Lawmakers in cybersecurity rush

Lawmakers are rushing to pass a major cybersecurity bill this month before a divisive debate over reauthorizing the National Security Agency’s surveillance programs bogs them down.

Lawmakers have maintained that their cyber efforts, which would provide legal protections to companies that share cyber data with the government, have nothing to do with surveillance.

{mosads}“Apples and oranges,” House Intelligence Committee Chairman Devin Nunes (R-Calif.) told reporters.

But privacy advocates are worried the cybersecurity bill would shuttle more data into the government’s hands — and have drawn a link to the debate over the NSA. They argue the agency must be reformed before Congress passes additional laws that would give the government more data.

The cybersecurity bills are intended to create a law that enables companies to share more cyber threat data with the government. Government officials and most industry groups argue greater cyber information-sharing is necessary to protect the country from hackers that have repeatedly breached companies and government agencies.

Advocates for the cybersecurity bill have already seen what can happen when the two issues mix.

During December’s lame-duck session, the Senate tried to concurrently move a cyber info-sharing bill and the USA Freedom Act, which would have reigned in the NSA’s most controversial surveillance program.

The two issues got tied up. Privacy advocates, some congressional Democrats and the White House insisted Congress pass the USA Freedom Act before voting on any cyber info-sharing measure.

When the USA Freedom bill died on the Senate floor after hours of heated speeches and a late-night vote, it all but destroyed the chances of the cyber bill going through.

This time, lawmakers are trying to take a different approach.

“They wanted to get something done as quickly as they could to avoid the convolution with the NSA reform,” said Alex Manning, who served as staff director of the House Homeland Security Subcommittee on Cybersecurity last Congress.

“From a strategic perspective, it is absolutely better to have [cyber legislation] move prior to that discussion,” said Norma Krayem, a lobbyist with Squire Patton Boggs who co-chairs the firm’s cybersecurity industry group.

The NSA programs must be reauthorized by June 1, giving cybersecurity legislation a narrow window to move.

Republicans, Democrats and even the White House seem mostly on board with a slate of cyber info-sharing bills, increasing the likelihood of success.

“The prospects for successful passage of cyber legislation have gone up dramatically,” House Intelligence Committee ranking member Adam Schiff (D-Calif.) told reporters last month.

The House Intelligence Committee started from scratch on a bill that forbids cyber threat data from going directly to the NSA. Although it still didn’t win over privacy groups, several crucial Democrats, including Schiff, came around.

The panel also worked closely with their Homeland Security Committee colleagues on a novel approach to develop two complementary cyber info-sharing bills.

On the Senate side, the Intelligence Committee incorporated large portions of a White House’s proposal into its revised bill.

The combined efforts have earned kinder words from the White House than last year.

In 2014, President Obama issued a veto threat against the House Intelligence Committee’s bill. Then-Senate Intelligence Committee Chairwoman Dianne Feinstein (D-Calif.) also called out the administration for stalling her efforts.

But on Wednesday, White House Cybersecurity Coordinator Michael Daniel said the administration is “very encouraged” by the Senate Intelligence Committee’s work.

“While we still have some issues to work through, I think that we’re confident that we have a path forward,” he said.

Daniel added, there was “a way to work forward” on both House bills as well.

The NSA talks could distract from the newfound comity, though, leaving lawmakers trying to fit cyber legislation into a cluttered legislative calendar throughout the summer and fall.

“If we don’t do [cyber] by the end of April, then we’ll have to do it by the end of July,” after surveillance reform, said Manning, now the senior government relations director with Arent Fox.

At that point, Congress’s rush to work on the annual spending bills could make time on the floor scarce.

Privacy advocates have not budged in their opposition. They want to see NSA reform happen before the cybersecurity legislation moves forward.  

“We continue to say that NSA surveillance reform needs to be the priority,” said Gabe Rottman, legislative counsel with the American Civil Liberties Union.

“It would be tragic if the first substantive congressional response to the [Edward] Snowden revelations about NSA abuses was to channel more Americans’ communications information right to the NSA. Tragic” said Greg Nojeim, senior counsel at the Center for Democracy & Technology.

House leaders are teeing up their cyber bills to hit the floor the week of April 20. Senate leaders are hoping their bill will reach the floor on a similar timeframe.

That leaves only a few weeks of wiggle room before surveillance discussions start ramping up.

“The further [cyber] gets pushed off, the lower the chances are,” Manning said.