Call it wishful thinking or a sage prediction: Cyber Intelligence Sharing and Protection Act (CISPA) co-sponsor Rep. Mike Rogers (R-MI) believes President Obama will sign the controversial cybersecurity legislation — if it ever gets to his desk — despite the fact that his office threatened a veto.
“I think if we can get a bill on information-sharing to the president’s desk, he’ll sign it. I do believe that,” said Rogers during a panel discussion hosted by The Week magazine.
During pre-debate of CISPA in Congress, the White House issued a statement saying that it would not sign any cybersecurity bill that failed to protect critical infrastructure networks (like electrical grids, water systems, or air traffic control systems), and lacked privacy safeguards for citizens. CISPA provides neither — though the last part is technically up for debate.
What is CISPA, again?
CISPA, which passed the House in April, gives business the ability to share information — including private information about users — with the Federal government with near-blanket immunity. As long as any of the information shared can be used for “cybersecurity” or “national security” purposes, companies cannot be sued or tried under criminal law for disclosing customer information. The government would also be able to more easily share classified information with the private sector. Though improvements were made before it passed the House, CISPA remains problematic for privacy and civil liberty advocates.
Ye shall not pass
At the moment, however, it doesn’t appear as though CISPA or any of the cybersecurity legislation currently before the Senate will find its way to the president anytime soon. Last week, Sen. Joe Lieberman (I-CT), the lead sponsor of the Cybersecurity Act of 2012 — also known as CSA, it’s an expansive cybersecurity bill that includes similar, troublesome language as CISPA, and has support of both Obama and Democrats in the Senate — said the Senate must vote on CSA or its predecessor before July, or it will get lost in the Senate’s busy summer schedule, which is weighed down by more-pressing, appropriation legislation.
That said, Sens. Sheldon Whitehouse (D-RI) and Jon Kyl (R-AZ) are currently working to rectify bi-partisan disagreement surrounding the critical infrastructure safeguards portion of CSA and a competing bill, SECURE IT, which is Republican-backed. In CSA, the Department of Homeland Security would serve as a regulatory body tasked with making sure companies that control critical infrastructure networks meet certain security benchmarks. In SECURE IT, those benchmarks are voluntary — meaning no further “big government regulation” — though there are incentives in place for businesses that put the prescribed security measures in place. According to The Hill, the Whitehouse-Kyl compromise will likely lack any further regulation, which is likely necessary in order for the Republican-led House to pass the bill.
As far as Obama’ veto threat goes, well, the signs aren’t exactly good. A month after the threat was issued, Obama’s cybersecurity head, Howard Schmidt — a known CISPA critic — retired, possibly putting the White House’s official stance on the matter in flux. Furthermore, Obama isn’t exactly known for sticking tightly to his guns on vetoes; the president originally threatened to strike down the highly controversial National Defense Authorization Act, an annual defense appropriations bill, which contained a provision that allows the indefinite detention of American citizens held under suspicion of terrorism. He ultimately signed the bill. Still, Obama did try to tourniquet the political wound by issuing an executive order guaranteeing that his administration would not make use of the provision. And in March, a federal judge issued a historic injunction against the provision, saying that it was unconstitutional and would stifle free speech.
Not today, maybe not tomorrow, but someday soon, Congress will pass cybersecurity legislation. That legislation will contain provisions that impede upon our privacy and possibly our civil liberties. Furthermore, chances are good that Obama will sign whatever Congress passes. We are, after all, at cyberwar — a war that we appear to have started, mind you, with the release of Stuxnet, and now Flame — the world’s “most sophisticated cyber-weapon.” (Yeah, that was created by the U.S. and Israel to combat Iran, too, just like Stuxnet, according to a report out today from the Washington Post.) This is one of the first times in modern history that America’s “borders” are not firmly protected from foreign government intrusion. By Washington’s count, that’s bad policy and bad politics. As the great political philosopher The Dude once said, “This aggression will not stand, man.”