McCain, GOP Vow Alternative Cybersecurity Bill
Arizona Republican blasts bipartisan cybersecurity bill for DHS authority, new regulations on private sector operators.
Thu, February 16, 2012
CIO — WASHINGTON -- Blasting a comprehensive cybersecurity bill introduced earlier this week in the Senate as a senseless recipe for more unwarranted regulation, Sen. John McCain (R-Ariz.) said on Thursday that he and six Republican colleagues would bring forward their own legislation when the Senate returns from recess at the beginning of next month.
At a hearing before the Homeland Security and Governmental Affairs Committee to consider the Cybersecurity Act of 2012, McCain objected to both the substance of the bill and the process by which it is on track to move forward, saying that he and other GOP leaders are "left with no choice but to introduce an alternative cybersecurity bill in the coming days."
"All of us recognize the importance of cybersecurity in the digital world," McCain said. "It's my opinion that Congress should be able to address this issue with legislation that a clear majority of us can support."
McCain and six other ranking committee members earlier this week sent a letter to Majority Leader Harry Reid asking him to delay the floor debate on the measure to give the various committees with jurisdiction more time to hold hearings and develop alternative legislation.
The Cybersecurity Act, sponsored by Joe Lieberman (I-Conn.) and Susan Collins (R-Maine), the chairman and ranking member of the homeland security committee, would empower the Department of Homeland Security to create a framework for securing critical private sector infrastructure, giving the department a limited measure of regulatory oversight. Sens. John Rockefeller (D-W.V.) and Dianne Feinstein (D-Calif.), the chairs of the commerce and intelligence committees, respectively, are also original cosponsors of the bill.
"If the legislation before us today were enacted into law, unelected bureaucrats at the DHS would promulgate prescriptive regulations on American businesses," McCain said, declaring that the measure would "stymie job creation, blur the definition of private property rights and divert resources from actual cybersecurity to compliance with government mandates."
Both Lieberman and Collins defended the regulatory approach described in the bill, arguing that the oversight framework is narrowly drawn and gives industry players significant flexibility in achieving compliance, and that ensuring a baseline level of security in areas of critical infrastructure such as utilities the financial services sector is a decidedly pro-business stance.
"This is national security," Lieberman shot back at McCain at today's hearing, arguing that the cybersecurity performance requirements that companies would have to demonstrate "will protect American business and American jobs."