[Congressional Record Volume 158, Number 115 (Tuesday, July 31, 2012)]
[Senate]
[Pages S5705-S5724]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]
CYBERSECURITY ACT OF 2012--Continued
The PRESIDING OFFICER. The Senator from Maryland.
Ms. MIKULSKI. Mr. President, I am so glad the Presiding Officer is in
the chair while I am making these remarks. I wish to salute the
Presiding Officer for his service in the Senate and his service to the
Nation. One knows he is a member of the U.S. Marine Corps although he
no longer wears the uniform. I believe once a marine, always a marine.
And his service in Vietnam and to the Nation as Secretary of the Navy
is well known and well appreciated. The Presiding Officer has served as
a marine in the Marine Corps and as Secretary of the Navy and now in
the Senate as a Member of the Democratic Party. The Presiding Officer
really serves the Nation.
I come to the floor today to talk about cyber security and the need
to pass cyber security legislation this week, in this body. And I come
to the floor not as a Democrat, I come to the floor as a patriot.
I say to my colleagues in the Senate that this week, on this floor,
the Senate has a rendezvous with destiny. We have pending before us
cyber security legislation, a framework to protect critical
infrastructure of the dot-com world against cyber attacks from those
who have predatory, hostile intent to the United States of America. We
are bogged down. We are not moving. We are once again following what
has become a usual pattern in the Senate: when all is said and done,
more is going to get said than gets done.
But I say to anyone listening and anyone watching, we cannot let that
happen. The United States of America is in danger. And this danger is
not something in the future. It is not something written in science
fiction books. This is not the wave that is going to come. It is
happening right now in cyber attacks on our banking services, our
personal identity, our trade secrets, and things I will talk about
more.
The naysayers here say: We can't pass this bill because it will be
overregulation and it will lead to strangulation, and, oh my gosh, we
can't ask the private sector to spend one dime on protecting itself.
Well, I respect healthy criticism, but let me say to my friends,
because I want them to know that if anything happens to the United
States of America--if the grid goes down, if NASDAQ goes down, if our
banking system goes down, if we will not be able to function because
the streetlights won't be on and we won't be able to turn the
electricity on--I will tell you what will happen. Once again,
politicians will overreact, we will overregulate, and we will
overspend.
In a very judicious, well-thought-out, well-discussed process, we
could come up with a legislative framework that would defend the United
States of America and at the same time balance that sensible center
that another great patriot, Colin Powell, calls us to do: Always look
for the middle ground while we look at where we want to go.
There is a cyber war, and I want everybody to know about it. Cyber
attacks are happening right now. Cyber terrorists are thinking every
single day about attacking our critical infrastructure. There are
nation states that want to humiliate and intimidate the United States
of America and cause catastrophic economic destruction. How do they
want to do it? They want to take over our power grids. They want to
disrupt our air traffic control. They want to disrupt the financial
functioning of the United States of America. Cyber spies are working at
breakneck speed to steal many of our state secrets. Cyber criminals are
hacking our networks. So what are we talking about in this bill? We are
talking about critical infrastructure.
Now, I am a Senator from Maryland, and the Presiding Officer is a
Senator from Virginia. Does he remember that freaky storm a couple
weeks ago? Remember Pepco? Oh, boy. I still have my ears ringing from
my constituents calling about Pepco. I can tell you what it was like in
Baltimore when that freaky storm hit. You couldn't get around when the
stoplights were down. It was like the Wild West getting around. You
could go into stores--if they were open--and nothing functioned. The
lights weren't on. The refrigeration was off. Businesses were losing
hundreds of thousands, if not millions of dollars. There were families,
like a mother with an infant child and another child, with no
electricity for 5 days who went to hotel rooms.
Now, they want to talk about this bill costing too much money? Just
look at what it cost the national capital region of the United States
of America because of a freaky storm.
It took us 5 days to get the utilities back on because of the utility
company, but what happens if our destiny is outside of our control, if
cyber terrorists have turned off the lights in America and we can't get
them turned back on? It is going to cost too much? Wait until this kind
of thing happens. I don't want it to happen, and we can prevent it from
happening, and we can do it in a way that understands the needs of
business.
I want to understand the needs of small business, but I sure
understand the needs of families.
For those who say it is going to cost too much and they have the
concerns of the chamber of commerce, fine. I don't want to trash-talk
them. My father owned a little neighborhood grocery store. I know what
it is like when the electricity goes down. My father lost thousands of
dollars because the frozen food melted, lost thousands of dollars when
we had a freaky storm because of the refrigeration and his meats and
produce went bad. My father lost thousands of dollars years ago in a
freaky storm.
This bill means that if we come up with the kind of legislation that
we want, we can deal with it. Just remember what critical
infrastructure means. It means the financial services. It means the
grid. So when there is no power, schools are shut down, businesses are
shut down, public transit is crippled, no traffic lights are working.
By the way, in Virginia didn't 9-1-1 stop working, and they are still
investigating? Don't we love to investigate? Well, right now I don't
want to investigate and I don't want to castigate, but I sure want the
Senate to be able to get going.
Then there is the issue of financial services. The FBI is currently
investigating 400 reported cases of corporate account attacks where
cyber criminals have made unauthorized transfers from bank accounts of
U.S. businesses. The FBI tells me they are looking at the attempt to
steal $255 million and an actual loss of $85 million. Hackers are
already going into the New York Stock Exchange, they are already going
into NASDAQ in an attempt to shut down or steal information. Gosh, if
we allow this to continue, they could attack and cost us billions of
dollars.
Does the Presiding Officer remember that in 2010 we had a flash
crash? New vocabulary, new things out there. The Dow plunged 1,000
points in a matter of minutes because automatic computer traders shut
down. This was the result of turbulent trading. But just imagine if
terrorists or nation states that really don't like us--and I am really
not going to name them, but we really know who they are--really create
flash crashes?
I know there are patriots in this Senate who have been the defenders
of the Nation in other wars. They have said themselves that they worry
about the Asia Pacific, they worry about China. I worry about China
too. So while we are looking at the Defense authorization and
appropriations--and people want more aircraft carriers to defend us in
the blue waters against China. But what happens if there is a cyber
attack? Now, we do know how to protect dot-mil, but don't we also want
to protect dot-com in the same way? I think so.
I salute Senators Lieberman and Collins. They have come forth with a
bill that does two things from a national security perspective. First
of all, it tells business: You can come in voluntarily. There is no
mandate to participate. But if you do come in, you will get liability
protection.
[[Page S5706]]
Wow. In other words, we are actually going to offer incentives. We
are actually going to offer good-guy bonuses. We are not going to do it
through tax breaks or more things that add to the deficit or debt. We
are going to say: Come on in. Participate in both the setting of
standards--we want you at the table--and then living by the standards,
and for that, you will get liability protection.
There are also those who say: We just don't like Department of
Homeland Security being in charge. We worry about a cyber Katrina.
I worried about that too, but I must say that in all of our meetings,
we can see that the Department of Homeland Security has made tremendous
advances. I have been one of their sharpest critics in this area, and I
have been skeptical from the beginning. But now, as we have moved along
and listening to Secretary Napolitano and General Alexander, the head
of the National Security Agency, on how they can work together honoring
the Constitution and civil liberties, I think we have a good bill.
Why do we need this bill? General Alexander, who heads up the
National Security Agency and the Cyber Command, says that we are facing
attacks and the potential of attacks that are mind-boggling. He talks
about the stealing of trade secrets that amounts to the greatest
transfer of wealth the country has ever seen. He worries about the
security of the grid. He worries about financial services, while he
also worries very much about the dot-com.
But we live in the United States of America. We have a constitutional
government. Our military, no matter how powerful and how strong, has a
responsibility to certain areas, but we need a civilian agency in
charge of how to protect dot-com, a civilian agency benefiting from the
incredible turbo intellectual and technical power of the National
Security Agency.
So we have a bill that offers the framework. I would say, let's have
the bill, let's vote for cloture, and let's have regular order with
actual germane amendments. We have patriots here, but who are we for?
Are we for protecting America or are we for coming up with the same old
platitudes that resist any activity of government at all to protect the
American people?
I am no Janie-come-lately to this bill. I represent one of the
greatest States in America. We are home to the National Security
Agency. I have the high honor of being on the Intelligence Committee. I
have been working on this topic for almost a decade, and I have watched
the threat grow as I watched the technology against us grow in power
and the number of people who could attack us in this area.
I sit on the Appropriation Committee, where, as a member of the DOD
appropriations, I have been proud to work with both the authorizers and
Senator Inouye to stand up for Cyber Command, the Tenth Fleet, which is
the cyber fleet, and others relating to it. But also what I have been
proud of is being able to take a look at what we do need to do here in
terms of everything from workforce to protecting others.
My subcommittee funds the FBI. Working with Director Mueller, I have
been able to see up close and personal the growing threats right here
in the United States of America, whether cyber criminals can literally
invade large banking. I could give example after example. Working also
with other departments, we can see that there are cyber-attacks. We
need to be able to do this.
I could give other examples and I will do so in the debate, but let
me summarize. The attacks are now. The question is, are we going to
build a cyber bomb shelter? This is not like the bunkers of old. This
is where we work with the private sector. Remember, our grid and our
telecommunications are owned and operated by the private sector. We
cannot do this without the private sector. We, your government, come
together with a legislative framework that is constitutionally sound
and legally reliable. The fact is that we will make the best and
highest use of our military under that rubric. But at the end of the
day we will be able to have a voluntary framework bringing the private
sector together with incentives around liability that invite them to
participate in the formulation of the regulation, the implementation of
the regulation, and living by it. This is not regulation that leads to
strangulation, this is regulation that helps them be able to protect
the United States of America.
