Senate ready to move on cybersecurity legislation, but differences remain

Senators are set to tackle legislation to protect the nation’s computer system when the upper chamber returns from its July 4th recess, but the efforts are being hampered by disagreements over the government’s role in overseeing cybersecurity standards.

Senate Majority Leader Harry (D-Nev.) has repeatedly said he believes cybersecurity legislation is critical, and he is expected to push for a vote in July.

ADVERTISEMENT
"There hasn't been a time that I've talked with [Reid] in the last year where he hasn't talked about the need to get cybersecurity to the floor," Sen. Jay RockefellerJay RockefellerObama to preserve torture report in presidential papers Lobbying world Overnight Tech: Senators place holds on FCC commissioner MORE (D-W.Va.) told reporters after a Senate hearing last week. "No other subject reigns so supreme."

Lawmakers of both parties worry that hackers are stealing America's business secrets and that an attack on a vital computer system could cause thousands of deaths.

But sharp differences remain. Senate Democrats are still trying to round up the necessary 60 votes to bring their preferred bill to the floor. 

The House passed its own bill, the Cyber Intelligence Sharing and Protect Act (CISPA), in April. 

President Obama has threatened to veto CISPA, saying it would undermine privacy and would fail to protect the nation's critical infrastructure.

The White House and Senate Democratic leaders have instead endorsed the Cybersecurity Act, sponsored by Sens. Joe Lieberman (I-Conn.) and Susan CollinsSusan CollinsOvernight Energy: Lawmakers work toward deal on miners’ benefits Schumer: Senate Russia probe moving too slowly Collins: I'm not working with Freedom Caucus chairman on healthcare MORE (R-Maine).

Both CISPA and Lieberman-Collins would encourage companies to share information about cyberthreats with each other and with the government. But Lieberman-Collins is seen as having stronger safeguards to protect people's private information.

For example, Lieberman-Collins would require that companies make a reasonable effort to strip out personally-identifiable information from the data they share with the government.

The bill would also give the Department of Homeland Security a lead role in handling the information-sharing, which privacy advocates prefer to military spy agencies, such at the National Security Agency. 

But privacy groups, including the American Civil Liberties Union (ACLU) and the Center for Democracy and Technology, as well as privacy-minded senators such as Sens. Ron WydenRon WydenTrump gets tough with Canada Five things to watch for in Trump’s tax plan Overnight Finance: Dems want ObamaCare subsidies for extra military spending | Trade battle: Woe, Canada? | Congress nears deal to help miners | WH preps to release tax plan MORE (D-Ore.) and Al FrankenAl FrankenSenate votes to confirm Rosenstein as deputy attorney general Twitter jumps on news of O'Reilly's ouster Senate Dems seek review of products linked to tax refunds MORE (D-Minn.), are pushing for stronger privacy protections in Lieberman-Collins.

In a crucial difference from CISPA, Lieberman-Collins would require critical infrastructure, such as electrical grids and gas pipelines, to meet minimum cybersecurity standards. Supporters of the legislation say the standards are necessary to protect vital systems from attacks, but many Republicans argue that government mandates will burden businesses and do little to improve cybersecurity.

Senate Republicans, led by John McCainJohn McCainMcCain: China has done ‘nothing’ on North Korea Graham: There are 'no good choices left' with North Korea Graham: North Korea shouldn't underestimate Trump MORE (Ariz.), Kay Bailey Hutchison (Texas) and Saxby ChamblissSaxby ChamblissGOP hopefuls crowd Georgia special race Democrats go for broke in race for Tom Price's seat Spicer: Trump will 'help the team' if needed in Georgia special election MORE (Ga.), are pushing their own cybersecurity bill, the Secure IT Act.

The GOP bill is similar to CISPA in that it authorizes only voluntary information-sharing and would not set any cybersecurity mandates.

The senators introduced a revised version of Secure IT last week that, among other changes, enhances some of the bill's privacy protections.

"There are consensus items here that everyone agrees on," a Republican Senate aide told The Hill. "In a contentious election year, if we want to pass a law, we should focus on those consensus items."

But the White House and Senate Democrats argue that any cybersecurity legislation that lacks protections for critical infrastructure is inadequate.

When asked to respond to the new version of Secure IT, White House spokeswoman Caitlin Hayden said: "Cybersecurity legislation must include robust privacy protections and address the very serious risks facing the nation's critical infrastructure."

Sens. Sheldon WhitehouseSheldon WhitehouseThe Hill's 12:30 Report Dem: Pruitt violating anti-campaigning law with GOP fundraiser Dem senators ask Bannon for more info about Breitbart contact MORE (D-R.I.) and Jon Kyl (R-Ariz.) are working to find a middle ground on cybersecurity. They circulated a draft bill on Capitol Hill this month that would pressure, but not force, critical infrastructure companies to meet security standards.

Rockefeller, one of the primary co-sponsors of the Lieberman-Collins bill, said the compromise proposal is an "incredible set of suggestions" that avoids the "fear of mandates."

He said he can think of at least five Republicans who will support the compromise proposal.

But the GOP aide said some Republicans have "strong concerns with preliminary proposals" from Whitehouse and Kyl.

Although nearly everyone on Capitol Hill would like to see Congress pass some kind of cybersecurity legislation this term, time is running out.

In a speech on the Senate floor earlier this month, Lieberman predicted that lawmakers' attention will soon turn to the fall's election and that the lame-duck session after the election will be consumed by budget and tax issues.

Lieberman, who is retiring at the end of the term, said if the Senate doesn't vote in July, "we're not going to be able to pass this legislation."