Senate Republicans voted once again last night to block a cybersecurity bill opposed by the business community, a move that likely will spur President Barack Obama to use his powers to create standards for companies to protect their networks.
Senate Homeland Security and Government Affairs Committee Chairman Sen. Joe Lieberman (I/D-Conn.), who is retiring next year, plead unsuccessfully with his colleagues on the Senate floor yesterday to at least allow debate to start on the Cybersecurity Act of 2012.
Yet only 51 senators voted on a procedural measure to advance the bill, when 60 votes were needed. Thus, the legislation has likely died during the current session of Congress that runs until the end of the year.
Bill supporter Senate Majority Leader Harry Reid (D-Nev.) had said he would allow Republicans to offer a “finite list” of amendments, but that offer did not compel enough votes.
“Whatever we do on this bill it’s not enough for the Chamber of Commerce, not enough,” Reid said after the 51-47 vote. “So, everyone should understand, cybersecurity is dead for this Congress. It’s rather an unfortunate thing.”
The Senate next will move to the long-delayed fiscal year 2013 defense authorization bill, and Reid hopes to start debate on amendments the week after Thanksgiving.
Before yesterday’s cybersecurity vote Lieberman appealed to other senators: “Don’t be recorded as ‘No.’ Say ‘Yes’ to at least allowing a discussion a discussion of cybersecurity legislation here, offer some amendments.” He noted a final Senate bill would have to be reconciled with legislation the GOP-led House passed, which is favored by Senate opponents of Lieberman’s legislation.
The Cybersecurity Act of 2012, crafted by Lieberman and committee Ranking Member Susan Collins (R-Maine), was blocked in August and again yesterday by Republicans concerned that it would lead to unnecessary regulation on businesses, as the U.S. Chamber of Commerce argues. The legislation is intended to ensure critical-infrastructure providers better protect their networks by following voluntary threat-protection standards created by the private and public sectors.
Obama supports the Lieberman-Collins bill. His administration has drafted a back-up executive order that would go around Congress and could create such cyber-security standards for critical-infrastructure providers.
“I’m confident that if we fail to act the president will act,” Lieberman said yesterday. “I think he has a responsibility to act, because if we fail to act we’re leaving the American people extremely, extremely vulnerable to a major cyber attack.”
An executive order could cover much of what is in the Cybersecurity Act of 2012, which also seeks to improve the sharing of cyber-threat information between the private sector and government. Yet such an order could not create incentives–such as liability protection–to compel the critical-infrastructure providers to follow security standards, as the legislation could. Thus, Lieberman argued legislation “is preferable.”
Collins told reporters before yesterday’s vote that she hoped her Republican colleagues and Reid could work out an agreement to weigh limited amendments to the bill, yet acknowledged she was “not very” confident.
Senate Armed Services Committee (SASC) Ranking Member John McCain (R-Ariz.), an opponent of the measure who helped block it in August, told reporters before the vote that he was prepared to take it up and debate amendments.
“We’d very much like to have five amendments that we think are important to vote on,” McCain said. He said those amendments “have to do with information sharing, they have to do with liability, they have to do with the role of (the Department of Defense) DoD.”
McCain and other Republicans support the Secure IT Act, which would create no new federal regulations and instead focuses on removing legal barriers to government and businesses sharing information about cyber attacks. It is similar to the Cyber Intelligence Sharing and Protection Act (CISPA), which the Republican-led House passed and the White House said Obama could veto.
Senators who support the Lieberman-Collins bill eyed amendments as well.
SASC Chairman Carl Levin (D-Mich.) told reporters before yesterday’s vote he’d “like to add a mandatory reporting requirement for defense contractors…who are doing work which is classified.”
“I’d like them to be required, frankly, to report to the Defense Department if there’s an attack on them,” Levin said.
Defense Secretary Leon Panetta delivered a dire warning to business executives in October about the threat of a crippling cyber attack on the United States. That speech prompted Reid to declare he would bring the Lieberman-Collins bill back to the Senate floor during the current lame-duck session of Congress.
Following last night’s vote Reid said the Senate is ready to take up the delayed defense authorization bill for FY ’13, which started on Oct. 1. He wants to start actually legislating on the bill the day senators return after the Thanksgiving recess.
“This is a bill we should get done,” Reid said.
The Senate leader said he wants an open-amendment process on the defense bill. He said Levin told him McCain is prepared to help “table or dispose of” amendments senators offer that are not related to defense.
Republican support will be key to moving to the Pentagon policy-setting measure. In September GOP senators blocked the bill from being considered because they opposed a plan to limit amendments to those relevant to the defense legislation. Because of that, Levin said this time Reid may have to allow non-relevant amendments to be considered but limit the overall number of amendments, in order to limit Senate floor debate to just a few days.
Levin told reporters he hopes Senate Republicans agree to call up the defense bill today, and SASC members then can give opening speeches tonight and tomorrow morning. He wants to spend three days debating amendments to the bill the week after Thanksgiving.