Let me conclude. Everybody says: Gee, what could I do? Could I have
protected against an attack on the United States of America? What is
the name of that little-known group you didn't know how to spell years
ago? Al-Qaida? Would we have done everything in the world to protect
against the al-Qaida attack? I certainly would. I say today, if you
want to protect against the next big attacks on the United States of
America, vote for cloture. Let's have an informed debate. Let's find at
the end of the day the sensible center that will give us a
constitutional but effective way of defending America.
I yield the floor.
I suggest the absence of quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The assistant bill clerk proceeded to call the roll.
Mr. BARRASSO. Mr. President, I ask unanimous consent that the order
for the quorum call be rescinded.
The PRESIDING OFFICER. Without objection, it is so ordered.
The Senator from Wyoming.
Mr. BARRASSO. Mr. President, I ask unanimous consent to speak as in
morning business.
The PRESIDING OFFICER. Without objection, it is so ordered.
Second Opinion
Mr. BARRASSO. Mr. President, I come to the floor today, as I do week
after week--as a doctor who has practiced medicine in Wyoming and taken
care of families in Wyoming across our State for a quarter of a
century--to give a doctor's second opinion about the health care law.
One of the central claims of President Obama and Democrats in
Washington who voted in this Senate Chamber was that the health care
law would extend insurance coverage for millions of Americans. That was
their goal. They claim that is actually what has happened. The
President claimed repeatedly that 30 million more Americans would
receive health coverage because of the health care law.
Well, after practicing medicine for 25 years, I understand there is a
huge difference between health coverage and health care. When people
have a health insurance card, then they have coverage. When people have
access to a doctor, nurse, nurse practitioner, or physician's
assistant, then they can receive health care.
The New York Times actually pointed that out this Sunday morning. It
was the front page, above the fold. They proclaimed in the first
paragraph of an article that the President's health care law delivers
coverage but not care. As a matter of fact, when I take a look at this
article dated Sunday, July 29, 2012, of the New York Times, page 1,
above the fold, ``Doctor Shortage Likely to Worsen with Health Law,''
underneath it says that primary care is scarce, in bold letters, and
beyond that it says: Expanded coverage but a greater strain on a
burdened system.
The story highlights a study from the Association of American Medical
Colleges, which found that in 2015, just 3 years from now, the country
will face a shortage of over 60,000 doctors. By 2025, the shortage is
expected to expand to approximately 130,000.
So while the Nation was already facing this shortage, the article
points out it has been made worse by the President's health care law.
The shortage of providers is very important because, as the article
states, ``Coverage will not necessarily translate into care.'' This is
especially true for those individuals who are supposed to receive their
health care through Medicaid. Let's remember, a huge expansion of
Medicaid was part of the President's health care law. It was part of
the discussion in the Supreme Court, the decision they came out with.
Of course, Medicaid is the program that provides health care for low-
income Americans.
The President's health care law contained one of the largest
expansions of Medicaid in the program's history. The President chose to
expand the program despite the fact that fewer than half of the primary
care clinicians would accept new Medicaid patients as of 2008. Fewer
than half of the primary care clinicians were accepting new Medicaid
[[Page S5707]]
patients. Yet that is from where the President chose to build his
health care reform.
Some might ask: Why is it that so many primary care physicians are
not seeing Medicaid patients? It is because the reimbursements provided
to doctors are so low that many can't afford to see Medicaid patients
and continue to keep their doors open. Unfortunately, the outlook for
Medicaid in this country has not improved.
USA Today reported in July that 13 States are moving to cut Medicaid
even further by doing a couple of things. They want to reduce benefits,
they want to pay health providers less, or tighten eligibility for the
program. So the program the President highlights as one of the cores of
his health care law is already in significant trouble, is not
functioning, and is getting worse.
The State of Illinois has imposed a new limit on the number of
prescription drugs that a patient who is on Medicaid can receive. This
cap was imposed as part of a plan to cut $1.6 billion from the States'
Medicaid Program.
Mark Heyrman, a professor at the University of Chicago Law School,
told the Chicago Tribune that the prescription drug limits amount to a
denial of service. So that is what we are looking at now. Yet this is
the basis upon which the President has built his health care law.
According to the most recent estimate by the Congressional Budget
Office, over one-third of the people expected to gain insurance
coverage under the President's health care law are supposed to do it
through this Medicaid Program. Clearly, with States being forced to cut
back their existing Medicaid Program, there are many people who are not
going to get the care they were promised through the President's health
care law. For those who can find a physician, many of these patients
will have to commute longer distances and will also have to endure
longer waiting times just to get the treatment they are seeking.
Some experts have described this as an invisible problem, and they
say that is because people may still get care, but the process of
receiving that care will be more difficult.
The chief executive of the California Medical Association says, ``It
results in delayed care and higher levels of acuity''--the seriousness
of the injury or illness to that patient when they finally get the care
they need. When care is delayed, medical problems can become much more
serious, and that forces patients to seek treatment through other
settings. One of the prime examples of that is heading to the emergency
room.
Well, the whole goal, I remember, of the debate on the Senate floor
in listening to my colleagues on the other side of the aisle was that
patients under the President's health care law, the Democrats claimed,
would be able to get to see a primary care doctor and would not have to
go to the emergency room. However, that is not what we are finding
under the President's health care law. We are finding just the opposite
of what the President promised.
That is why the Medical College of Emergency Physicians told the Wall
Street Journal:
While there are provisions in the law to benefit emergency
care patients, it is clear that emergency visits will
increase, as we have already seen nationwide.
So the President says one thing and the American College of Emergency
Physicians is telling us what they are seeing on a daily basis in
emergency rooms across the country.
To put it another way, since the President's health care law
exacerbated the shortage of providers, more patients are seeking
treatment in emergency rooms. This is not what the American people were
looking for in health reform. Instead of making empty promises,
supporters of the health care law should have dealt with the issues
that are already causing many doctors to rethink their medical career.
For example, supporters of the law absolutely refused to deal with
the crushing burden of the medical lawsuit abuse. It is an abusive
situation that is forcing doctors to practice a significant amount of
defensive medicine, which is very expensive. It is expensive for
individual patients as well as expensive for the system.
The Harvard School of Public Health found that these costs amount to
2.4 percent of annual health spending in the United States or $55
billion in 2008. That is the Harvard School of Public Health. There are
other estimates out there which go with much higher numbers. Apparently
supporters of the law thought it was more important to help trial
lawyers instead of patients.
As a matter of fact, Howard Dean, chairman of the Democratic National
Committee, has said they left lawsuit abuse out of the health care law
because of the significant impact that trial lawyers have as
contributors to the Democratic Party. So here we are.
Additionally, the health care law does nothing to stop the crushing
burden of government regulations and paperwork that is consuming the
health care profession.
Finally, many people choose to become doctors because they enjoy
being able to innovate and create the next generation of devices and
treatments. Unfortunately, that is changing as a result of the
significant taxes that are part of the health care law.
In an article published on Friday, we have learned that Cook Medical,
which is a medical device company in Indiana, announced that it was
scrapping plans to expand because of the President's health care law.
There are similar companies in States all across the country, many with
large medical institutions who have a history of the best innovation in
the land--and actually in the world--that are faced with these medical
device taxes, not on profit but on the gross amount of money sales. The
company said the 2.3-percent medical device tax contained in the law
would stop the company from opening five new plants in the United
States and add approximately 300 new good-paying jobs.
The Senate should also know that this Cook Medical Company produces
medical devices that address women's health issues. Specifically, the
company produces products related to gynecologic surgery, obstetrics,
and assisted reproduction, to name a few. Therefore, the President's
health care law is actually hurting the ability of Cook Medical and
other companies to provide American women with access to cutting-edge
medical technology. Why? Because of the device tax, which I believe--I
believe we should repeal the entire law, but clearly we have introduced
legislation to repeal the medical device tax. It is a bipartisan piece
of legislation supported from both parties and should be passed
immediately.
It seems Democrats are reluctant to look at parts of the health care
law and repeal the law.
All this means medicine is becoming less of an attractive career
choice for many young people across the country. As CNN stated in a
headline from July 29, just 2 days ago, ``Your health care is covered,
but who's going to treat you?''
The President and Washington Democrats did not seem interested in
addressing this question when the health care law was passed. More
effort was put into hiring IRS agents to look into whether a person had
insurance than to actually see if there were doctors, nurses, nurse
practitioners, physician assistants, and others to care for patients.
Instead of focusing on policies that would give incentives for more
people to become health care providers, they filled their law with
empty promises the American people know today have not been kept.
It is time for Congress to repeal the President's health care law and
replace it with real reforms that will improve the ability of patients
to get the care they need from the doctor they choose at a lower cost.
That is why I come to the floor with a doctor's second opinion about
a health care law which as the front page of the Sunday New York Times
said: ``Doctor Shortage Likely to Worsen with Health Law.'' Primary
care is scarce. Expanded coverage but a greater strain on a burdened
system.
As I have been saying for a number of years on the Senate floor,
coverage will not necessarily translate into care.
Thank you. I yield the floor, and I note the absence of a quorum.
The PRESIDING OFFICER (Mr. Franken). The clerk will call the roll.
The assistant bill clerk proceeded to call the roll.
Mr. DURBIN. Mr. President, I ask unanimous consent that the order for
the quorum call be rescinded.
[[Page S5708]]
The PRESIDING OFFICER. Without objection, it is so ordered.
Mr. DURBIN. Mr. President, the bill pending before us is the
Cybersecurity Act of 2012, as it is known, and for most people it is a
term which they may have heard but may not fully understand.
