORE (D-W.Va.) told reporters after a Senate hearing last week. "No other subject reigns so supreme."

Lawmakers of both parties worry that hackers are stealing America's business secrets and that an attack on a vital computer system could cause thousands of deaths.

But sharp differences remain. Senate Democrats are still trying to round up the necessary 60 votes to bring their preferred bill to the floor. 

The House passed its own bill, the Cyber Intelligence Sharing and Protect Act (CISPA), in April. 

President Obama has threatened to veto CISPA, saying it would undermine privacy and would fail to protect the nation's critical infrastructure.

The White House and Senate Democratic leaders have instead endorsed the Cybersecurity Act, sponsored by Sens. Joe Lieberman (I-Conn.) and Susan CollinsSusan Margaret CollinsOvernight Health Care: House passes .3T omnibus | Bill boosts funds for NIH, opioid treatment | Senators spar over ObamaCare fix | 'Right to Try' bill heads to the Senate Winners and losers from the .3T omnibus Senators introduced revised version of election cyber bill MORE (R-Maine).

Both CISPA and Lieberman-Collins would encourage companies to share information about cyberthreats with each other and with the government. But Lieberman-Collins is seen as having stronger safeguards to protect people's private information.

For example, Lieberman-Collins would require that companies make a reasonable effort to strip out personally-identifiable information from the data they share with the government.

The bill would also give the Department of Homeland Security a lead role in handling the information-sharing, which privacy advocates prefer to military spy agencies, such at the National Security Agency. 

But privacy groups, including the American Civil Liberties Union (ACLU) and the Center for Democracy and Technology, as well as privacy-minded senators such as Sens. Ron WydenRonald (Ron) Lee WydenLawmakers renew call for end to 'black budget' secrecy Overnight Finance: Stocks bleed as Trump seeks new tariffs on China | House passes .3T omnibus | Senate delay could risk shutdown | All eyes on Rand Paul | Omnibus winners and losers Trump will delay steel tariffs for EU, others MORE (D-Ore.) and Al FrankenAlan (Al) Stuart FrankenAl Franken: Sessions firing McCabe ‘is hypocrisy at its worst’ McCabe oversaw criminal probe into Sessions over testimony on Russian contacts: report Academy president accused of sexual harassment: report MORE (D-Minn.), are pushing for stronger privacy protections in Lieberman-Collins.

In a crucial difference from CISPA, Lieberman-Collins would require critical infrastructure, such as electrical grids and gas pipelines, to meet minimum cybersecurity standards. Supporters of the legislation say the standards are necessary to protect vital systems from attacks, but many Republicans argue that government mandates will burden businesses and do little to improve cybersecurity.

Senate Republicans, led by John McCainJohn Sidney McCainMcCain asks Trump's CIA pick to explain ties to torture Petraeus: Haspel will explain actions in nomination hearing Afghanistan is our longest war ever and Congress has abandoned all responsibility MORE (Ariz.), Kay Bailey Hutchison (Texas) and Saxby ChamblissClarence (Saxby) Saxby ChamblissLobbying World Former GOP senator: Let Dems engage on healthcare bill OPINION: Left-wing politics will be the demise of the Democratic Party MORE (Ga.), are pushing their own cybersecurity bill, the Secure IT Act.

The GOP bill is similar to CISPA in that it authorizes only voluntary information-sharing and would not set any cybersecurity mandates.

The senators introduced a revised version of Secure IT last week that, among other changes, enhances some of the bill's privacy protections.

"There are consensus items here that everyone agrees on," a Republican Senate aide told The Hill. "In a contentious election year, if we want to pass a law, we should focus on those consensus items."

But the White House and Senate Democrats argue that any cybersecurity legislation that lacks protections for critical infrastructure is inadequate.

When asked to respond to the new version of Secure IT, White House spokeswoman Caitlin Hayden said: "Cybersecurity legislation must include robust privacy protections and address the very serious risks facing the nation's critical infrastructure."

Sens. Sheldon WhitehouseSheldon WhitehouseOvernight Defense: Senate sides with Trump on military role in Yemen | Dem vets push for new war authorization on Iraq anniversary | General says time isn't 'right' for space corps Overnight Energy: EPA plans to restrict use of science data for regs | Pruitt's Italy trip cost more than K | Perry insists he's staying at Energy Senate sides with Trump on providing Saudi military support MORE (D-R.I.) and Jon Kyl (R-Ariz.) are working to find a middle ground on cybersecurity. They circulated a draft bill on Capitol Hill this month that would pressure, but not force, critical infrastructure companies to meet security standards.

Rockefeller, one of the primary co-sponsors of the Lieberman-Collins bill, said the compromise proposal is an "incredible set of suggestions" that avoids the "fear of mandates."

He said he can think of at least five Republicans who will support the compromise proposal.

But the GOP aide said some Republicans have "strong concerns with preliminary proposals" from Whitehouse and Kyl.

Although nearly everyone on Capitol Hill would like to see Congress pass some kind of cybersecurity legislation this term, time is running out.

In a speech on the Senate floor earlier this month, Lieberman predicted that lawmakers' attention will soon turn to the fall's election and that the lame-duck session after the election will be consumed by budget and tax issues.

Lieberman, who is retiring at the end of the term, said if the Senate doesn't vote in July, "we're not going to be able to pass this legislation."