'We can do lots of talking, but they need to pass something,' Rep. Mac Thornberry said. Daring the Senate on cybersecurity

The House is sending a message to the White House and Senate Democrats this week by passing a batch of cybersecurity bills aimed at preventing the digital version of a Pearl Harbor: Not on our watch.

The idea is to spur Democrats to move — giving them the choice to either bring their own stalled bill to a vote or risk standing on the wrong political side of a national security issue.


“I’m hoping … when we pass these bills, the Senate will pass something and that will give us a chance to go to conference and accomplish something,” Texas Rep. Mac Thornberry, who led the GOP Cybersecurity Task Force last year, told POLITICO. “We can do lots of talking, but they need to pass something.”

The bills — including the controversial Cyber Intelligence Sharing and Protection Act — are expected to pass the House without a problem by Friday, giving Republicans a partisan talking point and providing them cover should cyberenemies execute attacks against American agencies or utilities.

It’s a tough spot for Senate Majority Leader Harry Reid and for President Barack Obama, whose aides lean toward the Senate’s comprehensive cybersecurity approach but have been unwilling to box themselves in by criticizing the House bill directly.

For now, Reid remains paralyzed by turf wars, an inability to collect the 60 votes needed to get a bill to the floor and the hangover effect from anti-piracy legislation that left many Democratic senators preternaturally afraid of crossing the Internet companies and activists behind the anti-SOPA efforts.

On CISPA, some tech and Internet firms — such as Facebook, Microsoft and IBM — support the House bill. But cyberliberties groups have taken to social media to wage a campaign to brand it as a “ cyberspying” bill that would let companies share private information on users with the federal government.

At the heart of the cyberfight in Congress is a partisan impasse over how far the government should go in requiring private companies and utilities to maintain specific cybersecurity standards.

The main House bill, written by Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Dutch Ruppersberger (D-Md.), would make it easier for private companies to share information about cyberthreats with the government — including utilities that could be vulnerable to attacks. The bill doesn’t require much of the companies that participate, so the coalition supporting it includes a variety of industry players who don’t want the regulatory shackles in alternative legislation.

The primary Senate bill, written by Homeland Security Chairman Joe Lieberman (I-Conn.) and ranking member Susan Collins (R-Maine), would establish new cybersecurity standards and give the Homeland Security Department the power to oversee their implementation by utilities and other entities.

For now, the House will go it alone. Votes are expected Thursday on a handful of other cyberbills; the CISPA vote is slated for Friday.

The move provides cover for Republicans in the event of an attack and puts pressure on the Senate and the White House on a matter that all sides agree is vital to America’s national security interests.

The White House has been cagey on the matter. While criticizing Rogers’s bill by inference — never by name — senior administration officials declined to comment earlier this week when asked if Obama would veto CISPA if it were to make it to his desk.

After all, he’s running for reelection and might want to move quickly on cybersecurity legislation — in case it becomes a political issue.

The administration is toeing a careful line: It doesn’t want to trash a bipartisan national security-focused bill that’s actually making headway through Congress, but it also doesn’t want to ease up on its push for legislation that would hold critical infrastructure operators accountable for meeting a set of security standards. Republicans have decried that approach as too heavy-handed.

While top administration and defense officials have endorsed the Lieberman-Collins approach in classified briefings in the Senate, Republicans aren’t backing down on rallying opposition to a measure that would tack new security rules onto industry.

A group of Senate Republicans, led by Arizona’s John McCain, are backing a rival measure that focuses on improving information sharing between industry and government, mirroring many aspects of CISPA in the House.

Asked if there could be a compromise, Senate Commerce Committee Chairman Jay Rockefeller (D-W.Va.) said: “It probably could, but they’re going to have to include critical infrastructure.”

“Look, if you don’t have it, you don’t have a cybersecurity bill,” he said.

House Intelligence Committee leaders said Tuesday they’ve agreed to incorporate changes to CISPA that address privacy and civil liberties concerns raised by advocacy groups, such as the Center for Democracy & Technology and the American Civil Liberties Union. Other House members will introduce these changes as amendments when the bill is on the floor for debate.

The changes are aimed at narrowing how the government can use information that is shared with it by private companies. It will also encourage that reasonable efforts be made by the government to minimize the impact on privacy and civil liberties when information is shared by companies.

CDT said there are still additional amendments it would like to have adopted into the bill, but it “will not oppose the process moving forward in the House.”

“The [Intelligence] Committee listened to our concerns and has made important privacy improvements and we applaud the committee for doing so,” the cyberliberties group said in a statement.

However, the group said its concern that the bill would increase the flow of Internet data to military agencies such as the National Security Agency is still outstanding.

Meanwhile, Democratic Reps. Bennie Thompson of Mississippi and Adam Schiff of California submitted amendments to the House Rules Committee on Tuesday that aim to incorporate additional privacy protections into the bill.

One of Thompson’s amendments attempts to incorporate language of a bill by Rep. Dan Lungren (R-Calif.) that passed out of the House Homeland Security Committee last week but which GOP leadership has decided not to bring to the House floor for consideration.

Despite the criticism about the privacy implications of CISPA, Rogers predicted he has “well past” 200 votes in favor of the measure.

“We feel very confident we have the votes for the bill,” he said.