It was about 2 months ago that Members of the Senate, including the
Presiding Officer, were invited to a classified briefing. It was a
briefing that Senator Mikulski of Maryland asked for to explain what
this was all about because we had been hearing over and over again from
the defense establishment in America that the No. 1 threat to America's
safety and security was no longer just terrorism; it was cyber security
threats and terrorism. For most people, they are not quite sure they
have seen any examples of it that could make a difference.
So here is what we saw. They took us down to this classified room,
closed the door, took away our BlackBerries and iPhones, and put them
in a separate place--and I will explain why they did that in a moment--
they took us in the room and briefed us on an example, just a theory.
What if? What if a subcontracting company that supplied a major public
utility in a city such as New York had a problem and someone stole a
laptop from one of the employees, and that theft went unnoticed or
unreported for a number of days, and then the laptop either reappeared
or did not, what could happen?
Well, what could happen was, if that laptop computer had certain
information in it that not only told you how to get into the computer
system of the subcontracting company but also the public utility, bad
things could occur. So getting inside that computer laptop, getting
inside the technology of the subcontractor, and then finding that
information bridge into the public utility could create an opportunity
to turn out the lights in the city of New York.
That was the exercise we went through. God forbid it would ever
occur, but they said: When you turn out the lights in a major American
city such as New York, terrible things happen. Not only do traffic
signals stop, and lights do not go on at night, and the New York Stock
Exchange is not operating, hospitals are on emergency generators and
problems start popping up in every single direction--water
purification; the pumps that keep the subway system under the city of
New York going so that the subway tunnels are not flooded--all of these
things on top of one another. While this tragedy is occurring, the
people in our government are trying to figure out: What happened? And
how do we put things back into place and get them moving again?
That was one example.
There was another example. It was an example at one of our defense
research laboratories. Top secret. Nobody can get in. Right? They told
us of an example--and I will not even tell you the State where it was
located--they told us of an example where the employees at our top
defense research laboratory--who were trying to figure out
countermeasures to stop attacks against the United States, and to
develop our own weaponry--had what appeared to be a harmless e-mail
sent to the employees saying: Explanation of Your New Health Care
Benefits. Just Click Below. It turned out that click brought the
hackers into the system.
So what we are talking about here has consequences that go far beyond
the harassment of some teenage hacker who is trying to get into some
company computer or even the school's computer.
I was on a plane yesterday with a gentleman who is working for the
National Institutes of Health. I asked him about cyber security.
He said: We think about it every day--every day--because hackers are
trying to get into the National Institutes of Health technology and
computer system.
I said: What for?
He said: Well, some of them are in there for insidious reasons. But
some of them are childish hackers.
I said: What do they do?
He said: Well, they will come in, for example, and change our
published list of antidotes to certain poisons, so we always have to
keep an eye on it to make sure they have not changed what people,
doctors, should use across America.
Think about it. Think about all of the possibilities. What we are
trying to do today is to come up with a line of defense for America. We
are trying to establish a working relationship between all levels of
our government and the private sector of the United States to keep us
safe. Because what they told us was, every single day, China, Russia,
Iran are on the attack--cyber security attacks into the United States--
not just the ones I have mentioned but far beyond. Defense contractors
building the planes and the armaments and all the artillery and the
like have to worry about whether their secret plans, their patented
information is being stolen right from under them, stolen by someone
who wants to compete with them or perhaps wants to go to war with them.
That is what is at stake.
So for a long time we have been warned and forewarned to do something
about it. The bipartisan consensus among defense and intelligence
experts in the public and private sector is that our Nation is
dangerously vulnerable to cyber-attack at this moment.
FBI Director Bob Mueller--an extraordinarily great public servant--
says the threat our Nation faces from a cyber-attack will soon equal or
surpass the threat from al-Qaida and more traditional forms of
terrorism.
Navy ADM Mike Mullen, Chairman of the Joint Chiefs, said: ``The cyber
threat has no boundaries or rules, and the reality is that cyber
attacks can bring us to our knees.'' According to our Director of
National Intelligence, James Clapper, countries such as Russia and
China are already exploiting our vulnerability. His unclassified
assessment--what he told the public--is that entities within these
countries are already ``responsible for extensive illicit intrusions
into U.S. computer networks and theft of intellectual property.''
We have to respond to this. We have to do it quickly. I wish to thank
Senators Lieberman, Collins, Feinstein, and Rockefeller for putting
together this bill, the Cybersecurity Act of 2012. They have introduced
an approach that is balanced, bipartisan, and responsive to legitimate
concerns raised by the intelligence community, private industry, and
privacy advocates. The Cybersecurity Act of 2012 will help make us
safer.
Our Nation's critical infrastructure--powerplants, pipelines,
electrical grids, water treatment facilities, transportation systems,
even financial networks--are increasingly vulnerable to attack. Bad
actors in other countries have already demonstrated their ability to
use the Internet to take control of computer systems.
Last year, there was a 400-percent increase in cyber attacks on the
owners of critical infrastructure. This act has provisions that will
reduce our vulnerability and shore up our defenses. In response to
concerns raised by some in the private sector and some on the other
side of the aisle, Senators Lieberman and Collins revised a section of
the bill. The bill now creates a voluntary, incentive-based system of
performance standards. Private companies and government agencies will
work together to determine the best practices in each sector to prevent
a cyber attack. Companies that voluntarily implement those standards
will be rewarded with immunity from punitive damages in a lawsuit,
receipt of real-time cyber threat information, and expedited security
clearances, among other things.
This voluntary arrangement replaces the mandatory system in an early
version of the bill. Many of us supported that approach. But in the
spirit of compromise and responding to concerns expressed by the
business community, the managers have included this voluntary approach.
The Cybersecurity Act of 2012 also authorizes voluntary information
sharing. The sharing provision will allow government agencies and
willing private companies to enhance the mutual understanding of the
real threat and our vulnerabilities.
Sharing this information on effective responses and recent cyber
threats will enable both the government and the private sector to
understand the threat and to respond. A handful of industries have
already adopted this approach, and it significantly enhances their
ability to identify and respond to cyber threats. We should empower the
government to share its knowledge with
[[Page S5709]]
these and other industries. We should make it clear the private
companies can share cyber threat indicators with the government. That
is exactly what this Act does.
I wish to thank the Presiding Officer, Senator Franken of Minnesota,
as well as Senators Coons, Blumenthal, Sanders, and Akaka for working
with me and the managers to ensure that we protect privacy and civil
liberties. The Presiding Officer is chair of the Privacy Subcommittee
of the Judiciary Committee. He has been a real leader on these issues.
I was happy to work with him. As a result of his efforts and our
efforts, the willingness of Senators Lieberman, Collins, Rockefeller,
and Feinstein, we were able to significantly enhance the privacy and
civil liberties protections in the revised bill. I believe--I have
always believed and I will continue to believe--we can keep America
safe and free. We can establish in our democratic society the
appropriate defense to any threat without sacrificing our fundamental
constitutional rights.
The revised bill, after we negotiated with them, now requires that
the government cyber security exchanges be operated by civilian
agencies within the Federal Government. Our thinking was that these
agencies are more prone to oversight, and any excesses by them will be
caught earlier than if this is done on the military side, to be very
blunt.
Military and spy agencies should not be the first recipients of
personal communications such as e-mails. But from time to time, they
will need to be informed and we need to rely on their expertise. That
is why the bill requires that relevant cyber threat information be
shared with these agencies as appropriate in real time.
The revised bill eliminates immunities for companies that violate the
privacy rights of Americans in a knowing, intentional or grossly
negligent manner. To ensure that cyber security exchanges are not used
to circumvent the fourth amendment, the bill requires law enforcement
to only use information from the cyber exchanges to stop cyber crimes,
prevent imminent death or bodily harm to adults or prevent exploitation
of minors.
The revised bill creates a vigorous structure for strong, recurring,
and independent oversight to guarantee transparency and accountability.
It gives individuals authority to sue the government for privacy
violations, to ensure compliance with the rules for protecting private
information. These commonsense reforms improve the information-sharing
section of the bill, and they protect privacy. That is why they have
been widely embraced across the political spectrum from left to right.
I think we have found the sweet spot. I think we have found the right
balance. That kind of endorsement across the political spectrum
suggests that is the case.
We are very vulnerable in the United States at this very moment. Our
critical infrastructure is at risk, and billions of dollars' worth of
intellectual property is being stolen. Our national security is
compromised. To put the cyber threat in perspective, GEN Keith
Alexander, Director of the National Security Agency, was asked: How
prepared is the United States for a cyber attack on a scale of 1 to 10,
with 10 meaning we are the most prepared. What was his answer? Three--
three out of ten. That is an alarming assessment. It is a failing grade
by any standard.
If we do not act now, we will continue to be at risk for not only the
loss of information and economic loss but even worse, mass casualties,
a crippled economy, the compromise of sensitive data. I know this bill
has some controversy associated with it. I know there are some in the
business sector who think we have gone too far. I would plead with
them, work with us. Let us do this and do it now. To let this wait is
to jeopardize the security of this country. We did not think twice to
respond quickly after the 9/11 attacks to make America safe. We see it
everywhere we turn. If one can even imagine what life was like in the
United States before 9/11, before we took our shoes off when we went to
the airport, before searches were commonplace in American life, before
armed guards stood outside the U.S. Capitol--those are the realities of
what we face today because of that attack.
Let's be thoughtful. Let's be careful. Let's come together, the
private and public sector. Let's do this the right way to keep America
safe. The people who sent us to represent them expect no less.
For-Profit Colleges
Mr. President, the Senate HELP Committee released a report after
completing a 2-year investigation of for-profit colleges. The 1,096-
page report is the most comprehensive analysis yet. It provides a broad
picture of the for-profit college industry. What Senator Tom Harkin and
the committee discovered and carefully documented is an industry driven
by profit, which too often has limited concern for the students or the
actual learning process.
