On Thursday, August 2, a procedural vote on the new version of Senator Lieberman's cybersecurity proposal failed to get enough support to move the bill to the floor for a vote. It's unclear at this time if the Senate will try to take up the measure again sometime after the five week recess, or take up a different cybersecurity bill, or leave the issue unaddressed.
As we reported last week, Senator Lieberman and his colleagues had made some changes to the proposal that narrowed the definition, scope and limitation of covered "critical infrastructure information," and preserved existing whistleblower protections, but the bill still contained unnecessary, overbroad and unwise limitations to access of information. In particular, we and others in the openness community object to a provision that would summarily cut off all public access to any information that the private sector shares with the federal government through the new cybersecurity exchanges created under the bill. This language, which was included to encourage companies to share what could be sensitive information, ignores that there are existing protections for sensitive business and security information under the Freedom of Information Act (FOIA). Furthermore, we continue to say it is bad policy to exempt information from public disclosure before Congress or the public have any idea about the scope and type of information that may be shared is bad policy, and could make it impossible for the public to understand whether the government is taking appropriate steps to protect our nation's cyber-connected infrastructure.