Cybersecurity Bill Suffers Another Defeat – Obama Signs Secret Directive
by: Tim Brown
Desperate Senate leaders eager for control of the internet, brought the Cybersecurity Act of 2012 back to the Senate floor for a vote Wednesday, and once again they failed. It was just a couple of votes shy of passing (51-47), but one vote closer than when it was presented back in August (52-46).
Immediately following the August vote, the word was out that Barack Obama was considering an executive order to put in place the very thing the Senate had rejected. In addition, part of the reason was additional things tossed into the cybersecurity bill, such as bits of gun control.
However, the rumors of an Obama executive order then came to be fact as White House spokeswoman Caitlin Hayden said, “An executive order is one of a number of measures we’re considering as we look to implement the president’s direction to do absolutely everything we can to better protect our nation against today’s cyber threats.”
Then, within a month Department of Homeland Security Janet “Big Sis” Napolitano testified before the Senate Committee on Homeland Security and Governmental Affairs that a cybersecurity executive order was indeed near completion.
It seems that following the elections that Democrats were eager to push this bill through. Even the fear mongering of Secretary of Defense Leon Panetta warning of a cyber “Pearl Harbor” or “9-11″ was not enough to advance the bill. So the remaining option seems to be for Obama to just sign a piece of paper that has no Constitutional authority to push what the people have rejected.
According to The Hill, Senator Joe Lieberman (I-CT) “warned that the president would be compelled to issue the executive order if the Senate voted against moving the bill forward. But he noted that the cyber order would not accomplish everything that legislation could, including liability protection that would safeguard companies from legal action if they’re hit by a cyberattack.”
“I’m confident that if we fail to act, the president will act,” Lieberman said. “I think he has a responsibility to act because if we don’t we’re leaving the American people extremely vulnerable to a cybersecurity attack.”
Senator Saxby Chambliss (R-GA) said, “Frankly, the underlying bill is not supported by the business community for all the right reasons. They’re the ones that are going to be called to comply with the mandates and the regulations, and frankly it’s just not going to give them the protection they need against cyberattacks.”
In addition to Chambliss, Senator Chuck Grassley (R-IA) shot back at claims by Democrats that Republicans were threatening national security for not favoring the bill, saying, “disagreements over how to address policy matters shouldn’t evolve into accusations about a member’s willingness to tackle the issue.”
However, The Washington Post reports that Obama signed a secret cybersecurity directive back in mid-October: Presidential Policy Directive 20:
Presidential Policy Directive 20 establishes a broad and strict set of standards to guide the operations of federal agencies in confronting threats in cyberspace, according to several U.S. officials who have seen the classified document and are not authorized to speak on the record. The president signed it in mid-October.
The new directive is the most extensive White House effort to date to wrestle with what constitutes an “offensive” and a “defensive” action in the rapidly evolving world of cyberwar and cyberterrorism, where an attack can be launched in milliseconds by unknown assailants utilizing a circuitous route. For the first time, the directive explicitly makes a distinction between network defense and cyber-operations to guide officials charged with making often-rapid decisions when confronted with threats.
Since the cybersecurity bill has faced defeat twice this year and since we are approaching a new year when people are not paying attention, sort of like they weren’t last year when Barack Obama signed into law the National Defense Authorization Act (NDAA) with its section on “indefinite detention,” I would not put it past this administration to wait till sometime around New Year’s and sign his cybersecurity executive order. Then all of the usual fluff pieces about the holidays and record sales will end up dwarfing his undermining of the Constitution and our liberties. I’ll keep you posted…