Sen. Collins is no fan of the White House’s cyber security executive order

Sen. Susan Collins (R-Maine), co-author of last summer’s failed Cyber Security Act of 2012, reiterated her stance that the White House should hold off on a planned executive order that many analysts expect will authorize near-real time information sharing between private businesses and the government on cyber security threats. "The executive order is a big ...

White House, Pete Souza
White House, Pete Souza
White House, Pete Souza

Sen. Susan Collins (R-Maine), co-author of last summer's failed Cyber Security Act of 2012, reiterated her stance that the White House should hold off on a planned executive order that many analysts expect will authorize near-real time information sharing between private businesses and the government on cyber security threats.

"The executive order is a big mistake," said Collins in response to Killer Apps questions during a panel discussion on cyber security at the Wilson Center in Washington today. "First of all, the executive order cannot grant the liability protections that are needed in order to encourage more participation by the private sector, so the executive order simply cannot accomplish what legislation can. In addition, an executive order is not lasting and it doesn't reflect a consensus by Congress on what should be done."

Sen. Susan Collins (R-Maine), co-author of last summer’s failed Cyber Security Act of 2012, reiterated her stance that the White House should hold off on a planned executive order that many analysts expect will authorize near-real time information sharing between private businesses and the government on cyber security threats.

"The executive order is a big mistake," said Collins in response to Killer Apps questions during a panel discussion on cyber security at the Wilson Center in Washington today. "First of all, the executive order cannot grant the liability protections that are needed in order to encourage more participation by the private sector, so the executive order simply cannot accomplish what legislation can. In addition, an executive order is not lasting and it doesn’t reflect a consensus by Congress on what should be done."

Collins went on to say that she worries that the order will "lull people into a false sense of security that we’ve taken care of cyber security; and the executive order cannot do that."

American Civil Liberties Union Executive Director Anthony Romero chimed in, saying that the ACLU is against the order since it could be used by future administrations to abuse civil liberties. The ACLU supported the Cyber Security Act of 2012 because it limited the government’s ability to collect data about cyber security threats from private companies. The organization had strongly opposed previous cybersecurity bills.   

As for the executive order, "Any action by any occupant of the White House on an executive order that mandates the collection of data across federal agencies worries me," said Romero. "It’s not going to be President Obama forever, and we’ve had President Bush, and when you use executive order powers for good reasons, you’ll find them used and turned right on us for bad reasons."

Romero went on to say that the order is a "misguided" short-term solution to a long-term problem.

The White House’s order is being drafted after Republican senators sank Collins’ White House-backed bill — co authored with Joe Lieberman (I-Ct) — over their concerns that even the minimal cybersecurity standards that it required of privately owned banks, utilities, and other so-called critical infrastructure providers would be stifling to business. The White House will not discuss the order or say when it will be released.

This comes as the Defense Department is working to expand existing programs whereby defense contractors and Internet service providers share and receive information on cyber attacks and threats with DoD and intelligence agencies. Pentagon officials are now working with the Department of Homeland Security to implement similar practices between DHS and critical-infrastructure providers.

When asked why legislation was still needed despite these programs and the executive order, U.S. Cyber Command chief Gen. Keith Alexander said that these programs represent "a great step forward" that offer a glimpse of what could be achieved via legislation.

However, he added, "I believe there still is a need [for legislation]. The Defense Industrial Base Pilot [the name of one of the programs aimed at sharing information between DoD and defense contractors] is a way of exchanging information but not in real time and without liability protection and it’s between the defense" companies and the government at a low classification level. He said, "It doesn’t give us the ability to work with the Internet service providers and allow that to benefit the rest of the critical-infrastructure providers and the rest of government."

One of the key provisions in Collins’ legislation gave private companies protection against being sued for wrongly sharing private citizens’ information with the government in the name of security. Cyber security advocates see this type of liability protection as key to getting private companies to share information on cyber threats.

Collins added that, although she is also in favor of expanding the Pentagon’s current information sharing programs, "there’s no way that it will have the breadth that will be brought about by our legislation."

John Reed is a national security reporter for Foreign Policy. He comes to FP after editing Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007 and 2010, he covered major trends in military aviation and the defense industry around the world for Defense News and Inside the Air Force. Before moving to Washington in August 2007, Reed worked in corporate sales and business development for a Swedish IT firm, The Meltwater Group in Mountain View CA, and Philadelphia, PA. Prior to that, he worked as a reporter at the Tracy Press and the Scotts Valley Press-Banner newspapers in California. His first story as a professional reporter involved chasing escaped emus around California’s central valley with Mexican cowboys armed with lassos and local police armed with shotguns. Luckily for the giant birds, the cowboys caught them first and the emus were ok. A New England native, Reed graduated from the University of New Hampshire with a dual degree in international affairs and history.

More from Foreign Policy

A Panzerhaubitze 2000 tank howitzer fires during a mission in Ukraine’s Donetsk region.
A Panzerhaubitze 2000 tank howitzer fires during a mission in Ukraine’s Donetsk region.

Lessons for the Next War

Twelve experts weigh in on how to prevent, deter, and—if necessary—fight the next conflict.

An illustration showing a torn Russian flag and Russian President Vladimir Putin.
An illustration showing a torn Russian flag and Russian President Vladimir Putin.

It’s High Time to Prepare for Russia’s Collapse

Not planning for the possibility of disintegration betrays a dangerous lack of imagination.

An unexploded tail section of a cluster bomb is seen in Ukraine.
An unexploded tail section of a cluster bomb is seen in Ukraine.

Turkey Is Sending Cold War-Era Cluster Bombs to Ukraine

The artillery-fired cluster munitions could be lethal to Russian troops—and Ukrainian civilians.

A joint session of Congress meets to count the Electoral College vote from the 2008 presidential election the House Chamber in the U.S. Capitol  January 8, 2009 in Washington.
A joint session of Congress meets to count the Electoral College vote from the 2008 presidential election the House Chamber in the U.S. Capitol January 8, 2009 in Washington.

Congrats, You’re a Member of Congress. Now Listen Up.

Some brief foreign-policy advice for the newest members of the U.S. legislature.