The report profiles 30 of the biggest for-profit colleges, virtually
from every State in the Union, including Illinois. There are good
schools there, make no mistake, and my colleague Senator Harkin has
been careful to point them out. But there are also some that are not
making an effort. Some are trying to improve student outcomes. But
unfortunately there are many of these for-profit schools that are just
taking in, soaking in Federal subsidies in the form of student aid so
they can pay their shareholders extra money.
DeVry is the third largest for-profit college in the country. It is
based in my State of Illinois. DeVry operates 96 campuses and offers
classes online. In 2010, DeVry had over 100,000 students, an increase
of 250 percent of enrollment in 10 years since the year 2000. It
derives almost 80 percent of its revenue from the Federal Government.
Similar to the other companies profiled in the report, DeVry's
tuition is significantly higher than that of public colleges. The cost
of tuition for a bachelor of science in business administration at
DeVry's Chicago campus is $84,320--for a bachelor's degree--
considerably more than the same program at the University of Illinois,
where the 4-year tuition is $75,000.
DeVry looks good compared to many of its peers in the for-profit
sector. Unlike some other schools, DeVry's internal documents reveal
the school has chosen not to use aggressive price increases in the
future. I salute them for that. I have spoken to their leadership and
told them that if they want to distance themselves from the pack of bad
for-profit schools, they have do it by making decisions and
implementing them to demonstrate they are a different kind of for-
profit school.
There are still areas where DeVry can make improvements. DeVry's
institutional loan program, a private loan program, charges a 12-
percent interest rate--12 percent. The Federal Government student loan,
3.4 percent in contrast. So this rate is roughly three times the
Federal loan.
The HELP Committee estimates that in 2009, when all sources of
Federal funds, including military and veteran's benefits are included,
the 15 largest publicly traded for-profit education companies received
86 percent of their revenue from taxpayers--86 percent. They are 14
percent away from being totally Federal agencies.
Perhaps this would be acceptable if students were learning and
gaining skills to succeed, but what the committee found is troubling.
One of the main reasons student outcomes are so poor at these schools
is that the schools do not provide students with basic support services
that they need to find a job and succeed. Student support services are
essential to helping students adapt and do well while they are in
school and find a job. What happens instead? They drop out or, if they
graduate, they cannot find a job.
In 2010, the 30 for-profit colleges examined employed 35,000-plus
recruiters--35,000 recruiters. The same schools collectively employed
3,500 career service staff and 12,452 support staff. So by a margin of
2\1/2\ to 1, the schools had more recruiters than support service
employees.
So we cannot be shocked when we learn that one-half million students
who enrolled in 2008-2009 left without a degree or certificate by mid-
2010. Among 2-year associate degree holders, almost two-thirds of the
students in these for-profit schools departed without a degree, just a
debt.
The report also highlighted a growing problem among for-profit
colleges, the use of lead generators. For-profit colleges gathered
contact information on perspective students or leads, as they call
them, by paying third-party companies known as lead generators.
[[Page S5710]]
These generators specialize in gathering and selling information--in
this case, very personal information.
Here is how it works. A student browsing the Internet searches for
terms such as ``GI bill,'' ``student loan,'' ``Federal student aid'' or
any variation. They are directed to various Web sites that are owned by
these lead generator companies. The Web site then claims to pass the
prospective student contact into an appropriate school for the student
online. Typically, there is no disclosure to the student that their
personal information is being sold to for-profit colleges.
When a perspective student does give their contact information, watch
out. They will be bombarded with calls and e-mails from aggressive
recruiters at these for-profit schools. Remember that 35,202 people are
employed as recruiters. This is what they do. One of the Web sites,
gibill.com, was owned by a company called QuinStreet until last month,
when 23 attorneys general across the United States did what Congress
should have done first. As part of an agreement, QuinStreet gave up its
right to the Web site to the Veterans' Administration where it belongs.
So gibill.com is no longer a deceptive Web site, at least in these 23
States where there has been an agreement. Other Web sites used the name
of Federal student aid programs and misled students into believing this
was a real government program.
One of the HELP Committee's recommendations is to further regulate
the private student line market. Senator Harkin and I introduced the
Know Before You Owe Private Student Loan Act this year. Our bill
requires private student loan lenders to verify the prospective
borrower's cost of attendance with the school before disbursing the
loan.
It also requires the schools to counsel students as to whether they
are still eligible for Federal student loans at a much lower interest
rate. Federal student loans have flexible payment plans, consumer
protections, and as I said, less cost. But many times students who have
not exhausted their Federal student loan aid are steered into private
loans with interest rates three and four times higher. There is money
to be made off those young and sometimes uninformed students.
I urge the private lenders and the for-profit schools that keep
telling me ``we are doing the right thing,'' do not wait for this law.
Do it now. Make this a policy at their school and prove it.
One of the students I wanted to mention is Mirella Tovar from Blue
Island, IL. She graduated from Columbia College in 2010 with a B.A. in
graphic design and with $90,000 in debt and with a 10.25-percent
interest rate. Her balance started to grow. She did not take out any
Federal loans. She thought all the loans were the same. She did not
know the difference.
No one told her about the consumer protections in the Federal loans.
After she used her 6-month forbearance permitted by her lender, Mirella
was expected to pay $1,500 a month. Unable to get a full-time job in
her field, she thought about filing for bankruptcy.
It would not have done any good; student loans are not dischargeable
in bankruptcy even if they come from for-profit colleges. Her dad
wanted to help, so he cosigned her private student loans. Guess what.
He is now on the hook for the payments too.
Mirella says that if the school counselor would have told her more
about what her monthly payment would be like, she would not have taken
out so much, and she may have never been steered to a private student
loan.
I thank Senator Harkin for his leadership and his amazing work on
this issue. I plead with my colleagues, on behalf of these students and
their families and on behalf of the taxpayers who are subsidizing these
schools, join us in setting standards so there is an opportunity for
young people to get the education they need without inheriting the
debts that can drag them down for a lifetime.
I yield the floor.
The PRESIDING OFFICER. The Senator from Georgia.
Mr. ISAKSON. Mr. President, I ask unanimous consent to address the
Senate as in morning business.
The PRESIDING OFFICER. Without objection, it is so ordered.
Remembering R. Timothy Stack
Mr. ISAKSON. Mr. President, this morning I got some very sad news.
The State of Georgia and the people of my State lost a giant in the
health care industry.
Tim Stack was my friend. He was the president of the hospital that 2
years ago treated me well, which is why I am here today. He was a giant
in health care not just in Georgia but in America. On behalf of myself
and all the citizens of my State and the countless thousands of
patients whose lives have been made better or even saved by Tim Stack,
I send my condolences to his wife Mary and his three sons: Ryan, Tim,
and Matthew.
Tim Stack grew up in Pittsburgh, PA, working in the steel mills. When
the mills closed, he looked to find a job, and he worked in central
supply at the Eye & Ear Hospital of Pittsburgh, PA. He was working and
studying to be a teacher and a football coach. By working in the
hospital, he became fascinated with the complexity of hospital
administration and was challenged by the love of caring for people who
were ill. Tim Stack changed his major to hospital administration and
became a leader in the United States in the administration of
hospitals.
Let me read from a press release on his record in Atlanta, GA, alone:
Under his leadership, Piedmont grew from two hospitals and
eight physician practices to a $1.6 billion organization that
includes five hospitals, more than 50 primary care and
specialty physician practices and a 900-member clinically
integrated network.
He also helped develop the Piedmont Heart Institute, which treated me
2 years ago and is the reason I am standing here today, which is the
leading heart institute not just in Atlanta and in Georgia but
throughout the United States.
Tim was one of a kind. His loss will be felt by countless thousands
of Georgians. To his family, his friends, and all who knew him, I
express my sympathy.
I want to read a quote from him that was written in 2006 when he was
interviewed by Atlanta Hospital News for a profile. Tim wrote the
following:
The attributes of a good leader are universal. You need to
love what you do, be open and inquisitive and persistent, not
afraid to make waves if you have to. You should also be
personally productive and work well with others. Be
innovative and allow others to innovate. Finally, be a
certifiable member of the human race. Cultivate a light
touch, be passionate about your career, but be sure to
balance it with the rest of your life.
That expresses better than I can what Tim was all about. I shall miss
him greatly, as will all of my State. Again, I send my sympathy to his
wife Mary and his three sons: Tim, Ryan, and Matthew.
I yield the floor.
The PRESIDING OFFICER. The Senator from Delaware is recognized.
Mr. COONS. Mr. President, I rise to speak to the issue of cyber
security, one where there have been a dozen speeches given earlier
today, and one where I am concerned that there is not enough
determination, not enough will on the part of this body to work
together, to listen to each other, to cross the small differences that
remain between camps and competing theories of a bill that we should
take up, and I am here to urge our colleagues in this body to address
what we have been told is one of the greatest security threats facing
our country, to bear down, to file amendments, to clear amendments, to
listen to other Members and be willing to do the job for which we were
hired, which is to pass tough, broad, bipartisan legislation to protect
this country we love.
In my short 20 months in the Senate, I have increasingly become more
and more persuaded that we face a constant, steadily rising,
increasingly dangerous threat that foreign nations, foreign actors,
whether they be terrorists or enemies of the United States, are not
just studying the possibility of some day attacking the critical
infrastructure of the United States, they are not just writing position
papers or theorizing about it or training in some camp in an obscure
country, they are today actively engaged in thousands of efforts to
compromise the critical infrastructure of this country.
