Lawmakers’ thoughts will be focused on major appropriations bills and Zika funding this fall, but a couple of cybersecurity issues could still grab attention on Capitol Hill before the year is out.
Congress returns this week after a long summer break and lawmakers have one prime objective: Wrap up any essential business and get back out on the campaign trail.
Essential business includes a short-term spending bill for the federal government, probably with a heavy dose of partisan exchanges over suspected Russian hacks of national political committees.
But the latter so far is generating far more heat than light in the cyberpolicy space.
The House and Senate will be in session for a month at most before leaving again until the election. Expectations are that Congress will return after the election for a lame-duck session of uncertain duration.
Prior to that, the House Homeland Security Committee is “planning a full committee cyberhearing in September focused on the latest cyberthreats and how we’re combating them,” according to a committee source.
That could be the only action this month on cybersecurity issues in any congressional committee. Homeland Security Chairman Michael McCaul, R-Texas, will use the session to focus on the Department of Homeland Security’s efforts to implement the Cybersecurity Act of 2015, not to map out new legislative initiatives, according to sources.
Stay tuned, though, because issues such as reorganizing the Department of Homeland Security’s cybersecurity operations or coming up with a policy related to “strong encryption” on consumer devices are quietly bubbling in the background.
The reorganization bill is seen as an important piece of housekeeping that will better clarify lines of responsibility and roles within DHS.
That’s a low-key measure that probably would be waved through, if it can find a spot on the House and Senate floor schedule or get attached to some other vehicle.
McCaul’s homeland security panel has already passed a bill to streamline and better organize the cybersecurity activities at DHS.
“We continue to work with the other committees and the Senate to get this ready to be signed into law,” a Homeland Security Committee source said.
Encryption, on the other hand, is a controversial issue that may be too hot to touch even in a lame-duck session. Law enforcement wants access to encrypted communications on consumer devices such as smart phones, while tech companies and digital privacy groups say that would actually undermine cybersecurity.
McCaul, along with Sen. Mark Warner, D-Va., also has a bill that would create a special commission to examine the privacy, law enforcement and other issues related to encryption.
The encryption bill was referred to the House Foreign Affairs Committee, which has shown no inclination to act upon it.
Supporters are holding out hope that the Senate Homeland Security and Governmental Affairs Committee will take up a version of the encryption measure in September, pass it and create the possibility that the issue could be addressed in the lame-duck session.
A national encryption panel, mandated to develop policy options over the course of a year, is considered the only viable legislative response at this stage. But even that may have to wait until next year.
The Senate Homeland Security panel’s plans won’t begin to come into focus until Chairman Ron Johnson, R-Wis., and other lawmakers return this week. Johnson is fighting what looks to be an uphill battle for re-election in Wisconsin against former Democratic Sen. Russ Feingold.
Charlie Mitchell is editor of InsideCybersecurity.com, an exclusive service covering cybersecurity policy from Inside Washington Publishers, and author of “Hacked: The Inside Story of America’s Struggle to Secure Cyberspace,” published by Rowman and Littlefield.
