Executive Order in the Works to Enact GOP-Blocked Cybersecurity Bill

Still, party members are wanting Obama to take the same route to enact that which Congress has not passed.

Last month, Sen. John D. Rockefeller (D-W.Va.), chairman of the Senate Committee on Commerce, Science and Transportation, asked Obama to consider an executive order "to establish a program to protect critical cyber infrastructure along the lines of the program that we proposed in Title I of the Cybersecurity Act."

That includes the collaboration between the government and private sector cited by McCain in his opposition to moving forward with the bill.

"The program also included incentives for adopting the practices, including protection against liability for punitive damages," Rockefeller wrote. "While a program created through executive action cannot include such incentives, I believe it is critical that we move forward."

Calling the cyberthreat "unprecedented," Rockefeller offered Obama "any assistance as you consider this decision."

Rockefeller received a response last week from John Brennan, assistant to the president for homeland security and counterterrorism, in which he vowed that "following congressional inaction, the President is determined to use existing executive branch authorities to protect our nation against cyber threats."

"Specifically, we are exploring an Executive Order to direct executive branch departments and agencies to secure the nation's critical infrastructure by working with the private sector," Brennan wrote. "...I would note that executive branch actions under existing authorities cannot alter the reality that the United States Government will continue to be hamstrung by outdated and inadequate statutory authorities that the legislation would have addressed."

Today, Sens. Chris Coons (D-Del.) and Richard Blumenthal (D-Conn.) urged the president to move forward with that executive action.

"We remain committed to the passage of this important legislation, and are continuing our efforts to resolve differences regarding the appropriate role of government in the protection of critical infrastructure," they wrote in a letter to Obama. "We write today to stress, however, that the failure of Congress to act should not prevent the executive branch from taking available steps to counter the enormous and growing cyber threat."

"Unfortunately, a sufficient number of Senators remain opposed to the creation of any government standard — advisory or not — out of a concern that a responsible agency might someday use existing regulatory authority to make such a standard mandatory," Coons and Blumenthal added. "...We recognize that an order directing the promulgation of voluntary standards cannot and should not be the final word in cybersecurity."

Late last week Tech Dirt published what it says is an "incredibly vague" leaked draft of the forthcoming executive order, which doesn't delve into how privacy concerns will be protected in tenets including "development of an information exchange framework."