Many believed that plans for a presidential executive order to force through provisions of the proposed Cybersecurity Act which failed to get enough Senate support would leave the Act to die. Now however, it seems as if Senator Joe Lieberman believes the reverse. Reuters reports that Senator Joe Lieberman “would consider dropping a provision aimed at shoring up protection of critical infrastructure that had raised concerns among Senate Republicans, if that issue could be addressed in an executive order.”
The comment came from Jeffrey Ratner, senior adviser for cybersecurity on the Senate Homeland Security Committee, speaking at a cybersecurity conference hosted by the Washington Post yesterday. Since Ratner says that the executive order will definitely proceed, the new suggestion is that the most contentious issues can be left out of the new version of the Cybersecurity Act – making it more likely to achieve the support it needs.
Those contentious issues, which include what business considers over-regulation and privacy advocates consider will be an open door to internet eavesdropping, will be enforced by executive order, not requiring Congressional approval. “What can’t be done is the incentives,” said Ratner (reported by Cynthia Brumfield in DigitalCrazyTown). “You can’t offer [via executive order] incentives like liability protections, which the Congress can.” The new plan has the president providing the stick and Congress providing the carrot in a new two-pronged enactment of the original Cybersecurity Act.
The executive order and any future Act will likely increase the power and influence of DHS and Janet Napolitano – which is not welcomed by all. Napolitano was also at the conference, and likened the effect of a cyberattack to Frankenstorm Sandy, and DHS to FEMA, the Federal Emergency Management Agency. "We look and act like a cyber-FEMA," reported Brumfield. But what are the alternatives? “When you say to people that you want to put NSA in charge of public information, it doesn’t bring screams of joy," Jim Lewis, senior fellow and program director at CSIS said, adding “am I going to want the FBI crawling over our networks?”
It appears as if plans for the Cybersecurity Act are still very much alive, and its provisions will be enforced by Janet Napolitano and the Department of Homeland Security.