Cybersecurity legislation is still a priority for the Senate, even more so than the annual defense authorization measure, according to Senate Majority Leader Harry Reid. The Nevada Democrat said Wednesday that he still plans to bring cybersecurity legislation to the floor this summer, possible as soon as next week. The Senate has been divided for years on the issue, particularly which federal agency should be in charge and whether there should be security requirements for the most crucial private sector networks. But Reid said a bill still has a chance of seeing the floor soon, despite the repeated delays since he promised action on the bill earlier this year.
Whether or not the two sides can reach an agreement on critical infrastructure remains in doubt, but Senate Democrats, including Jay Rockefeller, D-W.Va., said negotiations are underway and expressed hope for a compromise. Republicans are less optimistic about the likelihood of passing a bill, in part because they know the House is unlikely to take up anything resembling new security regulations. Sen. Joe Lieberman, I-Conn., has recently indicated he might be willing to offer a scaled back version of his legislation (S 2105), but making the new security rules voluntary might not be enough to attract the GOP's support. The Republicans prefer their bill (S 2151), which would give less cybersecurity authority to the Department of Homeland Security and more to the intelligence community and military.
We still remain skeptical that the package favored by Senate Democrats and the White House can pass the Senate, let alone gain approval in the House and become law. It looks increasingly likely that the Senate won't act on cybersecurity this session, which would hold to the trend of recent years. Even if the Senate passes a bill, the legislation would still have to gain approval in the House, which passed its own information sharing measure (HR 3523) earlier this year. Which means anything that goes significantly beyond information sharing is unlikely to become law in 2012. But with Lieberman retiring at the end of the year, he may be willing to cut a deal that would allow Congress to finally update its cybersecurity laws, which has been his pet cause as Senate Homeland Security chairman. We'll be watching closely as the negotiations continue.
House Armed Services Holds Closed Hearing on Leaks. The House Armed Services Committee voted unanimously on Wednesday to close today's hearing on the impact of recent national security leaks to the public. The hearing will feature witnesses including Defense Secretary Leon Panetta and Chairman of the Joint Chiefs of Staff Gen. Martin Dempsey that will discuss how reports on classified drone strike and cyberweapons programs have affected the military, making the HASC one of several committees to probe the leaks. The Justice Department has appointed two U.S. attorneys to investigate the leaks, which Republicans have alleged were authorized by the White House for political purposes. Updated CRS Report on Cybersecurity: Available here (PDF). Activists Launch Internet Defense League. A coalition of lawmakers, netroots activists, Web companies and advocacy groups will hold a conference call this morning to launch the Internet Defense League, a network of thousands of websites, groups and individuals dedicated to maintaining Internet freedom. The group is comprised mainly from the coalition of Web activists that turned back the Stop Online Piracy Act (SOPA) and its Senate counterpart PIPA earlier this year. Their hope is to establish a permanent coalition that can mobilize swiftly in response to any threat to the open Internet. Members include House Oversight chairman Darrell Issa, R-Calif., Sen. Ron Wyden, D-Ore., Sen. Jerry Moran, R-Kan., reddit co-founder Alexis Ohanian, the Electronic Frontier Foundation, Fark, Mozilla, and TechDirt, among others. Financial Council Says Cybersecurity a Threat to Markets. Cybersecurity is still a threat to the stability of American financial markets, according to an assessment from the Financial Stability Oversight Council. The panel, created as part of the Dodd-Frank act, said in its annual report to Congress that the risk of a cyberattack on large financial institutions or exchanges remains significant. There have been whispers lately that the major exchanges have been targeted by hackers seeking to disrupt their normal market activity. Financial institutions and exchanges would likely be considered covered critical infrastructure under the cybersecurity proposal favored by the White House and Senate Democrats, but that bill faces an uphill road to passage, as documented above.