How Members of this body can ignore the importance of this threat
when the majority leader and the Republican leader have twice, in my
short time here, closed the Senate and urged every one of us to go to a
secure, classified
[[Page S5711]]
briefing, where we have heard from a dozen four-star generals and
leaders of three-letter agencies who have told us in great detail about
how grave this threat is. Why in the face of repeated and publicly
cited assertions by Secretaries of Defense, heads of the NSA, leaders
of our homeland security agency, and leaders responsible for our first
responder community from the Federal, State, and local levels, from the
private sector to this government, who have said over and over that
this is a very real, very present threat--how we can ignore that threat
today is beyond me.
The bill that is before us is S. 3414. This is a compromise bill. In
a series of meetings with other Members of this body, I have been
struck to hear others say that we need more time, we need to study this
further, we need to pass the narrow portions on information sharing
that are easy and everybody can now agree on, and we need not pass a
broader or stronger bipartisan bill that deals with infrastructure.
As you know well, Mr. President, for years critical committees in
this body have been working on this issue. Senators Lieberman and
Collins, the chair and the ranking member on Homeland Security and
Governmental Affairs, have been engaged in working their way through
difficult issues for years. The relevant committees, from Energy to
Commerce to Intelligence, have been engaged in hearings and studies and
in legislating for years before I became a Senator.
In the last few months there has been some important and strong work
to build a bipartisan consensus around the bill that is before us
today. I, like you, I believe, Mr. President, had some real concerns
about the information-sharing portions of the bill, title VII, which
have to do with permitting private companies to share information with
each other about the threats of attacks.
One of our big problems right now, we are told, is that companies of
all different sectors of our economy hesitate to share publicly or to
share with our national security infrastructure information that is
critical to knowing when we are being attacked, how we are being
attacked, and how it might spread. Title VII of the bill gives them
liability protection to encourage the broad and regular sharing of that
information.
But those of us who are concerned about the balance between privacy
and security, about protecting civil liberties and whether we have gone
too far in seeking security at the expense of liberty, offered a whole
series of revisions and changes to this bill--changes that have been
accepted. So too in a different section of the bill--title I, which
deals with critical infrastructure--folks from the private sector
raised alarms and concerns months ago that this bill was too
prescriptive, too heavyhanded, was involved too much in regulation and
in demanding certain actions by the private sector. Those concerns,
too, have been addressed in a broad way.
I have been impressed with how many changes Senators Lieberman and
Collins have been willing to accept out of a broad working group of
more than a dozen Senators of both parties who over the last few months
have come forward with suggestions that have made that portion of the
bill truly voluntary for the private sector, in a way that balances the
role of civilian agencies with parts of our national security
apparatus, in a way that provides enough liability protection but not
too much, and in a way that allows the private sector to have a leading
role in setting standards.
My point, then, is to say to my colleagues that when they say we need
more time to study it, I say we need to come to this bill, we need to
come to the floor, and we need our colleagues to be clear--what are
your remaining concerns? In a meeting last Friday with several Senators
and representatives of industry, I had read every word of title VII and
urged them to be concrete with us about what their concerns were. I
left unsatisfied. I left concerned that some were simply scaring the
private sector and scaring our citizens into thinking this bill is not
ready.
So for those who still have concerns--and there may very well be
broad and legitimate concerns about the bill and about its direction--
let's take these 2 days. I understand that more than 90 amendments have
been filed. I think it is the challenge before us to make the
amendments germane, narrowly focused, and relevant to improve the bill
rather than distracting us into issues that are more partisan or tied
to the campaign and to focus on the work that is left before us.
If I could, I am gravely concerned about those who would urge us to
split off the portion of the bill on information sharing and ignore the
portion of the bill that has to do with protecting our critical
infrastructure. As speaker after speaker has come to the floor today
and made clear, our electricity grid is at risk, our dams and our
powerplants are at risk, our highways and financial system are at risk.
There are all sorts of areas in the United States where there have been
real cyber attacks, online attacks, in other countries that have
demonstrated the devastating potential power of our opponents and
enemies around the world.
In the face of the cautionary notes we have heard from leaders of
this body and around the country and in the face of that very strong
reality, why we wouldn't pass a broad and tough bill that facilitates
information sharing and protects our critical infrastructure and
strikes a fair balance in the middle is beyond me. It is not that this
body has been too busy. It is not that we are exhausted by having
passed too many broad and strong, bipartisan bills. We have gotten good
work done this session. There are things, from the farm bill to the
Transportation bill, where this body has shown an ability to listen to
each other across the differences of party and region and craft strong,
balanced, bipartisan bills. It is on this topic of cyber security that
we have heard over and over that there is no more pressing challenge.
Why, if our adversaries are not going to be taking the month of
August off, if our adversaries are not going to cease from now until
November to attack us, would we not bear down and focus on getting done
the work that is before us as the U.S. Senate? We are called at times
the world's greatest deliberative body. I will say to you as a member
of the Foreign Relations Committee, in other parts of the world there
are folks who are striving toward democracy who question whether this
is the model they should follow.
In the remaining days before we all go to some recess, why not bear
down, do our homework, do our reading, be forthcoming with clear and
concise concerns, and hammer out our differences?
I extend an invitation to any colleague, any industry group, or any
group of concerned citizens: I am happy to meet with anybody to hear
their concerns and try to do my level best to convey them to the bill
managers and the leaders, who have done a remarkable job of hearing and
accepting compromise provisions of this bill on privacy, on the role of
the private sector, on making voluntary what was mandatory and striking
a fair balance.
I urge our colleagues to take this moment seriously, to not allow the
days to slip, the month to pass, and the moment to pass us by. How will
we answer our constituents, our communities, and our families following
an attack that has been so frequently predicted? Do we not believe we
will end up regulating in a more heavyhanded, more reactionary, and
more ill-informed way after a successful massive attack than now when
we have the time to listen to each other and craft a balanced and
responsible and bipartisan bill?
Mr. President, I will close. I am convinced that this is the gravest
threat facing our country today, graver than that of terrorism from
overseas. In fact, GEN Keith Alexander of the NSA has clarified just in
the last few days to a group of us how grave a threat this is.
I renew my offer to any Member of this Chamber: Come and meet with
me. Come and meet with Senators Lieberman and Collins. Come and meet
with the leaders of the relevant committees, take up your cause, and
give an amendment that is narrow and focused and relevant, and let us
hammer out a better defense for this Nation.
There are those who question the purpose and purposefulness of this
body. It has no greater purpose than finding a bipartisan way to craft
a strong and vibrant solution to a clear and growing national threat.
[[Page S5712]]
Just a few weeks ago, I had the honor of sitting for lunch with
Senator Daniel Inouye. He is the one Member of this body to have earned
the Congressional Medal of Honor in combat. I asked his advice, as the
most senior member of my party: What issues, Senator Inouye, do you
think I should be focused on? What is the thing you might urge me--a
freshman--to invest my time and effort into? His answer was simple, his
answer was profound, and his answer, I hope, will be heard by this
body.
He said to me: I am the only Senator who was at Pearl Harbor. Our
next Pearl Harbor will come from a cyber attack for which we are today
unprepared. Let's do our duty. Let's listen to each other, come
together, hammer out a strong and bipartisan bill, and honor the
service and sacrifice of that ``greatest generation''--both in this
Chamber and our country--and do our duty.
Madam President, I yield the floor.
The PRESIDING OFFICER (Mrs. Shaheen). The Senator from Colorado.
Mr. UDALL of Colorado. Madam President, I want to acknowledge the
powerful and eloquent words of my colleague from Delaware. I know our
colleague Senator Collins is also on the Senate floor, and I have to
tell the viewers and all of my colleagues I couldn't agree more. The
time is now to act on cyber security.
I just came to the floor from an Intelligence Committee briefing.
General Alexander was there. As the Senator from Delaware knows, he is
forthright, he is well-versed, he is passionate, and he is as
nonpartisan as they come. General Alexander is urging us to act now.
So I thank my colleague from Delaware for his compelling and
important words.
Production Tax Credit
The matter that brought me to the floor has a link to cyber security,
and that is energy security. I want to talk about one of the new and
exciting technologies that is resulting in the production of many
homegrown electrons, and that is wind power.
I have come to the floor on a daily basis to urge my colleagues to
work with me to extend the production tax credit for wind.
The PTC has created literally tens of thousands of jobs across our
country and has the potential to create even more. But if Congress--
that is us, the Senate and the House--doesn't act to extend it, tens of
thousands of jobs, literally, will be lost. The Presiding Officer has a
robust wind energy sector in her State, and she knows the extent to
which it is important for business in the great State of New Hampshire.
It is important to the businesses in every State in our country.
The production tax credit is an investment in a clean energy future.
It is a critical investment in American jobs. Frankly, we are about to
lose that investment. I fear, in fact, that through our inaction we
continue to create real harm to our wind industry in America. But it is
not too late to act.
Today I am going to focus my remarks on Idaho, a State that is known
for its wide open spaces, its mountains, its potatoes, and for great,
friendly people. One doesn't have to look any further than Senator
Crapo and Senator Risch to know that the people of Idaho are very good
people.
Idaho is a State with a vast untapped potential for wind energy. The
National Renewable Energy Laboratory, which we host in Colorado, has
calculated that Idaho's wind resources could potentially provide more
than 218 percent of Idaho's electricity needs. It ranks 23rd in our
Nation's wind resource potential. Most of this potential is in the high
plains of the southern half of the State.
Idaho is already working to take advantage of what is a bountiful
resource. There are more than 20 separate wind projects either online
or under construction across the State. In southeastern Idaho near Twin
Falls, Invenergy's Wolverine Creek wind farm covers about 5,000 acres
and pays royalties to almost 30 different landowners.
In 2011, Idaho's installed wind capacity grew by nearly 75 percent.
That growth created hundreds of temporary construction jobs as well as
permanent jobs in the operation and maintenance of these facilities.
