Assuring potential critics that the government doesn’t need to take over the Internet in order to protect it, Sen. John McCain, R-Ariz., joined a bevy of other Republican committee leaders on Thursday to introduce cybersecurity legislation.
“The only government actions allowed by our bill are to get information voluntarily from the private sector and to share information back,” McCain told reporters. “We have no government monitoring, no government takeover of the Internet, and no government intrusions.”
Lawmakers working on bills relating to the Internet are walking a fine line after the backlash over controversial antipiracy measures scuttled two bills in January. But McCain’s comments were also aimed at the Cybersecurity Act of 2012, recently introduced by the top members of the Senate Homeland Security, Intelligence, and Commerce committees.
McCain and the seven other cosponsors of the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT) criticized the Cybersecurity Act as too heavy-handed and said their alternative bill takes a more industry-friendly approach to cybersecurity.
“Now is not the time for Congress to be adding more government, more regulation, and more debt – especially when it is far from clear that any of it will enhance our security,” said Senate Intelligence Vice Chairman Saxby Chambliss, R-Ga. “Our bill offers the right solution to improving our nation’s cybersecurity by encouraging collaboration, investment, and innovation.”
Specifically, the SECURE IT Act would allow companies to voluntarily share information about cyberthreats; limit liability for companies that take steps to protect their networks; and limit the type of information that can be shared in order to protect privacy. The bill would also reform federal cybersecurity standards.
The proposals earned praise from some industry groups like USTelecom and the Internet Security Alliance, which called the bill “not just a step in the right direction but several steps in the right direction.”
McCain said he plans to offer his bill as a substitute when the Cybersecurity Act is brought to the floor sometime in the next few weeks. The extent of support for either bill is not clear, but the dueling legislation could split support from industry as well as complicate efforts to pass a matching bill in the House.
Homeland Security Chairman Joe Lieberman, ID-Conn., spearheaded an effort to develop and draft the comprehensive Cybersecurity Act of 2012, which, in addition to increasing information sharing, would give the Homeland Security Department more authority to make sure certain “critical infrastructure” is protected.
Lieberman and his cosponsors, Commerce Committee Chairman Jay Rockefeller, D-W.Va., Homeland Security Committee ranking member Susan Collins, R-Maine, and Intelligence Committee Chairwoman Dianne Feinstein, D-Calif., said they welcome the new proposals.
But Rockefeller spokesman Vince Morris said incentives and voluntary measures aren’t enough to ensure cybersecurity. “We’re still convinced that you can’t get there without some new rules but we’re eager for the debate to begin,” he said.