Romney Positions on Cybersecurity Legislation Unknown to Key Players
Cybersecurity is yet to catch on as an issue for the November elections, but it could by being tied to economic growth, job creation and national defense, said industry groups and congressional aides. Industry and consumer groups we spoke to were unaware of presumptive Republican presidential nominee Mitt Romney’s positions on cybersecurity issues, though he lists a few general defense-related cybersecurity priorities on his campaign website.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
In his first 100 days, Romney would order a “full interagency initiative to formulate a unified national strategy to deter and defend against the growing threats of militarized cyber-attacks, cyber-terrorism, cyber-espionage and private sector intellectual property theft,” he says in a fact sheet (http://xrl.us/bm8yhy) listing his “Strategy to Ensure an American Century.” His campaign did not respond by our deadline to questions about his stand on cybersecurity legislation in Congress and the White House’s stance on the issue.
"There is a role to talk about cybersecurity in terms of its economic impact” in the election campaign, said an aide to a Democratic congressman who has been active on the issue. There is an argument to be made that “we can’t afford to have companies continue to lose their research and development they have invested so much in, just siphoned off by foreign competitors,” he said. “The other part is national security,” that is, the threat to critical infrastructure, he said. “If a major cyberattack happens in the next six months it becomes a major [election] issue.”
The Democratic aide said he isn’t sure there would be any “political fallout” if the Democratic-controlled Senate fails to pass a cybersecurity bill after the House passed four pieces of legislation, including the Cyber Intelligence Sharing and Protection Act (CISPA), which the White House said it would veto. But it would be “advantageous to have something in the Senate because we need to address” the issue, he said.
"It’s a complicated issue” for politicians because of the “uncertainty of how it would play out,” said an official of a consumer group that’s active on privacy issues. “You have the national security folks on the one side” pushing for cybersecurity standards for critical infrastructure, she said, and “you've got privacy, which is really a sticky issue on the other side.” She said she wasn’t sure if anyone was going to “choose to jump on this as an issue and if so what tack they are going to take.”
With the Republican-controlled House having passed “something on cybersecurity, it is now in the laps of the Senate to do something or it becomes a campaign issue” if “something happens” before November, said a lobbyist for a utility trade group. Between the two Senate bills, the industry prefers the SECURE IT Act (S-2151) over the Cybersecurity Act (S-2105) because “we are not in favor of imposing additional regulations” on utilities, she said. She said she is doubtful that a compromise can be reached between the two bills.
Senate Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, I-Conn., is a co-sponsor of S-2105 along with Ranking Member Susan Collins, R-Maine, Senate Commerce Committee Chairman Jay Rockefeller, D-W.Va., and Senate Intelligence Committee Chairman Dianne Feinstein, D-Calif. Senate Armed Services Committee Ranking Member John McCain, R-Ariz., is a sponsor of the SECURE IT bill, along with GOP Sens. Kay Bailey Hutchison of Texas; Chuck Grassley of Iowa; Saxby Chambliss of Georgia; Lisa Murkowski of Alaska; Dan Coats of Indiana; Ron Johnson of Wisconsin; and Richard Burr of North Carolina.
With Romney yet to take a position in the cybersecurity debate in Washington, “I don’t see this being a big issue,” said an official of an IT industry trade group. The Cybersecurity Act puts in place measures to protect critical infrastructure, he said, versus information sharing required by CISPA, he said. So if a major cyber event occurs, it would be “bad for Republicans” if they block passage of the S-2105 bill, he said.