Skip to main content

tv   U.S. Senate  CSPAN  October 27, 2015 10:00am-12:01pm EDT

10:00 am
voluntarily share information about cyber threats and data breaches and grant liability protection to these organizations and institutions. first round coming up in about an hour. morville related votes starting at 4 p.m. including final passage.t live now to the senate floor of the u.s.come t senate. the chaplain: let us pray. sovereign lord, we have heard of your greatness from generation to generation. you sit enthroned in majesty, for your glory covers all the earth. today, bless and sustain our lawmakers and their staffs. may their words and deeds honor you.
10:01 am
lord, guide them in righteous paths that will keep america strong. equip them to conduct the work of freedom with justice and humility. give them contentment that comes from knowing and serving you. guide america, making it a lighthouse for a dark and turbulent world. lord, thank you for being our strength and sh shield. we pray in your great name. amen. the president pro tempore: pleae join me in reciting the pledge f allegiance to our flag.
10:02 am
i pledge allegiance to the flag of the united states of america and to the republic for which it stands, one nation under god, indivisible, with liberty and justice for all. mr. mcconnell: mr. president? the presiding officer: the majority leader. mr. mcconnell: as colleagues have no doubt already noted, a fiscal agreement has been filed that addresses a number of important issues. members currently have the opportunity to review it. i hope they'll take that opportunity. i will certainly have more to say on the matter lately-- excuse me, i'll have more to say
10:03 am
on the matter later, but for now i encourage all of my colleagues to examine the agreement. now, mr. president, on the legislation before the senate today, the challenges posed by intiescyber attacks are reeled d they're growing. they don't just threaten government and businesses, they threaten individuals as well. everyone understands that a cyber attack can be a deeply invasive attack on personal privacy. everyone understands that a cyber attack can be financially crippling. that's why everyone should want to see the bipartisan cybersecurity bill before us today be passed. its voluntary information-sharing provisions are key to protecting the personal information of the people we represent. we also know the bill contains measures to protect civil liberties and individual privacy. it's no wonder the senate voted to advance it by a large
10:04 am
bipartisan vote of 83-14 last week. i want to thank chairman burr and vice chairwoman feinstein of the intelligence committee for their continued hard work on this legislation. we'll consider a number of amendments from both sides of the aisle today. then we'll proceed to a final vote on the underlying bill. i would urge every colleague to join me in voting to protect the personal data, privacy, and property of the american people. now, on one final matter, the obama administration recently published massive energy regulations that won't do a thing to meaningfully affect global carbon levels, won't make a noticeable difference to the global environment. but it will ship more middle-class jobs overseas, it will punish the poor, it will
10:05 am
make it even harder for coal families in states like kentucky to put food on the table. in other words, it's a facts-optional extremism wrapped in callous indifference. senators in both parties are saying enough is enough. we filed bipartisan measures that would allow congress to overturn these two-pronged aggressive religions. -- aggressive regulations. i joined senator heitkamp and capito on a measure that addresses these two-pronged energy sources. together these measures represent a comprehensive solution. colleagues will join me to speak about these resolutions later today. i'm sure they'll say more about the measures we filed and the process easht so associated wit.
10:06 am
what everyone should know is this: the publication of these regulations does not represent an end but a beginning. it is the beginning of a new front to defend hardworking middle-class americans from massive, massive regulations that target them. that front is opening here in congress, and it's opening across the country as states file lawsuits and governors stand up for their own middle-class constituents. the battle may not be short and the battle may not be easy, but kentuckians and hardworking americans should know that i'm going to keep standing up for them throughout this effort. mr. reid: mr. president? the presiding officer: the democratic leader. mr. reid: democrats have long
10:07 am
called for bipartisan action to stop these devastating sequester cuts because they hurt our middle-class and our military. with the agreement that the republican leader has just mentioned, we've done just that. democrats and republicans have come to a responsible agreement to put the needs of our nation above the republicans' partisan agreement. while this tbreament i agreement perfect, it does address priorities that help the middle class and helps us avoid a major threat to jobs and the general economy. the time to do away with the devastating sequester cuts that are harming our middle class and military is not in the future, it's right now. democrats hope to end sequestration for the good of our great country. but our work is not done. i hope that we can continue to work together, democrats and republicans, to pass this legislation and place the priorities of the american people ahead of partisan politics. mr. president, i would ask
10:08 am
unanimous consent that the next part of my statement appear in a separate place in the record. the presiding officer: without objection. vids it wavids itmr. reid: it ws ago this month that secretary panetta warned the united states of a cyber apparel harbor. a cyber pearl harbor would be a cyber attack on our nation's banks, power grid, government, and communications network. if it sounds scary, that's because it is scary. cyber terrorists could potentially bring the united states to its knees. this potentiality is upon us. a catastrophic cyber attack is not far-fetched. ted koppel, the renowned journalist, has written another book, and the author reveals that our nation's power grid is
10:09 am
extremely vulnerable to cyber thrism. -- to cyberterrorism. imagine the toll of these internet capas on your cell phones, whatever phones exist, overwhelmed first respond,an infrastructure system reduced to chaos. now vulnerable is our nation to a cyber attack? the cyber attack of this mag any sued. -- magnitude. janet napolitano in the book that is written as -- as indicated by ted koppel, stated, the likelihood of an tac on our nation's power grid is 80% to 90%. 80-to 90%. craig fugate has had to think about a potential cyber attack. it's his job. listen to his assessment. i quote, "we're not a country to
10:10 am
go without power for a long period of time without loss of life. our systems from water treatment to hospitals to traffic control to all these things that we expect erv every day, our abilio operate without electricity every day is minimal." we had a number of years ago at the direction of senator mikulski, a longtime member of the intelligence committee, a meeting where such an attack was discussed and the implications of it. that was years ago. it was frightening then. it is even more frightening now. but as mr. fugate indicated, the scale of threat the united states faces has been outlined by him. we must do more to protect ourselves against this cyberterrorism. it can be done if our republicans will work with us. democrats tried to pass comprehensive cybersecurity legislation years ago.
