5 Min Read
WASHINGTON (Reuters) - The Obama administration prodded Congress on Wednesday to pass cybersecurity legislation, but the bill looked increasingly likely to languish until next year as opposition from business and privacy concerns bogged down Senate debate.
The Democratic-led Senate this week has been debating a bill that would allow information sharing and create a set of voluntary cybersecurity standards for companies in charge of U.S. energy, water, transportation and other critical infrastructure.
But it was unclear whether it had enough support to be brought to a vote this week before the Senate recesses for about a month.
To underscore the bill's importance, the administration held a media conference call with officials from the White House, Cyber Command, Pentagon and Department of Homeland Security to talk about how vital the legislation was to protect U.S. computer networks from hacking.
The Republican-controlled House of Representatives passed a cybersecurity bill in April that would allow companies and the government to share information about hacking. The Senate version is broader.
"We see the threat as real, and we need to act now. From our perspective the dangers to our critical infrastructure are growing," General Keith Alexander, director of the National Security Agency and head of U.S. Cyber Command, told reporters.
He said there had been "over a 20-fold increase in attacks on critical infrastructure" from 2009 to 2011.
Senate Majority Leader Harry Reid has called it "the most serious threat to our nation since the dawn of the nuclear age."
Yet doubts resound among Washington insiders whether Reid can get the votes needed to push this legislation forward. If the Senate does not pass a bill this week, cybersecurity legislation will likely be stalled until next year.
"There have been extensive hearings on this. There have been extensive briefings. I'm just very puzzled as to why individuals would oppose this," John Brennan, homeland security adviser to President Barack Obama, said.
The bill's critics, including Republican Senators John McCain, Saxby Chambliss and Kay Bailey Hutchison, have offered amendments that would strip some of the privacy protections and the framework for cybersecurity standards.
They have sided with the U.S. Chamber of Commerce, which has expressed concerns that the voluntary system could too easily become a mandatory regulatory scheme enforced on businesses.
McCain introduced more narrowly tailored legislation in March, co-sponsored by Chambliss, Hutchinson and five other Republicans, that promotes information sharing and creates criminal penalties for cybercrimes.
That bill, more in line with legislation passed in the Republican-controlled House, does not set out a federal plan for overseeing cyber threats nor does it seek security standards for companies operating critical infrastructure.
Some Republicans have offered amendments that would substitute McCain's bill for the broader Senate version.
The current version of the Senate bill adds provisions to protect the privacy and civil liberties of Americans while allowing companies and federal agencies to more quickly share real-time data on cyber threats.
Companies that operate critical infrastructure and that choose to voluntarily adopt the standards would not be held liable for any punitive damages if a cyber attack occurred while they were complying with the standards. Other incentives would include expedited processing of security clearances and faster access to technical assistance on cyber issues.
Reid on Wednesday made a procedural move to set a limit on debate on the Senate floor, which signaled that there was still no agreement on how many amendments would be considered. A total of 218 amendments have been offered.
Brennan said Obama has been receiving regular updates on the status of the Senate bill and has spoken to members of Congress.
"He strongly, strongly believes that this nation's well-being is at risk from cyber attacks and intrusions, and believes it is imperative if we are going to protect this country, particularly our critical infrastructure, that the Cybersecurity Act of 2012 passes," Brennan said.
Reporting By Jasmin Melvin