On Thursday, the United States Senate shot down so-called “cybersecurity” legislation in a mostly party line vote. Many Senate Democrats tried to hype up the bill as something that could prevent a worst-case scenario, but Republicans were concerned that it would put too much on businesses.
Sen. Ron Wyden (D-OR) noted that the bill was a trojan horse, explaining that “In its current form, the Cybersecurity Act does not sufficiently safeguard Internet users’ privacy and civil liberties, nor would it create the correct incentives to adequately protect the nation’s critical infrastructure from cyber threats.” Jim Harper, Director of Information Policy Studies at the Cato Institute, also explained that all the cybersecurity legislation would have done is create a headache for business and, as Wyden noted, put privacy at risk through data sharing with the federal government:
The Scylla and Charybdis Senate leaders appear to have been navigating was between a bill that was too regulatory, swamping American tech companies and “critical infrastructure” providers with deadening regulation, and, on the other hand, a bill that tapped too deeply into Americans’ communications and data. I’m happy—and feel quite safe—with cybersecurity legislation breaking up on the shoals or getting sucked down into a whirlpool, either one.
The Cybersecurity Act isn’t the first bill of its kind in the last several months that would have put Internet users’ privacy at risk. Recall that opponents to the Stop Online Piracy Act and the PROTECT IP Act were saying the same things six to eight months ago.
It appears that the only difference this time around is that President Barack Obama is going to get involved. According to The Hill, President Obama is considering an executive order to bypass Congress:
“In the wake of Congressional inaction and Republican stall tactics, unfortunately, we will continue to be hamstrung by outdated and inadequate statutory authorities that the legislation would have fixed,” White House Press Secretary Jay Carney said in an emailed response to whether the president is considering a cybersecurity order.
“Moving forward, the President is determined to do absolutely everything we can to better protect our nation against today’s cyber threats and we will do that,” Carney said.
The White House has emphasized that better protecting vital computer systems is a top priority.
An executive order may accomplish many of the goals of the Cybersecurity Act, but it could also further raise the ire of Republicans and the business groups, such as the U.S. Chamber of Commerce, who lobbied against the legislation.
Republicans have already accused President Obama of making illegal power grabs with his previous executive actions, and a cybersecurity order would likely elicit similar howls of disapproval.
President Obama took similar measures after Congress failed to pass the DREAM Act, which was a highly contentious piece of legislation dealing with immigration. No matter where one falls on that particular issue — or the issue of cybersecurity, for that matter, it’s troubling that any president can use executive power in such a way.
According to the Constitution, Congress is supposed to pass laws. The president is supposed to sign or veto them, and enforce existing and new laws. Unfortunately, the lines between these two branches of government have become blurred over time. Presidents have absored unusual powers to create new laws and powers with Congress left looking like an afterthought.
While the threats to cybersecurity are real, they are also overblown. As Harper notes, “[T]here is little substantiated evidence (the fear-mongering of government officials and contractors is not substantiated) that the bad guys are getting the upper hand.” But this isn’t stopping Senate Democrats and now President Obama from playing politics with the issue to put yet more rules in place that sacrifice privacy on the alter of “security.”