10:11 am
what happened? it was filibustered by the republicans p. they wouldn't even let us on this legislation. they wouldn't even allow us to debate the bill. whatever their reasoning, i'm glad that the republicans have finally changed course on this issue and allowed this simple bill to move forward. we support this the legislative effort, but we recognize it is far, far, far too weak. cyberterrorism and cyber attacks are part of today's world. but republicans are denying the seriousness of this, as they're denying that's something to clear to everyone in the world, except my republican senatorial and house members: we have a climate change taking place that's really hurting everybody with rare, rare exception. cyberterrorism and cyber attacks are part of today's world, just like climate change. to not move forward with more comprehensive cybersecurity
10:12 am
legislation and to ignore what's happening in our world dealing with climate change will in the years to come be considered medical -- i'm sorry, will be considered legislative malpractice. and i'm sorry to say, mr. president, legislative malpractice is not on our shoulders. we've wanted for years to do something with climate change. we can't. it's not even something that the republicans will allow us to discuss. we wanted for years to do something with cybersecurity. they've refused to do so. we have a bill before us that's better than nothing, and we support it. but it is far, far, far too weak. mr. president, i see the assistant democratic leader on the floor. would the chair announce, before he talks to us, what we're going to do here today. the presiding officer: under the previous order, the leadership time is reserved. under the previous order, the senate will resume consideration
10:13 am
of s. 754, which the clerk will report. the clerk: calendar number 28, s. 754, a bill to improve cybersecurity in the united states through enhancing -- enhangsed sharing of information about cybersecurity threats and for other purposes. the presiding officer: under the previous order, the time new mexic--the time until 11:00 be you equally divided betweene two leaders or their designees. mr. durbin: mr. president, the debate which we will engage in today on the floor of the senate is really one that parallels the historic debates that have occurred in the course of our nation's history. when a great democracy sets out to defend its citizens and to engage in security, it really is a challenge. can we keep our nation safe and still protect our rights and liberties? that question has been raised. that challenge has been raised time and time again.
10:14 am
it was president abraham lincoln during the civil war who suspended the right of habeas corpus. it was challenged by some as an overextension by the executive branch, but president lincoln thought it was necessary to resolve the civil war in favor of the union. in world war i, the passage of alien and sedition acts raised questions about the loyalty of americans who questioned many of the great issues that were being raised during that war. we certainly all remember what happened during world war ii when even under president franklin roosevelt thousands of japanese-americans were interned because of our - concern about e saifort of the united states. it continuing with acuizations that -- accusations that certain members of congress were
10:15 am
communist sympathizers. we are always going to be faced with that challenge: are we going too far? are we giving too much authority to the government? are we sacrificing our individual rights and liberty and privacy far more than we should to keep this nation safe? and that in fact is the debate we have today. on the most sophisticated new form of warfare: cyber war. cybersecurity is an enormous concern not just for private companies but for every american. data breaches happen almost every day. we read not that long ago that 21 million current -- federal government employees had their record users. t-mobile users in my home state of may have had their information hacked. that's why we need to take steps to improve data security and share cyber threat information.
10:16 am
chairman burr and ranking member feinstein have worked long and hard to put together a bill to encourage private and governmental entities to share potential threat information. this bill has evolved over five years. no one has worked harder in that period of time than my colleague senator senator feinstein of california. senator burr is joining her in this effort. many are skeptical about the bill before us. some have raised those concerns on the floor. but look at the major companies opposing this bill as currently written: apple, i.b.m., microsoft, google, facebook, amazon, a few of the major companies that said they can't support the bill that is on the floor today. they know the bill does not require companies or the federal government to protect private information, personal e-mails, e-mail addresses and more. in fact, this bill preempts all laws that would prevent a company or agency from sharing personal information. i'm encouraged that the managers of this bill have moved in the direction of addressing this
10:17 am
concern. they've limited authorization to share cyber threat information to cybersecurity purposes, a valuable step toward making the bill -- make sure the bill is not used as surveillance. they've included a provision requiring government procedures to notify americans if their information is shared mistakenly by the government. and they've clarified that the authorization to deploy defensive measures or defensive hacking does not allow an entity to gain unauthorized access to another's computer network. there will be other amendments which i think should be included in this bill. i'm a cosponsor of senator franken's amendment to improve the definition of cybersecurity threat and other cyber threat indicators. narrowing this definition from information that, quote, may be a threat to information that is reasonably likely to pose a threat would reduce the amount of potentially personal information shared under the bill. i also urge my colleagues to
10:18 am
support senator wyden's amendment to strengthen the requirement that private companies remove sensitive personal information before sharing cyber threat indicators. again, this amendment would limit the amount of potentially personal information shared under the bill. i support senator coons' amendment to give the department of homeland security time to remove or scrub personal information from the information it shares with other federal agencies. there's simply no need for personal information unrelated to a threat to be shared with law enforcement agencies like the department of justice and n.s.a. these amendments would strengthen privacy protections in the bill much more than the original managers' package. i look forward to working with senators burr and feinstein and others to ensure the final bill addresses our cybersecurity concerns while still protecting privacy, something i know we all want to do. mr. president, i yield the floor.
