A Democrat-backed cybersecurity measure that the Obama administration calls necessary to protect the nation's infrastructure was blocked by Republicans opposed to what they considered to be undue regulation.
The Cybersecurity Act of 2012 needed 60 votes to move to a vote by the full Senate, thanks to a Republican filibuster of the measure. It mustered only 52 votes in favor, which in the Senate's upside down world allowed a minority of 46 opponents to defeat the measure. The vote mostly fell along party lines, according to Bloomberg. Senate Democrats had hoped to have a vote on the measure by the Senate before the August recess.
The measure, sponsored by Sen. Joseph Lieberman (I-Conn.), Sen. Susan Collins (R-Maine), Sens. John D. (Jay) Rockefeller IV, (D-West Virginia) and Dianne Feinstein (D-California), had already been watered down to meet the objections of anti-regulation Republicans who argued that forcing companies to meet minimum security standards would be unduly burdensome. The latest version made the security standards voluntary. Meanwhile, privacy advocates largely supported the revised bill after it was amended to include provisions designed to preserve civil liberties and the privacy of users that might be threatened by increased information sharing between businesses and government.
There were a flurry of late amendments, including one from Sen. Ron Wyden (D-Ore.) to prevent warrantless tracking of consumers via GPS and one from Sen. Al Franken (D-Minn.) to protect consumers from monitoring by ISPs. But pro-business Republican objections -- and the filibuster -- ruled the day, although a gun control amendment that Sen. Frank Lautenberg (D-New Jersey) refused to withdraw may also have influenced opposing Republicans.
The security bill is considered vital to ensuring that private U.S. businesses tasked with running the electric grid, utilities, nuclear power plans and other key pieces of critical national infrastructure are taking appropriate measures to protect their facilities against attacks from hackers, cyberspies and malware.
"Regardless of today's vote, the issue of cybersecurity is far from dead," said Michelle Richardson, ACLU legislative counsel, in a statement. "When Congress inevitably picks up this issue again, the privacy amendments in this bill should remain the vanguard for any future bills. We'll continue to work with Congress to make sure that the government's cybersecurity efforts include privacy protections. Cybersecurity and our online privacy should not be a zero sum game."
Dean Garfield, president and chief executive of the Information Technology Industry Council (ITI), said he was disappointed with the news. "The Senate vote is a reminder that we have a long way still to go," he said in a statement. "We hope that, despite this setback, Senators will continue to work with stakeholders and reach agreement on a proposal that embraces security innovation as the best way to counter the threats we all know are out there. Any effort must recognize the critical importance of private-sector leadership for information and communications technology innovation, increased information sharing, and a risk-management approach."
Update, 9:57 a.m. PT: Adds ITI comment.
Update, 10:24 a.m. PT: Adds information on gun control amendment.
Update, 12:50 p.m. PT: Leslie Phillips, the communications director for the Senate Homeland Security and Governmental Affairs Committee, sent the following to CNET:
Lieberman had this to say after the vote:
"Am I disappointed? You bet I am. Am I angry? Yes, I am. Because once again the members of Congress have failed to come together to deal with a serious national problem. All the more surprising in this case because what's at stake here is the security and prosperity of the American people. It's not just another political argument in a campaign. This is about what everyone acknowledges is rising to be a serious threat to America's security in the years ahead, and that is the fact that we're not adequately defended against cyberattacks.
"What broke down in this case? It's standard stuff. Failure to compromise, although I will say we compromised a lot from our original bill. Failure to control one's impulse to see every bill that comes before the Senate, no matter how important, as nothing more than a vehicle on which to put one's favorite political issues or favorite governmental issues unrelated to the cybersecurity of the United States.
"This is a moment of disappointment that I really cannot conceal. The threat of cyberattack is so real, so urgent, and so clearly growing that I am not going to be petulant about this. I am not optimistic, but I am going to remain open through every day of this session to doing what the Majority Leader said he wanted us to do, which is to come up with a finite list of amendments that are germane and relevant to the topic of cybersecurity and he would bring the bill to the floor. Some of the folks on the other side again said to us that they want to do that. Frankly, we said to them in all our conversations, we still haven't had what we call here bill language, actual language of amendments they would like to submit to change the bill. They said they would work on that and submit them to us. Obviously, we will consider them and I hope and pray we can find a way to get back to common ground to protect America's common ground, American's common cyberground.
"It's hard to see that today is anything but a failure of the Senate and a setback for our national security."
Updated August 3 at 9:19 a.m. PT to clarify that Cybersecurity Act of 2012 was sponsored by two Democrats, a Republican and an Independent and is backed by Democrats.