Democrats and Republicans agreed Wednesday on a basic framework for considering amendments when they eventually get back to the bill — each side will get to present ten. But CISA will now have to compete with a vote on the Iran deal and a host of other issues that also were put off until September.
There’s still danger that lawmakers won’t be able to navigate the well-trod battleground between security champions and privacy advocates that has caused previous iterations to run aground. Yet the chances are likely that CISA will eventually progress – if for no other reason than Congress is feeling more pressure to act.
[Want our stories delivered directly to your email inbox? Follow us]
Washington went into high alert over its cyber vulnerabilities earlier this year, when the personal data of 22 million people was compromised in a hack of the Office of Personnel Management – a breach many lawmakers, including Majority Leader Mitch McConnell (R-Ky.), have cited in pressing for the Senate to act.
“That story should worry every one of us, Democrats and Republicans alike,” McConnell said Tuesday. “While that massive breach may have been one of the worst, it certainly, unless the administration can be rescued from the cybersecurity dark ages, won’t be the last.
It isn’t that the government wasn’t already attuned to the nation’s simmering cybersecurity problem: Highly-publicized hacks of the computer systems at Target and Sony Pictures Entertainment primed lawmakers to reexamine buttressing the government’s protections.
The bill seeks to address cybersecurity threats by streamlining the process of information-sharing between companies and between the private sector and the government. That structure has inspired a backlash from privacy advocates and their supporters, like Sen. Ron Wyden (D-Ore.), who complained on the floor Monday that while cybersecurity legislation was a worthy goal, the bill fell short of its mission.
“My concern is that this bill in its present form will create more problems than it solves,” Wyden said. “The legislation as it stands today doesn’t do a whole lot to protect U.S. networks from sophisticated hacks.”
Other Democrats say it’s the best the Congress can do for now.
“There really is no legislative of administrative step that we can take that will end all cyber-crime and cyber-warfare,” said Sen. Dianne Feinstein (D-Calif.), ranking member on the Intelligence Committee, which approved the measure 14 to 1 earlier this year. But she said the information-sharing focus of the bill “can be very helpful and yield a real and significance improvement to cybersecurity.”
CISA has support from leaders of both parties, although they’re not united on how to run through amendments.
“We share the view that increasing the security of U.S. networks while protecting Americans’ privacy is an important goal,” Minority Leader Harry Reid (D-Nev.) said, indicating that while there were differences of opinion among Democrats on CISA, leadership could support it so long as they were guaranteed “an adequate process for considering a reasonable number of amendments.”
Still, both sides did not appear to have come to a mutually satisfactory deal by the close of business Tuesday, raising the specter of cybersecurity creeping into the weekend or even September – like so many other stalled pieces of business.
Finger-pointing has already begun in advance of that possibility, with Sen. John McCain (R-Ariz.) accusing Democrats of intentionally “putting this nation in danger by not allowing the Senate of the United States to act against a very real threat to our very existence.”
Reid said that if Republicans were so concerned about the urgency, they shouldn’t have put cybersecurity on the back burner for a few days while they tried to defund Planned Parenthood.