Right now, Idaho's wind resources provide power for nearly 160,000
homes without releasing the nearly 1.1 million metric tons of carbon
dioxide that traditional power sources would.
Wind supports close to 500 jobs in the State of Idaho--jobs that
wouldn't exist if the wind industry had not been enticed to invest in
Idaho because of the production tax credit, the PTC. Wind energy
projects are an investment in local and State economies. Wind energy
producers provide nearly $2.5 million to the State in property tax
payments every year and over $2 million annually in land lease payments
to local Idahoans who go on to invest that money back into their local
communities. Those are real dollars these communities count on.
The point I am trying to make is that we in Congress should be
working to help create more projects like Wolverine Creek for the jobs
and the clean energy they create. Instead, Congress is standing idly
by.
I can't help but mention there have been some on the campaign trail
who have suggested that we should let the wind production tax credit
lapse at the end of this year, and that wind power should not be given
the same help other industries have received. I could not disagree
more.
Great States such as Idaho, Colorado, and New Hampshire make things.
Great countries such as the United States generate their own energy.
Letting the wind production tax credit lapse would be irresponsible.
The PTC equals jobs. We should pass it as soon as possible. We should
not waiver, and we should not wait. Every day that we let this
unanswered question hang over our country may be another project and
another job that gets shipped overseas.
I urge my colleagues to work with me to support manufacturing in
rural communities in America. Let's extend the production tax credit as
soon as possible. It is common sense. It has bipartisan support. Let's
extend the production tax credit.
I will be back tomorrow to continue this discussion and talk about
another one of our great States. I am at 13 States. I am going to keep
coming back until we get this right.
Madam President, I yield the floor.
The PRESIDING OFFICER. The Senator from Minnesota.
Mr. FRANKEN. Madam President, I ask unanimous consent to speak as if
in morning business.
The PRESIDING OFFICER. Without objection, it is so ordered.
Medical Loss Ratio
Mr. FRANKEN. Madam President, over the last few weeks hundreds of
thousands of Minnesotans have received letters or postcards in the mail
from their health care insurers. These notices are letting people know
whether their insurer met a new rule in the health care law--a rule
that I championed--called the medical loss ratio, sometimes called the
80-20 rule. It could also be called the 85-15 rule, but it is known as
the 80-20 rule, and I will explain.
This provision, which I based on a Minnesota State law, requires
large group insurers to spend 85 percent of the premiums they receive
from their beneficiaries on actual health care services, not on
marketing or administrative costs or CEO salaries. Eighty-five percent
of their premium dollars have to be spent on actual health care. For
insurers in a small group and individual markets, this threshold is 80
percent; hence, the 80-20 rule.
This summer, across the country Americans are getting notices from
their insurers that the insurer met or did not meet this 80 or 85
percent threshold. When those notices say the insurer failed to meet
the medical loss ratio, Americans are also getting something else in
the mail--a check or lower premiums for next year because under my
medical loss ratio provision, insurers who do not spend at least the 80
or 85 percent of premiums on actual health care services for their
beneficiaries have to rebate that money to their consumers.
August 1 was the deadline for insurers who didn't meet the MLR
threshold to rebate the difference to their consumers, and because of
the medical loss ratio more than 123,000 Minnesotans got rebates from
their insurer. Those rebates added up to an average of $160 per
household. It was more in other States.
This isn't unique to Minnesota. Across the country 12.8 million
Americans got rebates from their insurers who overcharged them, and
other insurers lowered their premiums for last
[[Page S5713]]
year to comply with the medical loss ratio. Aetna in Connecticut
lowered premiums by 10 percent last year because of the MLR.
Minnesota has a culture of high-quality low-cost care. In fact, the
Agency for Health Care Research and Quality recently announced that in
2011, Minnesota's health care quality was the highest in the Nation. We
were again No. 1. We are always No. 1, No. 2, or No. 3. The medical
loss ratio, which was first passed as a Minnesota State law, is yet
another example of Minnesota's leadership in bringing down health care
costs while preserving quality.
Minnesota's unique health care culture includes the Mayo Clinic,
cooperative models such as HealthPartners, and visionary public health
leadership from State legislators. Health care in our State is also
distinguished by the fact that 90 percent of Minnesotans are served by
a nonprofit health plan. These plans outperform their national peers
and are able to put 91 percent of every premium dollar toward actual
health services. In other words, they have a 91 MLR.
By taking profits out of the health insurance industry, Minnesota
health plans do a better job helping our residents live longer,
healthier lives and deliver the No. 1 quality care in the Nation. The
medical loss ratio within the health reform law is holding all health
plans to the same standards we have set in Minnesota by requiring that
80 to 85 percent of premium dollars actually pay for health services.
Before this year, in other plans throughout the Nation, less than 60
percent of the premiums were put toward health care. The rest was being
used for administrative costs, for marketing, for bonuses, and for
profits. In fact, one study of insurers in Texas a few years ago showed
MLRs, medical loss ratios, as low as 22 percent--meaning that of all
the premiums families were paying in to their insurers, the insurers
were spending only 22 percent on actual health care services for them.
That is why my medical loss ratio provision is so important. It
squeezes the fat out of the health insurance market and makes your
premium dollars go farther. For many families it is actually lowering
costs, delivering $1.1 billion a year in rebates. Those checks, $1.1
billion, are in addition to lowering the premiums. For example, the 10-
percent reduction by Aetna in Connecticut. This was an incredibly
important step because we know premiums were going up way too fast, a
lot faster than those families' income. This is just one way the health
care law is already changing the culture of care in our country.
One of the other things the law did was move toward rewarding quality
of care, not quantity of care. It specifically directed Medicare to
start paying doctors based on the value of the care they provide, not
the volume. This is a provision that I and Senator Klobuchar and
several other of our colleagues championed, called the value index.
That is because when Minnesota doctors get paid less for providing
higher quality care, everyone else loses. Minnesota loses because
Minnesota reimburses 50 percent less per Medicare patient on average in
Minnesota than for each patient, on average, in Texas. So Minnesota
actually gets punished for being No. 1. It gets punished for higher
quality care with lower reimbursements. Patients in Texas lose because
they are not getting the highest value care for their health care
dollar. And all taxpayers lose when Medicare pays for unnecessary or
overpriced service in Texas or other low-value States.
This is not about pitting Minnesota against Texas or other low-value
States. It is about incentivizing the Texases to be more like
Minnesota--which, again, has the highest health care quality in the
Nation. That will begin to happen when the value index kicks in under
this law.
It would be an understatement to say the law has received some
attention this year, and I know there is a lot of uncertainty among our
constituents about how the law will affect them. That is because
sometimes there is a little misinformation put out there. I just had a
colleague say there is nothing in the bill to address paperwork. That
is certainly not true. In fact, I authored a provision on simplifying
billing.
There is some misinformation on why IRS agents are there to look into
your insurance--and anything done in the law to address workforce
shortages. That is not true. There is an entire title on workforce.
Sometimes people have to sort out what is being said on this floor. So
there is some uncertainty.
Let me take a moment to talk about a few of the other things the law
is already doing for the people of Minnesota. This is all in the law
and happening. I am just telling what is going on right now.
First of all, starting tomorrow, August 1, 900,000 women in Minnesota
and 47 million women around the country will have free access to
preventive health services, including gestational diabetes screenings,
preventive health visits with their doctors, and FDA-approved
contraceptives. Because of the health care law, women, not their
insurance companies, can now make decisions about their health care and
can access the services that will keep them healthy.
The health care law is also helping families in Minnesota and across
the country by prohibiting insurers from denying health coverage for
children who have preexisting conditions. I have met children who are
alive today because of this provision. As a parent, I know how grateful
their parents are. Parents around the country can now sleep a little
easier, knowing that if their child gets sick they will still be able
to get the health care coverage they need. We should be celebrating
that. This is not about putting the government between you and your
doctor, as I hear sometimes. This is about getting an insurance company
out of the way and making sure that children can get coverage.
And adults. We have seen the limitation of lifetime limits on care.
Your insurance company can no longer put an arbitrary cap on your care.
I have seen a gentleman whose life was saved because of this. Before
this law came into being they could drop you--and they did. That is
over. That is done. People do not have to worry about hitting an
arbitrary limit and then being thrown off their insurance--because they
have. We should be celebrating that. That is something that should be
bringing a lot of relief to people. That is why we are going to be
having far fewer bankruptcies.
Parents will also be relieved to know that young adults can now
stay--they had been able to stay on their parents' health insurance
plan until they are 26. Because of this provision, 35,000 young adults
in Minnesota are now insured on their parents' policies.
I was at a senior center in Woodbury the other day. Seniors are very
happy with the changes that the health care law has made. When I visit
senior centers in Minnesota, I hear relief from seniors who now can pay
for their medications thanks to the provision in the health care law
which is closing the doughnut hole. The provision has already allowed
57,000 seniors in Minnesota to receive a 50-percent discount on their
covered brandname prescription drugs when they hit the so-called
doughnut hole, an average of $590 savings per person.
I can see the Presiding Officer nodding. I know she goes to senior
centers in New Hampshire and knows when seniors hear that people want
to repeal this they are miffed. I have actually been at a senior center
when they said, What can we do? And they wanted to get up and go out
and start being activists for the health care law when they heard that
some of my friends want to repeal this.
Some of them are making it just on Social Security. Now the doughnut
hole is closing and they like that. It means they can take their
medication and it means they do not have to take it every other day or
they don't have to cut it in half. My friends on the other side want to
repeal it.
Seniors are also getting free preventive health services under the
health care law, such as mammograms, colonoscopies, as well as free
annual wellness visits to their doctor--and, boy, do they like that.