10:19 am
mrs. feinstein: mr. president? the presiding officer: the senator from california. mrs. feinstein: i note the absence of a quorum. the presiding officer: the clerk will call the roll. quorum call: mrs. feinstein: mr. president? the presiding officer: the senator from california. mrs. feinstein: i ask to vitiate the quorum call and ask that the time be charged equally to both sides. the presiding officer: without objection. is there objection? without objection. mrs. feinstein: i suggest the absence of a quorum. the presiding officer: the clerk will call the roll. quorum call:
10:20 am
the presiding officer: the senator from north carolina. mr. burr: mr. president, i ask unanimous consent to vitiate the quorum call. the presiding officer: without objection. mr. burr: mr. president, shortly we'll once again begin the process on the cybersecurity bill. we'll start votes hopefully right at 11:00.
10:21 am
we'll try to work through five amendments this morning, return this afternoon with a short period of debate and once again at 4:00 we will take up five additional votes, or possibly four, and be at a point where we could conclude this legislation. let me say to my colleagues that the united states senate has tried for now several years to bring cybersecurity legislation to the senate floor and find the will to pass it. with the work of the vice chairman, we have been able, i think, to succeed in that, along with a 14-1 vote out of the committee showing tremendous bipartisan support, thousands of businesses and almost 100 organizations around the country that are supportive of the bill. but more importantly, in the
10:22 am
last several days the support of "the wall street journal," "the washington post," not necessarily publications that chime in on the need for certain pieces of legislation off this floor, but in this particular case two publications that understand the importance of cybersecurity legislation getting signed into law. this is the first step, conferencing with the house will come shortly after. and i'm proud to say that we already have legislation that the white house says they are supportive of. so i think we're in the final stretches of actually getting legislation in law that would voluntarily allow companies to partner with the federal government when their systems have been breached, when personal data is at risk. so i still say today to those
10:23 am
folks both in this institution and outside this institution that are concerned with privacy, i think the vice chairman and i have bent over backwards to accommodate concerns. some concerns still exist. we don't believe that they're necessarily accurate, and that only by utilizing this system will in fact we understand whether we have been deficient anywhere. there's also, mr. president, several companies that are not supportive of this bill, and they have every right to be. i will say this, that from the beginning we committed to make this bill voluntary, meaning that any company in america, if they, their systems are breached, could choose voluntarily to create the partnership with the federal government. nobody's mandated to do it.
10:24 am
and so i speak specifically to those companies right now. you might not like the legislation, but for goodness sakes, do not deprive every other business in america from having the opportunity to have this partnership. do not deprive the other companies in this country from trying to minimize the amount of personal data that's lost because there's been a cyber attack. do not try to stop this legislation and put us in a situation that we ignore the fact that entire attacks are going to happen with greater frequency for more individuals and that the sooner we learn how to defend our systems, the better off personal data is in the united states of america. so this is a huge deal. the vice chairman and i have from day one said to our members we will entertain any good ideas
10:25 am
that we think strengthen the bill, and on both sides of the aisle we've said to members, if this breaks the agreement that we have for the support we need, because they don't believe that the policy is right, then we will lock arms and we will vote against amendments. we have about eight amendments today. the majority of those we will do that on. i am proud to tell my colleagues that during the overnight and this morning we will announce today that we have taken care of the flake amendment with a modification. we're changing the sunset on the legislation to ten years, and we will accept the flake amendment on a voice vote later this morning. we continue even at this last hours to try to modify
10:26 am
legislation that can be agreed to on both sides of the aisle. but more importantly, do not change the delicate balance that we have tried to legislate into this legislation. so, mr. president, i'm sure members will come down over the next 35 minutes, but at this time i would like to yield the floor so that the vice chairman can seek time. mrs. feinstein: mr. president? the presiding officer: the senator from california. mrs. feinstein: thank you, mr. president. i want to begin by thanking the chairman for his work on the bill. for me, this has been a secure effort, and it hasn't been easy. and it hasn't been easy because what we've tried to do is strike a balance and make the bill understandable so that there would be a cooperative effort to share between companies and with the government. last thursday the senate showed its support for moving forward
10:27 am
with two strong votes. we had a vote of 83-14 to invoke cloture on the substitute amendment showing that there is in fact deep bipartisan support for moving significant legislation to the president's desk. to that end, i'd like to ask unanimous consent that editorials from the two major united states newspapers be inserted into the record. the presiding officer: without objection. mrs. feinstein: thank you, mr. president. the first is from "the washington post" dated october 22 entitled "the senate should take a crucial first step on cybersecurity." and the second is in today's "wall street journal." it's entitled "a cyber defense bill at last: data sharing can improve security and consumer privacy." i also note the endorsement from secretary jeh johnson on october 22. mr. president, i've been
10:28 am
privileged to work with our chairman. we have really tried to make a bill balanced. we've tried to make it understandable to private industry so that companies understand it and are willing to cooperate. this bill will allow companies and the government to share information voluntarily about cyber threats and the defensive measures they might be able to implement to protect their networks. right now the same cyber intrusions are used again and again to penetrate different targets. that shouldn't happen. if someone sees a particular virus or harmful cyber signature , they should tell others so they can protect themselves. that's what this bill does. it clears away the uncertainty and the concerns that keep companies from sharing this information. it provides the two competitors
