Senate Democrats Renew Effort To Pass Cybersecurity Legislation

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

Key Senate Democrats Jan. 23 reaffirmed their commitment to getting some form of comprehensive cybersecurity legislation enacted, after a failed attempt in the previous Congress, as they introduced a “sense of Congress” bill, the Cybersecurity and American Cyber Competitiveness Act of 2013 (S. 21), which outlines a preliminary legislative framework.

“The new Congress has a real opportunity to reach needed consensus on bipartisan legislation that will strengthen our nation's cybersecurity,” Senate Commerce Committee Chairman John D. Rockefeller IV (D-W.Va.), chief sponsor of the bill, said in a statement. “It is a priority this year to act on comprehensive cybersecurity legislation.”

Other sponsors include Sens. Tom Carper (D-Del.), incoming chairman of the Senate Homeland Security Committee, and Dianne Feinstein (D-Calif.), who heads the Senate Intelligence Committee.

In the previous Congress, the Senate considered a cybersecurity bill (S. 3414) that prompted regulatory concerns from the U.S. Chamber of Commerce. Ultimately, Republicans and Democrats were unable to reach agreement on the bill (11 PVLR 1711, 12/3/12).

In the wake of the impasse, the White House has said that it is considering the possibility of an executive order on cybersecurity, while emphasizing that legislative action is still needed (see related report in this issue).

Cybersecurity is expected to be a high priority issue in the 113th Congress (see related report in this issue).

Legislative Goals Outlined

The newly unveiled Senate bill includes general legislative goals, including:

• establishing mechanisms for the sharing of cyberthreat information between the government and private sector;

• enhancing the security and resiliency of public and private communications and information networks against cyber-attacks by nation-states, terrorists, and cybercriminals;

• developing a “coherent” public-private system to improve the capability of the United States to assess cyberrisks and prevent, detect, and “robustly” respond to cyber-attacks against the nation's critical infrastructure, such as the electric grid, the financial sector, and telecommunications networks;

• promoting research and development investments in the U.S. information technology sector that create and maintain well-paying jobs in the United States and help to enhance the nation's economic competitiveness and cybersecurity;

• preventing and mitigating identity theft and guarding against abuses or breaches of personally identifiable information;

• enhancing U.S. diplomatic capacity and public-private international cooperation to respond to emerging cyberthreats;

• expanding tools and resources for investigating and prosecuting cybercrimes in a manner that respects privacy rights and civil liberties and promotes U.S. innovation; and

• maintaining “robust” protections for the privacy of U.S. citizens and their online activities and communications.


Meanwhile, Rep. Michael McCaul (R-Texas), the new chairman of the House Homeland Security Committee, said in a Jan. 23 statement that enactment of comprehensive cybersecurity legislation will be one of the panel's top priorities.

“I am confident that by leveraging private sector relationships--and working together with our fellow House Committees and our counterparts in the United States Senate--we will be able to draft a cyber bill that will effectively address concerns raised by both industry and the public, and ultimately enjoy the President's support,” McCaul said.

New House Judiciary Committee Chairman Bob Goodlatte (R-Va.) also said his committee would address cybersecurity (see related report in this issue).

Full text of S. 21, as introduced, is available at