I could go on and on, but I will not. The point is, because of the
law more people are getting care, the quality of care is better, and we
are lowering costs. I am proud of that. As we here in the Senate head
home to spend August in our States, I urge my colleagues to listen, as
I do, when constituents tell
[[Page S5714]]
us about the rebates they received. I was on a plane two weekends ago.
A woman showed me her check. The woman I was sitting next to showed me
her rebate check.
I urge my colleagues to listen to constituents talk about the rebates
they receive, the kids who are able to stay on their parents'
insurance, the health screenings that save the lives of grandparents. I
hope they will listen to the stories of kids with preexisting illnesses
who were finally able to get coverage and seniors who were able to
afford both their prescriptions and their dinner. I urge my colleagues
to acknowledge these benefits and to support the continued
implementation of the Affordable Care Act.
I yield the floor.
The PRESIDING OFFICER. The Senator from Delaware.
Mr. CARPER. Madam President, there are several people who wish to be
recognized. If Senator Collins is ready to go, I will yield to her and
then ask unanimous consent to speak immediately after her, then to be
followed by Senator Alexander, if that is the will of the body.
The PRESIDING OFFICER. Without objection, it is so ordered.
The Senator from Maine.
Ms. COLLINS. Madam President, first let me thank the Senator from
Delaware for his graciousness. In light of the fact that there are so
many people who are waiting to speak, I will be brief. But I want to
talk about the legislation that is before us, the cyber security bill.
This bill represents the Senate's best chance this year to pass
urgently needed cyber security legislation.
Why do I say it is urgent? Virtually every national and homeland
security expert, from President Bush's administration including
President Obama's administration, has warned us repeatedly that a cyber
attack is coming and it is an attack that is going to be aimed at our
critical infrastructure. For us to let disagreements over exactly how
to counter this threat prevent the passage of this bill would be a
tragedy and could lead to a tragedy. This is serious.
Yesterday we had a meeting with the FBI, with the Department of
Homeland Security, with GEN Keith Alexander, who is the head of cyber
command, and the head of the National Security Agency. They were
unanimous in warning us that Congress must act and must act now. Every
single day nation states, terrorist groups, hacktivists, persistent
hackers, transnational criminal gangs, are probing our cyber defenses.
Intrusions are rampant. As one expert told me, there are really only
two kinds of large companies in this country: those that know they have
been hacked and those that do not know they have been hacked. It is so
important that we act. I must say we are working very hard to try to
accommodate the concerns that have been raised by some of our
colleagues and by some in the business community. We, therefore, have
altered our bill in a significant way.
Another charge I have heard thrown loosely around here is that
somehow there has not been enough study; somehow there is not enough
process; somehow we need more hearings. Our homeland security committee
alone has had 10 hearings on cyber security--10 hearings. The Senate,
as a whole, has had 25 hearings and numerous classified briefings. How
many more briefings, hearings, and reports do we need? The head of the
FBI, Robert Mueller, has told us that in his judgment the threat of a
cyber attack will soon exceed the threat of a terrorist attack. Of
course, they may be combined. It may be a terrorist group using cyber
tools to launch an attack on this country. There is a Web site video
that shows an arm of al-Qaida which encourages cyber attacks and talks
about how easy it would be to conduct it.
Senator Lieberman and I, along with our three principal cosponsors:
Senator Feinstein, Senator Rockefeller, and Senator Carper, have made
significant changes in our bill to respond to concerns that have been
raised. Most notably we have gone from having a mandatory framework to
a voluntary approach to enhance the security of our most critical
infrastructure. The underlying concept of this approach, which was
suggested in a very constructive way by our colleagues Senator Kyl and
Senator Whitehouse, is to encourage owners of our most critical
infrastructure to enhance their cyber security by providing them with
various incentives, the most important of which is liability
protections. We have also made changes to improve the privacy
protections and the information-sharing title of our bill.
The bill establishes a multiagency council, the National Cyber
Security Council, to respond to concerns that too much power was being
given to the Department of Homeland Security. So now we have an
interagency body that includes the Department of Defense, the
Department of Justice, represented by the FBI, the Department of
Commerce, the intelligence community--undoubtedly it would be the
Director of the National Intelligence Office--and appropriate sector-
specific Federal agencies, such as FERC, if we are talking about how
best to protect our electric grid.
The council would work in partnership with the private sector and
would conduct risk assessments to identify our Nation's most critical
cyber infrastructure. What do we mean by that? We hear that term. What
exactly is critical cyber infrastructure? It is that which, if damaged,
could result in mass casualties, mass evacuations, catastrophic
economic damage to our country or severe harm to our national security.
Don't we want to safeguard critical national assets that if damaged
would cause numerous deaths, people to flee their homes, their
communities, a disaster for our economy, or a severe blow to our
national security? I can't believe there is even any discussion about
the need for us to have robust systems to protect us against mass
casualties, a devastating blow to our economy, and catastrophic
consequences. That is a high bar in our bill for defining what is
critical cyber infrastructure. It isn't every business in this country.
Those who are implying that it is and that this is sweeping are not
accurately reading the bill. We would be irresponsible if we did not
act when the warnings are so loud and are coming from so many respected
sources.
We have had the Aspen Institute Group on Cyber Security Issues
endorse our bill and urge us to go toward its consideration. That is
chaired by President Bush's Homeland Security Secretary Michael
Chertoff and by a renowned expert on the other side of the aisle,
former Congresswoman Jane Harman. It also includes people such as Paul
Wolfowitz, not exactly a liberal activist the last time I checked, but
certainly one who commands great respect for his knowledge in this
area.
I am amazed we are letting the clock tick down when we know it is not
a matter of if there is going to be a cyber attack on this country, it
is a matter of when.
Let me very briefly address another issue. Is there some opposition
among the business community to this bill? Yes, there is. But there is
also a great deal of support from the business community. We have, for
example, a letter from the NDIA, which represents 1,750 defense firms.
We have letters of endorsement from Sysco, Oracle, the Silicon Valley
Leadership Group, the Business Software Alliance, from Semantec, EMC
Corporation, the Center for a New American Security, endorsements from
individuals in the previous administration such as General Hayden, Mike
McConnell, and Asa Hutchinson. There are many supporters for this bill.
It is not surprising because they know how important it is that we act.
Ms. COLLINS. In closing, I wish to read a little from General
Alexander's letter, which is dated today. In it he says:
I am writing to express my strong support for passage of a
comprehensive bipartisan cyber security bill by the Senate
this week. The cyber threat facing the Nation is real and
demands immediate action--
Not action next year, not action next Congress, not action even after
the recess we are about to take. As General Alexander says:
The time to act is now; we simply cannot afford further
delay. Moreover, to be most effective in protecting against
this threat to our national security, cyber security
legislation should address both information sharing and core
critical infrastructure hardening.
That is exactly what the bill we have brought before the Senate would
do. I urge our colleagues to join us. If they have other ideas, offer
amendments, but let's get on with the task before us
[[Page S5715]]
before we are looking back and saying: Why didn't we act? Why didn't we
pay attention to all of those warnings?
The PRESIDING OFFICER. The Senator from Delaware.
Mr. CARPER. Madam President, while the Senator is still on the floor,
I wish to engage in a brief colloquy, ad-libbing this or, as I recall
in football, an audible. We have the two people who are most key to
this, Senator Lieberman, chairman of our committee, and Senator
Collins, our ranking member, who worked very hard with their staff and
our staffs to fashion this legislation.
In recent years when we heard opposition to doing something on cyber
security, the concern we had was there was going to be a top-down.
There was going to be Homeland Security, which in its early days did
not have a very good reputation. The idea was that somehow Homeland
Security was going to be running this top down without a whole lot of
input from industry. Basically we have taken even the second most
recent version of our bill, and we changed that. What we said is it is
not going to be top-down, it is not going to be Homeland Security
saying these are the best practices, these are the standards to protect
cyber security. Instead we said: Industry, what do you want to tell us?
``Us'' being Homeland Security, ``us'' being the Department of Defense,
``us'' being the National Security Agency, ``us'' being the FBI. What
do you think those best practice standards should be? Give us a chance
to work on those together.
Correct me if I am wrong, but I don't think the deal here is for
Homeland Security to say: You have to throw those away; those make no
sense, we will do it our way. That is not what is going to happen here.
In our meeting yesterday with the folks from the FBI and the National
Security Agency, that is not the way it is going to work. It is not the
way it works today and it is not the way it is going to work in the
future. What does the Senator think?
The PRESIDING OFFICER. The Senator from Maine.
Ms. COLLINS. Madam President, if I could respond through the Chair to
my colleague from Delaware, he is absolutely correct, this is a
collaborative partnership with the private sector, and indeed, it has
to be. Eighty-five percent of the critical infrastructure is owned by
the private sector, so it makes sense to have their involvement. We
restructured the bill to require that, and there is another safeguard.
Since this is a voluntary system we have now devised, adopting the Kyl-
Whitehouse approach, if the private sector decided not to participate,
it essentially invalidates the standards that are developed. So why
would this interagency council, which has developed the standards based
on the recommendations of the private sector, not adopt reasonable
standards? They want industry to participate. That is the ultimate
safeguard, I say to my colleague from Delaware and my colleague, the
chairman from Connecticut, who also may want to add to this.
The PRESIDING OFFICER. The Senator from Delaware.
Mr. CARPER. I am going to direct this question to our chairman
through the Chair. One of the other criticisms of the early version of
the bill was not only was it top-down oriented and directed by Homeland
Security, but also there were just sticks involved. We were not going
to incentivize anybody to comply with the standards that might be
developed, but we would just hammer somebody. That is not the way it
turned out. I commend the chairman for doing that.
Will the chairman lay out for us in a minute or two how it would
work? I think it is a much smarter approach.
