This year began with a massive security leak by Edward Snowden, then turned to talk of war with Syria, and now looks to be ending in a budget stalemate that has all but crippled the federal government. In the face of these events, it is no surprise that meaningful cybersecurity reform legislation is unlikely to make its way into law. The lack of progress comes a year after the failed effort to advance cybersecurity reform, and months after President Obama called on lawmakers to advance legislation. The tepid pace of reform seems unlikely to change despite the continuing assault on our nations’ IT infrastructure by the Chinese, Iranians, and Syrians.
The fate of cybersecurity reform continues to be bogged down by lingering disputes over protections for information sharing, litigation reform, and privacy standards. Earlier this year, the House passed the Cyber Intelligence Sharing and Protection Act (“CISPA”). The bill went nowhere after drawing objections from Senate Democrats and the White House, who backed a different bill but failed to woo skeptical Republicans and critical interest groups. For its part, the Senate has yet to draft a major cybersecurity bill.
Dianne Feinstein (D-Calif.) and Saxby Chambliss (R-Ga.), who led the Senate’s intelligence efforts, have not released a draft bill, despite extensive negotiations. Instead, they have been preoccupied with the fallout from Snowden’s surveillance leaks and the debate over reforming the National Security Agency. On a substantive level, Chambliss acknowledged that a major hang-up includes the fight over lawsuit immunity for companies that act on government data that proves to be incorrect.
As for the House, there have been efforts to modify CISPA to overcome the Democrats’ concerns and to secure additional support. Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) tightened CISPA’s privacy protections, but remained unable to obtain support from the Administration and Senate Democrats. Rep. Adam Schiff (D-Calif.), a member of the House Intelligence Committee, noted “I do think we’ve been too slow to deal with this issue,” and that it has been “much more difficult” to pass cybersecurity legislation for reasons including Snowden’s leaks.
For its part, the White House is too preoccupied with the budget stalemate to spend its precious resources on cybersecurity legislation. “The most important thing that Congress can do for the nation’s cybersecurity right now is to fund the entire government, including cybersecurity missions and operations,” a White House spokesman said.
Giving little room for optimism, when asked if a cybersecurity bill would become law this year, Rogers stated, “You might not expect it, but you ought to pray for it.”
To read more on delayed cybersecurity reform, click here for an article by Politico.