Cybersecurity compromise still uncertain

With the August recess nearly three weeks away, it will be difficult for the Senate to move forward on cybersecurity legislation—but don’t count it out just yet.

Some are holding out for progress to be made on a compromise framework drafted by Sens. Jon Kyl (R-Ariz.) and Sheldon Whitehouse (D-RI) on provisions dealing with critical infrastructure, such as water systems and telecommunications networks. The U.S. Chamber of Commerce met with Kyl and his staff this past week to discuss the latest version of the framework.

A spokesman for the Chamber said the business lobby had a “constructive dialogue” with Kyl at the meeting and declined to comment further. 

The Chamber may not be saying much, but some see that as a good thing. The business lobby opposed an earlier draft of the compromise proposal circulated last month, but so far has not spoken out against the latest version of the framework.

“We can keep talking,” a Senate aide said. “In that regard, it’s a victory for now.”

But there’s still a tough road ahead. Industry groups have said privately that they’re hesitant to back the compromise proposal without seeing it written in legislative language first.

The framework aims to encourage companies operating the nation’s critical infrastructure to better secure its computer systems and networks by offering incentives--such as liability protections or access to government intelligence--in exchange for meeting a set of “performance goals” or security standards.

Industry groups, including the Chamber, have criticized Sen. Joe Lieberman’s (I-Conn.) cybersecurity bill because it contains a measure that mandates critical infrastructure operators to meet security standards. Business groups have favored a rival bill by Sen. John McCain (R-Ariz.) that does not include mandates for critical infrastructure and focuses on improving information sharing about cyber threats between industry and government instead.

Sens. Richard Blumenthal (D-Conn.), Barbara Mikulski (D-Md.), Chris Coons (D-Del.), Lindsey Graham (R-S.C.), Roy Blunt (R-Miss.) and Dan Coats (R-Ind.) are said to have been involved in the compromise effort.

Coats is a co-sponsor of McCain’s Secure IT Act. A spokeswoman for Coats said he has not signed onto any other language than McCain’s bill but “is willing to discuss with any of his colleagues efforts to improve cyber security in a way that does not jeopardize private sector flexibility or create costly layers of government bureaucracy.”

Time is another factor not on the Senate’s side. The floor schedule is already full for the next couple weeks with a campaign finance disclosure bill and tax cut extensions on the docket. Any compromise framework also needs to be signed off on by Lieberman, Sen. Susan Collins (R-Maine) and the other backers of his bill.

Senate Majority Leader Harry Reid (D-Nev.) has said he plans to tackle cybersecurity this year. A spokesman for Reid said not to count it out and there is a possibility that the upper chamber will get to cybersecurity legislation this month.

Some say tight deadlines may spur the Senate to eke out a deal on Lieberman’s bill.

“The time for it to happen is now,” said one tech lobbyist, “and it probably will.”