GOP Sens.: White House Eyeing Cybersecurity Exec OrderSay that would establish adversarial relationship between government and private sector 9/14/2012 10:30:11 AM Eastern
Backers of a Republican version of cybersecurity legislations
took to the pages of the Wall Street
Journal to ask the president "please" not to mandate
cybersecurity guidelines via executive order, arguing, for one thing, that that
would leave a significant issue unresolved.
"The White House is preparing an executive order on
cybersecurity that unilaterally imposes more mandates and regulations on the
private economy," wrote Sens. John McCain (Ariz.), Kay Bailey Hutchison
(Texas) and Saxby Chambliss (Ga.). "That's the wrong solution because it
cannot fully address the one area most critical to improving
cybersecurity-enhancing the sharing of cyber-threat information among private
firms and with the government."
and Democrats were unable to come to an agreement on cybersecurity legislation
that both agreed is needed, divided over the extent of the government's role in
overseeing/enforcing guidelines for cybersecurity protection and information
The Republicans warn that the president's mandate would
create an "adversarial" relationship between government and the
private sector instead of a cooperative one.
The executive order would be along the lines of the
Cybersecurity Act of 2012, which was primarily backed by Democrats, rather than
the SECURE IT Act backed by the Senators and other Republicans, as well as
cable operators. The latter bill focused on removing obstacles to information
sharing, including providing some legal immunity to companies that share the
info. The Cybersecurity Act was focused on information security and privacy
protection guidelines that the government would oversee in some capacity.
"If we are serious about improving information sharing,
we must encourage candid dialogue between the government and business,"
the senators wrote. "This will not occur unless we also ensure that the
information the federal government receives isn't then used to impose new and
extraneous regulations. Businesses should not have to choose between sharing
cyber-threat information and facing a regulatory backlash."