10:29 am
in a market can share information on cyber threats with each other without facing antitrust suits. it provides that companies sharing cyber threat information with the government for cybersecurity purposes will have liability protection. as i've said many times, the bill is completely voluntary. if a company doesn't want to share information, it does not have to. today we will vote on up to seven amendments. as late as this morning, senator burr and i have been working to see if we can reach agreement to accept or voice vote some of them, and i hope these discussions will be successful. however, i remain in agreement with the chairman that we will oppose any amendments that undo the careful compromises we have made on this bill. over the past ten months we have
10:30 am
tried to thread a needle in fact to draft a bill that, as i said, gives the private sector the assurances it needs to share more information while including privacy protections to make sure that americans' information is not compromised. and i might say, i season the floor the rank -- i see on the floor the ranking member of the homeland security committee, the senator from delaware. and i wont want to thank for all you've done. several of today's amendments would undo this balance. senators wyden, heller, and franken have amendments that would lead to less informatio information-sharing. each of them would replace clear requirements that are understood
10:31 am
by the companies that are now in the bill on what a company or a government must do prior to sharing information with a new subjective standard that would insert the concern of legal liability. i would offer to work with you, senators and others, as the bill moves forward and hopefully goes into conference to see if there is a way to achieve their goals without interfering with the bill's goal of increasing information-sharing. senator leahy's amendment would similarly decrease the amount of sharing by opening up the chances of public disclosure through the freedom of information act of cyber threats shared you understand under this bill. while the bill seeks to share information about the nature of cyber threats and suggestions on how to defend networks, this
10:32 am
information should not be made widely available to hackers and cyber criminals who could use it for their own purposes. senator burr and i worked closely with senators leahy and cornyn in putting together the managers' package to remove a foia exemption that they viewed as unnecessary and harmful. i'm pleased we were able to reach that agreement. however, the foia exemption that remains in the bill is needed to encourage companies to share this information, and i would oppose this amendment. the president has an amendment on the other side of the spectrum, which i will also strongly oppose. this amendment would basically undo one of the core concepts of this bill. instead of requiring cyber information to go through a single portal at the department
10:33 am
of homeland security, it would allow companies to share cyber information directly with the f.b.i. or the secret service and still provide full liability protection. this change runs afoul of one of the most important privacy protections in the bill, which was to limit direct sharing of this cyber information with the intelligence community or with law enforcement. in other words, everything went through the portal first, where it would receive an additional scrub to remove aniry sid wail personal -- any residual personal information and then go to the respective departments. in this way, the privacy is kept by not being able to misuse the bill to provide unrelated information directly to
10:34 am
departments. if there is a crime, companies should be able to share information with law enforcement. i agree with that. but that's not what this bill is about. this bill is about sharing cyber information on threats so there can be greater awareness and better defenses. when there is a cybercrime and law enforcement is called in, we're talking about very different information. when the f.b.i. investigates, it takes entire databases and servers, it looks at everything far, far beyond the cyber information that could be lawfully shared in this act. so sharing with the f.b.i., outside of the d.h.s. portal, may be appropriate in certain cases but not as a parallel option for cyber threat information. in fact, our bill already makes
10:35 am
clear in section 105(c)(e)that it does not limit or prohibit lawful disclosures of communications records or other insertion including reporting of known or suspected criminal activities. -- end quote. i would just refer you to this chart which quotes section 105(c) and, mr. president, says exactly that. so this amendment would undo the key structure of this bill. the central portal for sharing information located at the department of homeland securit,e ability of the government to effectively manage all the cyber information it receives. so i will o oppose this amendmet
10:36 am
and urge my colleagues to do the same. mr. president, i very much appreciate that the senate will complete its consideration of this bill today. we still have a long way to go. we have to conference the house bill with our bill, and i want to make this offer -- and i know i think the speak for the chairman as well -- that we're happy to work with any member as we go into conference. but i hope we can complete these last few votes without upsetting the careful negotiations and compromise that we have been able to reach. again, i want to thank the chair. i yield back the balance of my time. i yield the floor. the presiding officer: the senator from delaware. mr. carper: let me just ask a question through the chair. when senator feinstein yielded back the balance of her time, was she controlling all 25 minutes on the democratic side?
10:37 am
and did she just yield that back? the presiding officer: the chair understood the senator to yield the floor. seven minutes remain. mr. carper: we have seven minutes out of our 25? the presiding officer: yes. mr. carper: mr. president, if i could be recognized, please. the presiding officer: without objection. mr. carper: six years ago, senator feinstein, you along with senator collins, joe lieberman, jay rockefeller offered the first comprehensive bill dealing with information-sharing. we had a vote in late-2012, came up short and started all over again in the last congress. you've shown great leadership from the start. i want to thank you. i have been joined on the floor by senator burr.
