The White House has been in talks with various private sector groups as part of the U.S. government’s plans to craft an Executive Order that would implement parts of the failed Cybersecurity Act 2012, which twice fell short of the required number of votes to be enacted.
Many of the government-led meetings have been with the operators of power plants, water systems, key financial sector assets and other businesses, which would be directly affected by an Executive Order. Top technology innovators, including the Information Technology Industry Council, which represents companies like Apple and Google, had their own sessions, as did public-interest groups including the American Civil Liberties Union and the Center for Democracy and Technology.
Even the U.S. Chamber of Commerce, which remains a hostile opponent to the administration’s plans, met with the President’s chief cyber advisors. Michael Daniel, cyber-security coordinator at the White House, conceded that such an inclusive approach was “highly unconventional” for a measure that will not need to pass before Congress. He added, “Obviously, when you’re talking about critical infrastructure, most of that is owned by the private sector. We do need to do this in a collaborative fashion.”
Any Executive Order would however lack the teeth of a statutory law, since it could only use existing law to foster voluntary security agreements to protect the nation’s critical infrastructures. Neither can it deliver the kind of legal liability protections that many stakeholders sought in the earlier legislation.
Supporters of the Cybersecurity Act 2012 have said they will continue to seek new laws irrespective of the Order. "We still need cyber legislation," Department of Homeland Security Secretary (DHS) Janet Napolitano told the Senate Committee on Homeland Security and Government Affairs in September. "This is something Congress should enact in a comprehensive fashion."
Original Photo Source: Trevor McGoldrick, Flickr.com