GOP members reject Cybersecurity Act, propose alternative (with related video)
Seven Republican senators rejected S.2105, the Cybersecurity Act of 2012, which would give DHS regulatory cybersecurity authority over private networks critical to U.S. security. Instead, they offered an alternative: the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT).
SECURE IT would ask companies to voluntarily share and receive threat data through cybersecurity centers within the government, including the National Security Agency, to receive incentives, such as protection from privacy lawsuits and exempted data exchanged from public disclosure requirements.
The SECURE IT bill is co-sponsored by vocal opponent to the Cybersecurity Act, Sen. John McCain (R-Ariz.), as well as Sens. Kay. Bailey Hutchison (R-Texas) and Chuck Grassley (R-Iowa). The senators presented it in response to Senate Commerce Committee Chairman Jay Rockefeller's (D-W.Va.) urgent call to pass the Cybersecurity Act.
McCain disagreed with Rockefeller, stating that if the "legislation before us today were enacted into law, unelected bureaucrats at the DHS could promulgate prescriptive regulations on American businesses, which own roughly 90% of critical cyber infrastructure," he said. "The regulations that would be created under this new authority would stymie job-creation, blur the definition of private property rights and divert resources from actual cybersecurity to compliance with government mandates."
Supporters of Rockefeller's bill insist that the provisions in the act apply only to sensitive government data on contractor computers. In addition, rumors the bill includes a presidential "kill switch" to take over the Internet is false, said bill co-sponsor Sen. Joseph Lieberman (I-Conn.). Lieberman testified during the Senate Committee on Homeland Security and Governmental Affairs hearing that private networks privacy will be protected and the bill would not affect innovation in the IT industry.
Secretary Janet Napolitano also testified that it will strengthen the nation's cybersecurity capability by providing the tools to effectively address cyber threats while preserving civil liberties. Napolitano explained that the risk mitigation guidance was proposed by the president to ensure that companies providing essential services are instituting a baseline level of cybersecurity.
"This proposal would leverage the expertise of the private sector …. [to help] the nation's most critical infrastructure [systems] adopt the cybersecurity practices, technologies, and performance standards that work best on their networks," Napolitano said.