10:38 am
i want to thank you for cooperating with us and with others to make sure we have not just a good bill but a really good bill that addresses one of the greatest challenges we face today in this country of ours. the -- i've heard senator feinstein say it time and again. if companies don't want to share information with the federal government rkt the, they don't . in some cases they can form their own groups. they don't have to share information on -- attacks with the federal government. they can share it with other pierpeers if they wish to. imbut if they do, we ask that it be shared with the homeland security because the department of homeland security is set up in large part to provide a privacy scrub. we'll have next month the ability when these threat indicators come through reported by other businesses across the country, come through the portal at d.h.s., d.h.s. has the ability in real-time, in
10:39 am
real-time to be able to scrub that information and remove from it personally identifiable information that should not be shared with other federal agencies and, like that, bingo, we're off to the races. it is a smart compromise and it is one that i'm pleased to be able to work it out with senators burr and feinstein and their staffs. i want to thank both their staffs and ours as well. we literally took legislation out of the department of homeland security -- the committee on homeland security and governmental affairs and it's been appended -- i think it's title 2 of the managers' amendment. i think the entire title 2 of the managers managers' amendmen. one piece of it is einstein, not to be confused with albert einstein. but we have something called einstein 1, einstein 2, and einstein 3. what do they mean? it means that we're going to use these tools. we're going to update and
10:40 am
modernize those tools to, number one, record intrusions; number two, be able to detect bad stuff coming through into the federal government; and number three block it -- block t and we're going to make sure that it's not just something that is on a piece of paper but that they are actually we require the federal agencies, 100% of the federal agencies, not 50%, not 25%, 100% to use those new tools. we've also included in that legislation some legislation that senator johnson and i worked on that would make better -- ensure that we use tools, including encryptioning encrypte the number of processors we have available to us to better protect our information. and the last thing that i would mention, senator collins, who used to be a leader as the chair of the homeland security for years, she had an amendment -- she and others have worked on
10:41 am
llings that wlegislation that wl of what we report out of the committee. together it is a very robust defender of our dot-gov domain. i want to go back to the last congress. tom coburn, who has since left us, worked to do three things to protect the department of homeland security. when i was growing up, i remember seeing ads in a magazine about some guy at the beach kicking sand on a smaller guy and the smaller guy in this case would have been the department of homeland security with respect to their ability to really provide robust defense against cyber attacks. and if i could use that cartoon as an analogy, five, six years ago the department of homeland security was a 98-pound weakling. it is no weakling anymore.
10:42 am
legislation that dr. coburn and i offered passed here to, one, say that the cyber op center is real, we're standing up. we're making it real and robust. number two, the act which was just a paperwork exercise and it was like a once-a-year check to make sure our cyber defenses were secure, we're transforming that into a 24/7, round-the-clock operation legislation called fsma. we make clear what the job of the department of homeland security is clear. for years the department of homeland security has trained cyber warriors. just when they get to be good, they get hired away, because they can't retain them. they couldn't provide bonus oz. we got make sure we've got some of the best cyber warriors working in the department of homeland security. now they've got is that
10:43 am
authority. what we have done is moved the needle. we have move the needle with the passage of this legislation. there's going to be some discussion later on on amendments. there are a umconfirthere are ar me that are troubling. we'll look at them as we go through. but a couple of them are really -- really set this legislation back and i'll be very strong in opposing them. having said that, we've heard the old saying, i'm tired of -- tired of saying it, don't let the perfect be the enemy of the good. this legislation that is gotten better every step of the way because of the willingness of our ranking member and chairman to collaborate. i would say the two c's are working here. communicate, collaborate. we should work out and pass this bill. thanks so much.
10:44 am
mr. heller: mr. president? the presiding officer: the senator from nevada. mr. heller: mr. president, i, like everyone else in this chamber, realize the need to address the threat of cyber attacks. the impact of these attacks is a matter of individual financial security as well as america's national security. but i contend that these efforts must not interfere with the american privacy and not doing so, the cure, which is this piece of legislation, is worse than the problem. i've said it before and i'll continue saying it: privacy for nevadans is nonnegotiable. nevadans elected me in part to uphold their civil rights and their liberties and that is what i am here on this floor doing today. which is why i fought for
10:45 am
passage of the u.s.a. freedom act. that's why i offer my amendment being considered here on this floor this given day. hundreds of nevadans have reached out to my office expressing concern about the cybersecurity information sharing act. saying it didn't do enough to safeguard their personal information. also tech companies including google, apple, microsoft, oracle all expressed the same concerns about privacy under this piece of legislation. so it is our responsibility in congress to listen to these concerns and address them before allowing this piece of legislation to become law. i recognize the chairman of the intelligence committee does not support my amendment and has been encouraging our colleagues to oppose it. with respect, however, i believe that my amendment has common
10:46 am
sense and a middle ground amendment. it ensures that we strike an appropriate balance, but it guarantees privacy but also allows for realtime sharing of cyber threat indicators. my amendment would simply require the federal government, before sharing any cyber threat indicators, to strip out any personally identifiable information that they reasonably believe is not directly related to a cybersecurity threat. this standard creates a wide protection for americans' personal information. furthermore, it also improves the operational capabilities of this cyber-sharing program. d.h.s. has stated they are removing more personally identifiable information before sharing will help the private sector meaningfully digest that information as they work to combat cyber threats. again, i respect what chairman burr and ranking member
10:47 am
feinstein are trying to do here, which is why i carefully crafted this amendment to meet the needs of both sides, those fighting for privacy and those fighting for our national security. i'd like to take a moment to address the concerns expressed by the chairman who has argued that this amendment is a poison pill for this piece of legislation. i want to be clear, this amendment is not creating legal uncertainty that would delay the sharing of cyber threat indicators. in fact, the term reasonably believes is used as the standard for the private sector in the house-passed cyber bill. let me repeat that: this phrase "reasonably believes" is the standard applies to the private sector in the house-passed bill. our counterparts on the house intelligence committee felt that this standard was high enough to protect privacy while also meeting the goal of the bill, which is realtime sharing.
