The president would have the power to safeguard essential federal and private Web resources under draft Senate cybersecurity legislation.
According to an aide familiar with the proposal, the bill includes a mandate for federal agencies to prepare emergency response plans in the event of a massive, nationwide cyberattack.
The president would then have the ability to initiate those network contingency plans to ensure key federal or private services did not go offline during a cyberattack of unprecedented scope, the aide said.
Ultimately, the legislation is chiefly the brainchild of Sens. Jay Rockefeller (D-W.Va.) and Olympia Snowe (R-Maine), the chairman and ranking member of the Senate Commerce Committee, respectively. Both lawmakers have long clamored for a federal cybersecurity bill, charging that current measures — including the legislation passed by the House last year — are too piecemeal to protect the country’s Web infrastructure.
Their renewed focus arrives on the heels of two, high-profile cyberattacks last month: A strike on Google, believed to have originated in China, and a separate, more disjointed attack that affected thousands of businesses worldwide.
Rockefeller and Snowe’s forthcoming bill would establish a host of heretofore absent cybersecurity prevention and response measures, an aide close to the process said. The bill will “significantly [raise] the profile of cybersecurity within the federal government,” while incentivizing private companies to do the same, according to the aide.
Additionally, it will “promote public awareness” of Internet security issues, while outlining key protections of Americans’ civil liberties on the Web, the aide continued.
Privacy groups are nonetheless likely to take some umbrage at Rockefeller and Snowe’s latest effort, an early draft of which leaked late last year.
When early reports predicted the cybersecurity measure would allow the president to “declare a cybersecurity emergency,” online privacy groups said they felt that would endow the White House with overly ambiguous and far-reaching powers to regulate the Internet.
The bill will still contain most of those powers, and a “vast majority” of its other components “remain unchanged,” an aide with knowledge of the legislation told The Hill. But both the aide and a handful of tech insiders who support the bill have nonetheless tried to dampen skeptics’ concerns, reminding them the president already has vast — albeit lesser-known — powers to regulate the Internet during emergencies.
It is unclear when Rockefeller and Snowe will finish their legislation. And the ongoing debate over healthcare reform, financial regulatory reform, jobs bills and education fixes could postpone action on the floor for many months.
Both lawmakers heavily emphasized the need for such a bill during a Senate Commerce Committee cybersecurity hearing on Wednesday.
“Too much is at stake for us to pretend that today’s outdated cybersecurity policies are up to the task of protecting our nation and economic infrastructure,” Rockefeller said. “We have to do better and that means it will take a level of coordination and sophistication to outmatch our adversaries and minimize this enormous threat.”