Cybersecurity bill on life support

Members of the Senate said they are open to reviving a cybersecurity bill that failed to advance on Thursday, but the political and policy spats that plagued the legislation for months won’t disappear any time soon.

As the Senate failed to break a filibuster of the bill, Senate Majority Leader Harry Reid, D-Nev., changed his vote in a procedural move that will allow him to bring the bill back to the floor at a later time. He has said that if both sides can agree on a “finite” number of relevant amendments, the bill could be brought back to the floor when Congress returns in September.

Members of both parties agreed it was an issue that calls for congressional action. “I think everyone knows not passing a bill is certainly not an option,” said Minority Leader Mitch McConnell, R-Ky. “This bill will be back because it must be back. So the vote today is not the end of the discussion but rather the beginning of the discussion.”

But moving from calling for action to actually acting has proved difficult for Congress.

None of the issues that brought the Senate to an impasse have been resolved. Republicans blamed Democrats for using national security as an excuse to not allow amendments. Democrats accused Republicans of hijacking the process by insisting on amendments aimed at repealing the health care law and banning certain abortions in the District of Columbia.

And neither side agrees on how much authority government should have to ensure companies are securing their networks from cyberattacks.

“It’s hard to be optimistic but I’m open to further discussion because the threat is so real,” the bill's lead sponsor, Senate Homeland Security and Governmental Affairs Chairman Joe Lieberman, I-Conn., told reporters after the vote.

He acknowledged being disappointed and angry over how the debate disintegrated. Lieberman’s bill had been stalled for months while sponsors worked out compromise language to win support from industry and Republicans. When those changes were made, however, the bill’s most vocal critics didn’t budge.

“Once again members of Congress have failed to come together to deal with a serious national problem,” he said. “It’s hard to see today as anything but a failure for the Senate and a setback for our national security.”

Lieberman said that in order for a bill to pass, Republicans and other critics like the U.S. Chamber of Commerce need to be willing to compromise with the White House and others who say government should have some role in making sure critical infrastructure networks like electric grids and water supplies are protected.

For their part, Republicans said that Reid has “steamrolled” the bill by not holding hearings and then filing cloture before an agreement on amendments could be reached.

“We needed the time to put the amendments forward,” said Senate Commerce ranking member Kay Bailey Hutchison, R-Texas. She said she hopes that in the fall the Senate can come together on a bill that would combine pieces of the Cybersecurity Act with a Republican bill that lacks any government role in critical infrastructure, and bipartisan compromise language that envisions more voluntary measures.

Outside observers said that the ongoing threat from cyberattacks means cybersecurity legislation will inevitably return. “Regardless of today’s vote, the issue of cybersecurity is far from dead,” said Michelle Richardson, a legislative counsel for the American Civil Liberties Union, which has lobbied to boost privacy protections in cybersecurity bills. Objections from civil-liberties groups make it unlikely that the Senate or the White House will agree to a bill passed by the House that encourages businesses and government to share cyberthreat information with each other.

The Center for Strategic and International Studies’ James Lewis, meanwhile, says he sees "very little prospect" that anything significant will be accomplished before next year.

While the extent of the threat from cyberattacks remains disputed, national-security officials have pressured Congress to act and lawmakers don’t appear ready to stop talking about the issue.

“Maybe this is a time to cool our jets, but this is not a time to turn them off,” Cybersecurity Act cosponsor Sen. Tom Carper, D-Del., told reporters. “Did we lose an opportunity? You bet we have. But we’ll do a better job legislating not on the heels of a cyberattack.”