10:48 am
this standard is good enough for the private sector, then it should be good enough for the federal government. just six months ago the chamber of commerce released a strong statement of support and praise for the house-passed cyber legislation. not once did they release statements of concern over using the term "reasonably believes" as it applies to the private sector. the industry which they represent. mr. president, i ask again, if it's good enough for the private sector, shouldn't it be good enough for the federal government? finally, i'm proud to have the support of two of the senate's leading privacy advocates: senator leahy and senator wyden, who have been fighting with me to make key changes to this bill to maintain americans' rights. i strongly urge mile colleagues today to vote in support of my simple fix. let's keep our oath to the american people to make this bill stronger for privacy rights
10:49 am
and civil liberties. thank you, mr. president. i yield the floor. a senator: mr. president? the presiding officer: the senator from oregon. mr. wyden: i would ask unanimous consent after chairman burr has spoken for two minutes. the presiding officer: is there objection? without objection. mr. burr: mr. president? the presiding officer: the senator from north carolina. mr. burr: mr. president, i want to say to my colleague, senator heller, you know, i wish we could accommodate all eight minutes, and the fact even a word here or there changes of balance of what senator feinstein and i have tried to put together. though on the surface it may not look like a big deal -- and i understand you've got two competing bills that were passed in the house and one has the
10:50 am
language. and the fact is that our language for the entirety of the bill does not match the house bill. so when you change something, we've got to look at the cause and effect of it. here are the realities. this is a voluntary bill, so i'll start backwards with some things senator heller said. technology companies opposed to it. they are. i can't do anything about that. but i can plead with them, why would you deprive thousands of businesses who want to have a partnership with the federal government from having it because you have determined for your business, even though you're a large holder of personal data, that you don't want to partnership with the federal government. i would suggest the first day they get penetrated, they may find that partnership is worthy. but i can't change where they are on the legislation. and the reality is that for a
10:51 am
voluntary bill, it means that there has to be a reason for people to want to participate. uncertainty is the number-one thing that drives that away, and the change that the senator proposes, we believe, provides that degree of uncertainty, and, therefore, we would not have information shared either, one at all, or two, in a timely fashion. if it's not shared in a timely fashion, then we don't reach the real time transfer of data which gives us the basis of minimizing data loss in this bill. so, i think it's easy to look at certain pieces of of the bill and say, well, this doesn't change it that much, but it changes it in a way that would cause either companies to choose not to participate or it may change it in a way that delays the notification to the federal
10:52 am
government. therefore, we're not able to accomplish what we set out to in the mission of this bill, which is to minimize the amount of data that's lost not just at the company but across the u.s. economy. so i -- again, i urge my colleagues. we will move to amendments shortly. we'll have an opportunity to debate for one minute on each side on those amendments. i would urge my colleagues to keep this bill intact. if we change the balance of what we've been able to do, then it changes the effects of how this will be implemented and in fact we may or may not at the end of the day -- a senator: would the chairman yield time so i can respond to his comments? mr. burr: i'd be happy to. mr. heller: thank you. i appreciate everything that you do, and i understand the importance of fighting against cyber attacks. i want to make two points, clarify two points that i think are very important. this language in this bill is the same standard that the
10:53 am
private sector is held to in the house-passed bill. and the chamber had no problem, had no problem, six months ago when that bill was passed out of the house of representatives. so i continue to ask the question, if it's good enough -- if this language is good enough for the private sector, why isn't it good enough for the public sector, for the federal government? and a second thing, i believe that my amendment does strike a balance. increasing privacy but still providing that realtime information sharing. mr. chairman, thank you. i just wanted to make those two points. i believe that's the essence of this amendment. thank you. mr. burr: i appreciate the senator's input. i can only say to my colleagues, it is the recommendation of the vice chair and i that this not be supported, that it does change the balance, that it puts uncertainty in the level of participation. and any delay from realtime would in fact mean that we wouldn't have lived up to the
10:54 am
mission of this bill, which is to minimize data loss. i think, though, there are similarities between the house and senate bills are structured significantly different. therefore, it has a different implication when you change certain words. with that, i would yield the floor. mr. wyden: mr. president? the presiding officer: the senator from oregon. mr. wyden: before he leaves the floor i want to commend my colleague from nevada. mr. president and colleagues, the first vote that we will have at 11:00 is on my amendment 2621. this amendment, colleagues, is supported by a wide variety of leaders across the political spectrum, progressive voices that have focused on cybersecurity and privacy as well as conservative organizations. freedom works, for example, an important conservative organization, announced last night that they will consider the privacy amendment that i
10:55 am
will be offering. it will be the first vote, a key vote on their congressional score card. and it was the view of freedom works that this amendment, the first vote, would add crucial privacy protections to this legislation. the point of the first amendment we'll vote on, mr. president, is to strengthen privacy protections by requiring that companies make reasonable efforts to remove unrelated personal information about their customers before providing data to the government. it says that companies should take these efforts to the extent feasible. and let me just describe, mr. president, that this really offers a great deal of flexibility and discretion to companies. it certainly doesn't demand perfection, but it does say to these companies that they should actually have to take some real
10:56 am
responsibility, some affirmative step. and we'll have a chance, i guess, for a minute or so when we get to the amendments. but for purposes of colleagues reflecting before we start voting, the first amendment that i will be offering is backed by important progressive organizations like the center for democracy technology, and conservative groups like freedom works who last night said that this was a particularly important vote with respect to liberty and privacy. and it just says that with respect to the standard for american companies that you just can't hand it over. you've got to take some affirmative steps. reasonable, affirmative steps before you share personal information. with that, mr. president, i yield the floor.
