Dems fear late add could blow up cyber push
Democrats and industry groups are worried that congressional leaders could endanger the passage of several broadly supported cybersecurity measures by attaching a controversial data-breach notification bill.
Starting next week, Congress will vote on three bills that would give companies liability protection when sharing cyber threat data with the government.
{mosads}Separately, lawmakers are considering legislation that would set nationwide data security standards and require companies to notify customers after a hack.
“I would be concerned if the measures were tied together in a way that slowed down the progress of cyber,” House Intelligence Committee ranking member Adam Schiff (D-Calif.), a co-sponsor of one threat-sharing bill, told The Hill. Schiff added he hasn’t heard that that will happen.
But the prospect of intertwining the measures has generated unease in markups this week and spurred industry groups to caution congressional leaders against any such move.
“I am very concerned,” said Rep. Frank Pallone Jr. (D-N.J.), the House Energy and Commerce Committee’s ranking member, during a Wednesday markup of one of several data-breach bills.
“I think that to just put this in with other bills … I think we’re just moving too quickly,” he added. “I would like to see the process slowed down.”
Next week is “cyber week” on the Hill. The House is expected to vote on its two cyber threat data-sharing measures. The Senate will likely follow soon after with a vote on its companion bill.
The goal of the legislation is to boost the nation’s cyber defenses by providing the government and private businesses a pathway for sharing data to get a better idea of hackers’ tactics.
The measures have growing bipartisan support.
Several skeptical Democrats have come on board in recent months. Even the White House, which issued a veto threat for a House threat-sharing offering last year, now seems mostly satisfied with the new language.
Industry groups have also heavily lobbied for such a measure.
Meanwhile, House and Senate lawmakers have been discussing several data breach bills. The measures — at least four in total — are quite similar.
While each has a degree of bipartisan support, the two parties have become increasingly divided over when the approved bill should preempt existing state law.
Democrats fear it could create national data security guidelines weaker than long-standing state law. Republicans are wary of an overly invasive federal standard set by the Federal Trade Commission.
The rift was on display at Wednesday’s markup.
Democrats unexpectedly pulled their support for the bill, including the measure’s co-sponsor, Rep. Peter Welch (D-Vt.).
The bill, initially backed by Welch and Rep. Marsha Blackburn (R-Tenn.), passed along party lines.
Later that day, Welch told reporters he believed a few tweaks to the bill could get Democrats, including him, back on board.
But they won’t have much time to resolve the differences because the House’s two cyber threat data-sharing bills seem guaranteed to hit the floor next week
The bills are also likely to pass, making them an attractive vehicle to carry the less-supported data-breach language, according to lobbyists and former staffers.
House Intelligence Committee leaders acknowledge data breach legislation could be a wild card for their bill on the House floor.
“We’re not sure how that’s going to work into this mix,” Chairman Devin Nunes (R-Calif.) has told reporters.
On the Senate side, the Intelligence Committee has a companion cyber information-sharing bill that Majority Leader Mitch McConnell (R-Ky.) said will soon come to the floor.
Industry groups are warning senators against adding any data breach language to the bill, known as the Cybersecurity Information Sharing Act (CISA).
The U.S. Chamber of Commerce wrote Senate leaders on Tuesday, arguing such a move “would weaken or overly complicate this important bipartisan bill.”
Data breach notification guidelines and data security standards “are best addressed in other contexts,” the Chamber said.
Sen. Bill Nelson (Fla.), the Senate Commerce Committee’s top Democrat, is backing one of the upper chamber’s data breach bills.
He told The Hill he’s trying to find a way to move his bill, but he has no plans as of now to offer it as an amendment to CISA.
“I’m gonna talk to [Commerce Committee Chairman] John Thune [R-S.D.], because it’s not controversial,” he said. “We’ll find a vehicle.”
Sen. Tom Carper (D-Del.), an active lawmaker on cyber issues, is also sponsoring a bipartisan measure that mirror’s Nelson’s bill.
He told The Hill he would like to see a Commerce Committee hearing before any decisions are made about how to move forward.
A hearing would give ”folks who are knowledgeable on this issue — whether they like our bill or [Nelson’s] bill — an opportunity to say why and offer elements of whichever bill they want to champion, and probably shape an even better piece of legislation,” Carper said.
Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..