Industry and digital privacy groups are gearing up rival lobbying campaigns aimed at senators and the grassroots amid expectations that a controversial cybersecurity information-sharing bill could reach the Senate floor as early as the week of Oct. 19.
Senate Intelligence Chairman Richard Burr, R-N.C., and ranking member Dianne Feinstein, D-Calif., helped stoke growing confidence around the bill’s prospects with remarks at an Oct. 7 U.S. Chamber of Commerce event.
“It looks like it’s on the floor when we get back,” Feinstein said. “This next week while we’re out is very important — if you could make a full-court push, call members, there’s one more week.”
Burr urged the U.S. Chamber’s membership to “call senators,” saying passage of the Cybersecurity Information Sharing Act was the single “best thing we can do” to minimize companies’ data losses and protect consumers.
There’s still skepticism that the Senate will actually get to CISA when it returns from a week-long Columbus Day recess. Cyber has been bumped before, repeatedly, from the Senate’s priority list.
Majority Leader Mitch McConnell, R-Ky., has teed up an immigration “sanctuary cities” bill as the Senate’s first order of business. If Democrats block action on that bill in an Oct. 20 procedural vote, the CISA debate in theory would be next.
“I think this latest news that CISA is ‘next’ is a bit silly,” commented a source from the online privacy community that is fighting the cyber bill. “How many times have Sens. Burr and Feinstein promised to move CISA and been wrong now?”
Passage “this year” would be more believable than passage “this October,” the source said. However, “even ignoring the GOP leadership race in the House — which is still a distraction even in the Senate — we run out of highway funds on Oct. 29 and we hit the debt ceiling on Nov. 5. The Senate has a lot of big things to consider before the end of the year, I have a hard time believing McConnell is going to burn the political capital to push through CISA while those other deadlines are pending.”
That’s the skeptical view.
A House Intelligence Committee source dismissed the idea that uncertainty in the House GOP leadership race would affect the cyber legislation in any way.
“I would think and hope that the leadership issue will be settled enough by then so that the cyber bill won’t be affected,” the House source said. The House passed its version of the cyber legislation last April and has been waiting on the Senate ever since.
Industry representatives say they have momentum and a strong case to make.
“Sens. Burr and Feinstein, their staff members, and the Protecting America’s Cyber Networks Coalition have been working phenomenally hard to pass CISA,” according to the U.S. Chamber of Commerce’s Matthew Eggers.
“This must-pass legislation would help businesses thwart malicious hackers,” Eggers said. “Before an audience of industry representatives, academics, and government officials, the Chamber was very pleased to hear at its recent cyber summit that CISA is expected to be taken up promptly when the Senate returns to work after the Columbus Day recess — it’s far past time for stakeholders to finish the bill.”
The Protecting America’s Cyber Networks Coalition now includes 51 major industry groups and plans on taking up Feinstein’s challenge to keep up a steady message in favor of the bill.
The other side will be doing the same. “Yes, we’re ready and we’re going to be very busy reaching out,” said Nathan White of the group Access, which has helped spearhead opposition to CISA.
“Sens. Burr and Feinstein’s press release last week demonstrates the failure to understand the deep concerns about this bill,” White said of a recent statement by the senators that challenged the basis of opposition to CISA. “It is simply not the case that opposition to CISA is a ‘knee-jerk reaction’ ” by privacy groups, White claimed.
“Access and other civil society and security groups oppose CISA because it has fundamental flaws that make it impossible to achieve its stated cybersecurity goals,” he said. “But CISA does undermine our privacy rights. It is vital to push back against this dangerous piece of legislation, and rank and file Senators must hear that CISA is a flawed bill.”
White added that the privacy community believes any delays in Senate floor action play in their favor.
Sen. Burr countered that he and Feinstein have added numerous privacy-enhancing elements since last year’s version of the legislation failed to advance, saying, “We could put 10 more privacy protections in and the privacy groups would never agree with it. Some people you just can’t satisfy, no matter what you do.”
Burr said the bill sponsors can “process the 21 amendments in a matter of days” whenever McConnell decides to bring the measure to the floor.
Passage would set up negotiations with the House and Senate.
“We certainly have enough time to get it done,” Burr said, regardless of House leadership races and other potential distractions. Once again, for CISA supporters it’s just a matter of getting a floor date.
Charlie Mitchell is editor of InsideCybersecurity.com, an exclusive service covering cybersecurity policy from Inside Washington Publishers