10:57 am
mr. burr: mr. president? the presiding officer: the senator from north carolina. mr. burr: mr. president, we're going to go to these amendments and we'll have five amendments this morning. and possibly up to five this afternoon, starting at 4:00. i want to take this opportunity, mr. president, there are two pending amendments that are not germane and i ask consent that it be in order to raise those points of order en bloc at this time. the presiding officer: objection? without objection. mr. burr: mr. president, i make a point of order that the whitehouse amendment number 2626 and the mikulski amendment 2597 are not germane to the amendment number 2716. the presiding officer: the points of order are well taken and the amendments fall. mr. burr: thank you, mr. president. mr. president, i want to take this opportunity before we start
10:58 am
this final process to thank the vice chairman. she has been incredibly willing to participate even when we started in a different place than we ended. she brought to the table a tremendous amount of experience on this issue because of the number of years she had worked on it. and she was very accommodating on areas that i felt were important for us to either incorporate or at least debate. and what i really want to share with my colleagues is that we had a -- we had a wholesome debate inside the committee. it was wholesome before it even came to the presiding officer or to senator wyden, that the vice chair and i had ourselves, and our staffs.
10:59 am
and that's good. and it's why some of the members might have, in committee, said, gee, this looks like a good amendment. yet, it didn't fit within the framework of what the vice chair and i sat down and agreed to. so this has been a process over a lot of months of building support not just within this institution, but across the country. and it's not a process where i expected to get to the end. and for there to be nothing but endorsements of the legislation, i've never seen a piece of legislation that achieved that coming out of the united states senate. but i think the vice chair and i believed when we actually put legislation together that we were on the same page. and the fact is that it's important that today we're again still on the same page, that we have stuck there. and i thank the vice chairman for that. i also want to thank senator johnson and senator carper, the chairman and the ranking member
11:00 am
of the homeland security committee. they have been incredibly helpful and incredibly accommodating, and we have tried to incorporate everything that we thought contributed positively to this legislation. and and they were huge contributors. and lastly, mr. president, let me just say to all of my colleagues that it's tough to be put in a situation by the vice chair and myself where we've got members on both sides that are going to offer amendments. and i understand that those amendments to them are very reasonable, and i would only ask my colleagues to understand the situation that the vice chair and i are in. we have negotiated a very delicately written piece of legislation, and any change in that that's substantive we feel might in fact change the outcome of what this bill accomplishes.
11:01 am
so we will have amendment votes this morning. one of those amendments, senator flake's amendment, overnight we were able to negotiate a change in the sunset provision to 10 years. we will modify that on the floor and accept it by voice votes. the others will be recorded votes. with that, madam president, i yield the floor. the presiding officer: under the previous order, the question occurs on amendment number 2621 offered by the senator from oregon, mr. wyden. there are two minutes of debate equally divided. mr. wyden: mr. president? the presiding officer: the senator from oregon. mr. wyden: virtually all agree that cybersecurity is a serious problem. virtually all agree that it is useful to share information. but sharing information without robust privacy standards creates as many problems as it may solve. the first amendment that i'm offering is supported by a wide
11:02 am
variety of organizations across the political spectrum because they want what this amendment would do, and that is reasonable efforts have got to be made to strike unrelated personal information before it's handed over to the government. without it, you have a flimsy standard, which says, when this- when in doubt, hand it over. so i urge colleagues to support this amendment. it's backed by progressive groups and conservative groups. and i would ask at this time, madam president, unanimous consent to add senator warren as a cosponsor to my amendment and ask unanimous consent that freedomworks, a leading conservative voice on these issues, that their letter in support be added in the record as well. the presiding officer: without objection, the senator's time has expired. the senator from california. mrs. feinstein: madam president, i rise to oppose the amendment. this amendment would replace a
11:03 am
key feature of the underlying bill. right now under section 104(d) of the bill, a company is required to conduct a review of any information before it's shared and remove any personal information that is not -- quote -- "directly related to a cybersecurity threat." senator wyden's amendment, well-intentioned, would replace that review with a requirement that a company must remove personal information -- quote -- "to the extent feasible" -- and there's the rub. this is a very unclear requirement. in this bill, we are trying to provide clarity on what a company has to do so that it's understandable. companies understand what it means to conduct a review, to see whether there is personal information and then strip it out. they don't know what may or may not be feasible, and they worry
11:04 am
that this lack of clarity could create the risk of a lawsuit or the current -- where the current language does not. therefore, i ask my colleagues to join with me in voting "no" on the wyden amendment. the presiding officer: the question is on the amendment. mr. burr: i ask for the yeas and nays. the presiding officer: is there a sufficient second? there appears to be. the clerk will call the roll. vote:
11:05 am
11:06 am
11:07 am
11:08 am
11:09 am
11:10 am
11:11 am
11:12 am
11:13 am
11:14 am
11:15 am
11:16 am
11:17 am
11:18 am
11:19 am
11:20 am
11:21 am
11:22 am
11:23 am
11:24 am
11:25 am
11:26 am
11:27 am
11:28 am
11:29 am
11:30 am
11:31 am
11:32 am
11:33 am
the presiding officer: are there any senators in the chamber wishing to vote or wishing to change their vote? if not, the yeas are 41, the nays are 55 and the amendment is not agreed to. under the previous order, the question occurs on amendment number 2548, offered by the senator from arizona, mr. heller. there are two minutes of debate equally divided. mr. heller: madam president? madam president? the presiding officer: the senator from nevada. mr. heller: madam president, thank you. and the chairman has stated on this piece of legislation that it has privacy protections but i don't believe it goes far enough or we wouldn't be in this chamber vote after vote after vote trying to move this so that
