Obama Order on Cybersecurity Would Be ‘Big Mistake,' Key Republican Says

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

Sen. Susan Collins (R-Maine) Oct. 1 said it would be a “big mistake” for President Obama to issue an executive order addressing cybersecurity issues that have not yet been resolved by Congress.

Speaking at a cybersecurity event hosted by the Woodrow Wilson Center, Collins said that an executive order cannot possibly be an adequate substitute for legislation and could actually “lull” people into a false sense of security, although she shares the president's frustrations over the gridlock on Capitol Hill.

“I've urged the president not to pursue it, but rather to continue to work with us,” said Collins, ranking member of the Senate Homeland Security and Governmental Affairs Committee and a co-sponsor of the Cybersecurity Act (S. 3414).

In the wake of a Senate impasse over the bill, the administration has said that it is considering an executive order that would direct federal agencies to secure the nation's critical infrastructure by working with industry partners on the development of best practices (11 PVLR 1435, 9/24/12).

Hope for Consensus After Elections.

Despite the Senate's inability to reach an agreement on the issue thus far, Collins said that she was hopeful that “cooler heads” will prevail after the elections.

Senate Homeland Security Chairman Joseph Lieberman (I-Conn.), the bill's chief sponsor, has sent a letter to Obama urging him to use the “full extent” of his executive powers to protect the nation from cyberthreats in light of dim legislative prospects (11 PVLR 1467, 10/1/12). Senate Commerce Chairman John D. Rockefeller IV (D-W.Va.), Senate Intelligence Chairman Dianne Feinstein (D-Calif.), and several other Democrats have endorsed the idea of an executive order on cybersecurity (11 PVLR 1331, 9/3/12).

Rockefeller also wrote to Fortune 500 companies seeking feedback on the need for cybersecurity legislation (11 PVLR 1434, 9/24/12).

Among other provisions, the Senate bill calls for a government-administered program to encourage critical infrastructure operators to adopt cybersecurity best practices.

While the program is designed to be voluntary and incentives-based, critics such as the U.S. Chamber of Commerce see burdensome rules as a likely outcome. Senate Majority Leader Harry Reid (D-Nev.) had hoped to get the legislation passed before the August recess but was ultimately unable to muster enough votes to head off a filibuster.

Collins was one of only five Republicans who voted in favor of a motion designed to cut off further debate and expedite final passage (11 PVLR 1227, 8/6/12).

By Alexei Alexis