Senators put forward a bipartisan, business-backed measure Tuesday that aims to toughen the nation’s cybersecurity by relying on voluntary compliance by banks, utilities and other companies.
Observers said the bill — the Cybersecurity Act of 2013 — has a good chance of becoming law because it avoids the regulatory approach opposed by the business lobby.
“They have stayed away from the most controversial areas,” said David LeDuc, senior director for public policy at the Software and Information Industry Association.
The Senate Committee on Commerce, Science and Transportation approved the legislation Tuesday in a voice vote. Sens. John D. Rockefeller IV, West Virginia Democrat and committee chairman, and John Thune of South Dakota, the panel’s senior Republican, wrote the bill.
The legislation excludes provisions that would allow companies to share real-time cybersecurity information with the federal government, principally the National Security Agency. Such information-sharing provisions have drawn opposition from privacy and civil liberties advocates after leaks about the NSA’s data-gathering programs.
Former NSA chairman, retired Air Force Gen. Michael Hayden, said he doubts Congress will pass any information-sharing bill this year.
“Oh, that’s all frozen, that’s not going to happen,” he said. “We’ve lost [the chance to pass a bill for] another year.”
In April, the House passed an information-sharing measure — the Cyber Intelligence Sharing and Protection Act.
The bill was opposed by privacy advocates, who argued it would put the NSA, which operates under the Defense Department’s jurisdiction, in charge of protecting the nation’s civilian infrastructure and would facilitate broad Internet monitoring by the highly secretive agency.
The White House threatened a veto, citing privacy concerns.
Observers say the revelations by self-proclaimed NSA whistleblower Edward Snowden about the agency’s vast database of telephone records of calls made in America had made the bill a political nonstarter.
“We will in perpetuity have one of the least-well-defended networks on the face of the planet, because of our political culture,” said Gen. Hayden, referring to ever-increasing demands for openness and a distrust of secret government authorities.
“We haven’t yet as a nation decided what we want the government to do and what we’re going to let the government do on our own networks to defend us.”
“What congressman is going to get up and say, ‘What we really need here is to give the NSA some more running room’?” quipped Gen. Hayden, who also headed the CIA and was the second-in-command to John Negroponte, the first-ever director of national intelligence.
One of authors of the house bill, Rep. James R. Langevin, said he still believed there would be opportunities to move information-sharing legislation.