11:34 am
there is some personal privacy and so that there are some liberties that are protected. this amendment in front of us right now, madam president, is a commonsense middle ground approach that strengthens the standards for the federal government removing personal information prior to sharing it with the private sector. i want to leave my colleagues with two points. this is the same standard that the private sector is held to in the house-passed bill, supported by the chamber. if it's good enough -- if this bill -- if this amendment is good enough for the private sector, the question is, is why isn't it good enough for the federal -- for the federal sector or the government? and, two, my amendment strikes a balance between increasing privacy but still providing for realtime information sharing. madam president, thank you. i urge my colleagues to support this amendment, and i yield the floor. mr. burr: madam president? the presiding officer: the senator from north carolina. mr. burr: madam president, the senate's not in order. the presiding officer: the
11:35 am
senate will be in order. the senate will be in order. mr. burr: madam president, senator feinstein and i have tried to reach a very delicate balance. we think we've done that. and senator heller raised one specific issue. he said that the chamber is supportive of the language. let me just read. the chamber opposes senator heller's amendment for much the same reason that we oppose comparable amendments being offered. it says the difficulty with seemingly simple tweaks in wording is that interpreting language such as "reasonably believes" and "reasonable efforts" in legislation is far from simple. it would create legal uncertainty and is contrary to the goal of realtime information sharing. the chamber will press to maintain nose as a standard. hopefully that will share some
11:36 am
texture with my colleague about how difficult this has been. and, as i said earlier, i'd love to accept all the amendments. but when it changes the balance of what we've been able to put, when you take a voluntary bill and you provide uncertainty, you've now given a reason for either companies not to participate or for the government to delay the transmission to the appropriate agencies. the presiding officer: senator's time has expired. mr. burr: burr: we believe we he right protections if place. i urge my colleagues to defeat the heller amendment. i yield the floor. the presiding officer: the question is on the amendment. a senator: yawz and nays -- yeas and nays. the presiding officer: is there a sufficient second? there appears to be. the clerk will call the roll. vote:
11:37 am
11:38 am
11:39 am
11:40 am
11:41 am
11:42 am
11:43 am
11:44 am
11:45 am
11:46 am
11:47 am
11:48 am
11:49 am
11:50 am
11:51 am
11:52 am
11:53 am
11:54 am
11:55 am
the presiding officer: are there any senators wishing to vote or wishing to change their vote? if not, the yeas are 47, the nays are 49, and the amendment is not agreed to. under the previous order, the question occurs on amendment numbered 2587, offered by the senator from vermont, mr. leahy. the democratic leader. the senate will be in order. the senate will be in order.
11:56 am
mr. reid: madam president? the presiding officer: the democratic leader. mr. reid: i would ask that my remarks be under leader time. the presiding officer: without objection. mr. reid: mr. president, today my friend and colleague, pat leahy, has reached another milestone in an extraordinary career. he just cast his 15,000th vote. that's remarkable. he's only the sixth senator in the history of this great body to have done that. in 226 years, he is one of six. today's momentous occasion should come as no surprise because his entire career in public service has been history making. he graduated st. michaels college, which is a vermont institution, graduated georgetown university law center. he was first appointed as the state's attorney when he was 26
11:57 am
years old. he was then re-elected on two separate occasions. during that time, pat leahy was a nationally renowned prosecutor. in 1974, his last as state attorney, he was selected as one of the three most outstanding prosecutors in america. at age 34, pat became the first democrat in u.s. history to be elected to the senate from vermont. after he was elected, the republican senator he was to succeed, george aken, was asked to resign his seat a day early which you could do in those days to give senator leahy a head start with his fellow freshmen. here is what the senator said -- a firm that is foolish enough to elect a democrat, let him be number 100. unquote. senator leahy's career has proven the people of vermont were wise in selecting him. from number 100, senator leahy
11:58 am
over time has ascended to the rank of president pro tempore of the senate. senator leahy has spent his four decades here in the senate fighting for justice and equality. as the chairman of the judiciary committee, he's become a national leader of the independent judiciary, promotion of equal rights and protection of our constitution. his main focus, though, has always been vermont. he carries with him a picture of that, he calls it his farmhouse on lots and lots of acres. it looks like a picture out of a -- trying to get somebody to come and stay at your place. it's just beautiful. it doesn't remind me of the desert, but it's beautiful. over the years, he's done everything he can to protect the state's natural beauty, the resources, land of the water through conservation efforts. when people visit vermont, they see these beautiful green vistas, pristine lakes and
11:59 am
rivers, picturesque farms. senator leahy has worked hard to keep vermont that way. senator leahy has done everything in his power to promote agriculture in his home state. former chair of the agriculture committee. i can remember what he's done to protect the dairy industry. it's legend what he's done to protect the legend -- the dairy industry. we all remember holding up the senate for periods of time until he got what he wanted for dairy. he wrote the organic food production act of 1990 which helped foster vermont and america's growing organic food industry. today organic food is a $40 billion industry. many of those organic farms and businesses are based in vermont. after tropical storm irene, we all remember -- i remember graphically his fighting for the state of vermont. that storm devastated parts of vermont. roads were under water for weeks. he helped secure $500 million in assistance for the people of vermont to overcome a brutal
12:00 pm
natural disaster. i'm fortunate to be able to have served with pat leahy here in the senate. he's more than a colleague. he really is a dear friend. his wife of 52 years, marcel, my wife and i know well. we have helped each other through our times of joy and our times of travail. they have three children and five grandchildren and pat in a moment alone will start telling you about them. senator leahy, congratulations on your 15,000th vote as a united states senator. [applause] the presiding officer: the majority leader. mr. mcconnell: as


info Stream Only

Uploaded by TV Archive on