Senators are set to tackle legislation to protect the nation’s computer system when the upper chamber returns from its July 4th recess, but the efforts are being hampered by disagreements over the government’s role in overseeing cybersecurity standards.
Senate Majority Leader Harry (D-Nev.) has repeatedly said he believes cybersecurity legislation is critical, and he is expected to push for a vote in July.
Lawmakers of both parties worry that hackers are stealing America's business secrets and that an attack on a vital computer system could cause thousands of deaths.
But sharp differences remain. Senate Democrats are still trying to round up the necessary 60 votes to bring their preferred bill to the floor.
The House passed its own bill, the Cyber Intelligence Sharing and Protect Act (CISPA), in April.
President Obama has threatened to veto CISPA, saying it would undermine privacy and would fail to protect the nation's critical infrastructure.
The White House and Senate Democratic leaders have instead endorsed the Cybersecurity Act, sponsored by Sens. Joe Lieberman (I-Conn.) and Susan CollinsSusan CollinsGOP senator won't vote to defund Planned Parenthood GOP senator grilled over DeVos vote during town hall GOP senator: Flynn should testify on Russia MORE (R-Maine).
Both CISPA and Lieberman-Collins would encourage companies to share information about cyberthreats with each other and with the government. But Lieberman-Collins is seen as having stronger safeguards to protect people's private information.
For example, Lieberman-Collins would require that companies make a reasonable effort to strip out personally-identifiable information from the data they share with the government.
The bill would also give the Department of Homeland Security a lead role in handling the information-sharing, which privacy advocates prefer to military spy agencies, such at the National Security Agency.
But privacy groups, including the American Civil Liberties Union (ACLU) and the Center for Democracy and Technology, as well as privacy-minded senators such as Sens. Ron WydenRon WydenMnuchin aiming for tax reform by August Dems rip Trump administration for revoking Obama's transgender directive IPAB’s Medicare cuts will threaten seniors’ access to care MORE (D-Ore.) and Al FrankenAl FrankenDeVos: 'My job isn’t to win a popularity contest with the media' Kentucky Dem lawmaker questions Trump's mental health Americans should get used to pop culture blending with politics MORE (D-Minn.), are pushing for stronger privacy protections in Lieberman-Collins.
In a crucial difference from CISPA, Lieberman-Collins would require critical infrastructure, such as electrical grids and gas pipelines, to meet minimum cybersecurity standards. Supporters of the legislation say the standards are necessary to protect vital systems from attacks, but many Republicans argue that government mandates will burden businesses and do little to improve cybersecurity.
Senate Republicans, led by John McCainJohn McCainWhy the GOP cannot sweep its Milo scandal under the rug New York Knicks owner gave 0K to pro-Trump group Hannity apologizes for sharing 'inaccurate' story about McCain MORE (Ariz.), Kay Bailey Hutchison (Texas) and Saxby ChamblissSaxby ChamblissWyden hammers CIA chief over Senate spying Cruz is a liability Inside Paul Ryan’s brain trust MORE (Ga.), are pushing their own cybersecurity bill, the Secure IT Act.
The GOP bill is similar to CISPA in that it authorizes only voluntary information-sharing and would not set any cybersecurity mandates.
The senators introduced a revised version of Secure IT last week that, among other changes, enhances some of the bill's privacy protections.
"There are consensus items here that everyone agrees on," a Republican Senate aide told The Hill. "In a contentious election year, if we want to pass a law, we should focus on those consensus items."
But the White House and Senate Democrats argue that any cybersecurity legislation that lacks protections for critical infrastructure is inadequate.
When asked to respond to the new version of Secure IT, White House spokeswoman Caitlin Hayden said: "Cybersecurity legislation must include robust privacy protections and address the very serious risks facing the nation's critical infrastructure."
Sens. Sheldon WhitehouseSheldon WhitehouseA guide to the committees: Senate Pruitt confirmation sets stage for Trump EPA assault Senate Dems ask DHS inspector general for probe of Trump’s business arrangement MORE (D-R.I.) and Jon Kyl (R-Ariz.) are working to find a middle ground on cybersecurity. They circulated a draft bill on Capitol Hill this month that would pressure, but not force, critical infrastructure companies to meet security standards.
Rockefeller, one of the primary co-sponsors of the Lieberman-Collins bill, said the compromise proposal is an "incredible set of suggestions" that avoids the "fear of mandates."
He said he can think of at least five Republicans who will support the compromise proposal.
But the GOP aide said some Republicans have "strong concerns with preliminary proposals" from Whitehouse and Kyl.
Although nearly everyone on Capitol Hill would like to see Congress pass some kind of cybersecurity legislation this term, time is running out.
In a speech on the Senate floor earlier this month, Lieberman predicted that lawmakers' attention will soon turn to the fall's election and that the lame-duck session after the election will be consumed by budget and tax issues.
Lieberman, who is retiring at the end of the term, said if the Senate doesn't vote in July, "we're not going to be able to pass this legislation."