The PRESIDING OFFICER. The Senator from Connecticut.
Mr. LIEBERMAN. I thank my friend from Delaware for the question. This
is now a voluntary system and there is a lot to be said about that.
I want to go back to that meeting yesterday. We had a broad
bipartisan group of Senators who have been most active, but from
different perspectives, on this question of cyber security legislation
who met yesterday with the key cyber security officials in our
government from the Department of Defense, Department of Homeland
Security, FBI, and the National Security Agency. I am going to explain
why we went to the carrots and took out the sticks by saying, in
general terms, these experts--not political people, these are pros who
deal with cyber defense--were asked by one of the Senators: What will
happen if we don't adopt this legislation or something like it this
session?
The cyber security professionals said to us: Our Nation will be more
vulnerable to cyber attack.
In other words, this legislation contains authority to share
information between the government and the private sector, between two
private sector companies, that can't be done now. That is critically
necessary to improve our defenses. The requirement of standards being
promulgated as a result of a--or resulting from a public-private
collaborative operation and then offering the carrot of immunity from
liability is something that doesn't exist now. All the experts say,
though some of the private sector operators of critical cyber security
infrastructure--we are talking, again, about the companies that run the
electric grid or the telecommunications system or the entire financial
system or dams that hold back water; we are not talking about ma-and-pa
businesses back home--some of them are doing a pretty good job at
defending that cyber infrastructure, but most of them are not doing
enough. That is where the government has to come in and push them in
that direction.
Why did we change it from mandatory to voluntary, from sticks to
carrots? Because we didn't have the votes to adopt the mandatory, which
I think is necessary. Because of the urgency of the threat, as I just
reflected that we heard yesterday from the professionals in this area,
we said--Senator Collins and I, Senator Rockefeller, Senator Feinstein,
Senator Carper--OK, we are not going to get 100 percent of what we want
around here, and we understand that, so let's settle for 80 percent.
Perhaps the other side will feel they got 80 percent. But what is most
important is that we will get something done to protect our security.
I must tell my colleagues we are at a point now in this debate, with
the kind of never-ending questions about every detail, not withstanding
all the compromises Senator Collins, Senator Carper and I have made and
the filing of an amendment by Senator McConnell to repeal ObamaCare--we
can have a position on ObamaCare, but to put it on this cyber security
bill is not fair, not relevant, not constructive.
I think we are coming to a moment where we are going to have to face
a tough decision. I have talked to the majority leader about filing for
cloture soon so we can draw this to a choice: Do our colleagues want to
act to protect our cyber systems in this session or do they not? That
is a tough choice, particularly if a Senator votes no, to have to
explain, in light of all the evidence of the constant cyber attacks
going on now and the cyber thefts of hundreds of billions of dollars
from our industries and tens of thousands of jobs lost as a result to
foreign countries, if the Senate is going to say, no, we don't want to
take that up now. I hope and pray that is not the case.
The way this is moving right now, this last week of the session
before we break, I am afraid we are headed in the wrong direction, and
we don't see the kind of willingness to compromise that ought to be
there. We are tested again in this Chamber: Are we going to fix
national problems? It is hard to do on some of the fiscal issues we
have turned away from, but on this one, traditionally, when it came to
our national security, we have put the special interests aside and
together dealt with the national security interests. I fear at this
moment, in response to my friend from Delaware, that is not the
direction in which we are going. I hope I am wrong. I am, by nature, an
optimist, but right now I am a pessimist.
I yield the floor.
The PRESIDING OFFICER. The Senator from Delaware.
Mr. CARPER. My colleagues have heard me say this before. We have been
joined by Senator Rockefeller, who has done great work, Senator
Feinstein, and others, Democratic and Republican, who have done fine
work on this legislation.
But I love asking people who have been married a long time: What is
the secret to being married a long time?
[[Page S5716]]
This is especially important for me to say this with Senator Collins
sitting on the floor. She and certainly her husband to be anticipate
their coming marriage. But I love asking people who have been married a
long time: What is the secret to be being married a long time? I get
great answers, funny answers but also some very profound ones, and the
best thing I ever got was the two Cs. What are the two Cs? Communicate
and compromise. That is not just the secret for a long marriage, a
union between husband and wife, but it is also the secret for a vibrant
democracy.
I think the two Cs characterize what is going on with this
legislation because I have been here a while--11 years--and I don't
know that I have ever seen better communication on an issue of this
importance than I have in this instance. It was very dramatic, very
satisfying, and frankly, compromise, the kind of compromise we have
talked about over the last 15 minutes or so, needed, given, done
willingly, to lead us to this point today.
It has been said before, and I will say it again. The reason we are
on this bill today, why we have taken it up today, this week, is
because our economy and our national security are under attack. This is
not the kind of war that some of us served in during our youth. This is
not the kind of war we have read about in history books. It is not the
kind of war we have seen and watched on TV. This war is occurring in
cyber space, and it is occurring in real time.
Literally, as I speak, it is being carried out by sophisticated
criminals, by terrorists, and even by other countries. While some
hackers just want to cause mischief or make a political point, others
want to hurt people, our people. Still others want to steal our ideas,
our intellectual property, as well as other sensitive information. From
clean energy technologies and defense systems to medical research and
corporate mergers, cyber spies are looking to steal some of the very
innovations that fuel our economy and help make us a great nation.
GEN Keith Alexander, the commander of U.S. Cyber Command, has called
these efforts the greatest transfer of wealth in history. Those of us
who have tried to put a dollar figure on how much intellectual property
we are losing to cyber theft have put the pricetag at about $\1/4\
trillion per year. It is not just valuable information we are losing.
To put it bluntly, it is American jobs, and it is our competitive edge.
Of course, the same vulnerabilities being exploited to steal our
intellectual property can be used by those who want to attack us to do
physical harm. With a few clicks of a mouse, cyber terrorists or a
sovereign nation could shut down our electric grid, they could shut
down manufacturing, they can release dangerous chemicals into our air,
they can release dangerous chemicals into our water supply. They could
disrupt our financial systems. At the very least, any one of these
attacks could further slow the economic recovery of our country or
disrupt it altogether.
In a worst-case scenario, a particularly lethal cyber attack could
throw parts of our country into chaos or even lead to widespread loss
of life. If my colleagues don't believe that, look at the impact the
recent summer storms and the resulting power outages had on this
region. If we don't become more vigilant and soon, a sophisticated
hacker can succeed in replicating that kind of power outage, putting
many lives in danger and severely undercutting the productivity of our
workforce.
The revised bill we take up today takes a number of bold steps to
better secure our critical infrastructure and share cyber threat
information. It will go a long way toward bringing our cyber
capabilities into the 21st century. It represents a good-faith effort
to address legitimate concerns of business and privacy groups of our
intelligence community and of Senators on both sides of the aisle.
None of this bill's five original cosponsors is suggesting our bill
is perfect. As my colleagues hear me say from time to time, if it isn't
perfect, make it better. With that thought in mind, we look forward to
working together with all our colleagues to find common ground to make
this legislation even better.
For example, many of my colleagues and I are concerned that we don't
have the proper safeguards in place when private information, ranging
from Social Security numbers to financial records, are compromised. The
American public expects that government agencies and private businesses
holding our tax information, our medical records, and other sensitive
data will take every precaution necessary to ensure that sensitive
information is secure and well protected. Too often those expectations
are not met.
That is why I have introduced a bipartisan amendment with my
colleague Senator Blunt to address concerns regarding data breaches
which occur all too often. Our amendment would ensure that Americans
can be confident that their private and sensitive information is made
more secure. As our Nation becomes increasingly reliant on
technological advances to do just about everything, it is imperative
that we not let technology outpace our ability to prevent fraud and
identity theft.
However, with the recent breach within the Federal employees
retirement program--the Thrift Savings Plan--over 100,000 Federal
participants know all too well that their sensitive private information
is not always safeguarded as it should be.
The amendment Senator Blunt and I are offering seeks to ensure that
all entities holding personal sensitive information have to adhere to a
national standard that is designed to keep that information safe while
ensuring that both consumers and law enforcement are promptly notified
in the event of a breach. This requirement would replace the current
patchwork of 46 separate State laws while ensuring that consumers have
a uniform set of protections they can understand. By adopting this
data-breach amendment and passing the broader cyber security bill, we
will enable the United States to lead by example both in preventing
cyber attacks from occurring in the first place and in responding
swiftly and effectively to protect consumers in the unfortunate event
of an attack or a breach.
As we consider our amendment, the Blunt-Carper amendment, let's
remember that this bill is not the finish line. If I can paraphrase
Winston Churchill, this is not the end. This is not the beginning of
the end. This bill really represents the end of the beginning. And as
beginnings go, it ain't bad.
Although we are still working out a compromise, I want to close by
talking very briefly about some of the features of the underlying bill
we are considering.
First--I will reiterate what has been said before; it bears
repeating--we have elected not to direct the Department of Homeland
Security to mandate new cyber security regulations for private owners
of critical infrastructure. We said we are not going to do that.
Instead, we have endorsed an approach that relies on a public-private
partnership and a voluntary cyber security program to strengthen the
electronic backbone of our most sensitive systems. Instead of
government penalties, our bill calls for using incentives such as
liability protection to encourage critical infrastructure owners to
adopt voluntary cyber practices developed by industry.
Second, our revised bill provides a framework for the sharing of
cyber threat information between the Federal Government and the private
sector while offering liability protection and better privacy
protections for all Americans.
Third, to ensure that Federal agencies are better equipped to stop
cyber attacks on them, the bill includes a number of security measures
that I have worked on for years with Senator Collins and others to
better protect our Federal information systems. In particular, this
bill will help replace our outdated, paper-based security practices
with a real-time security system that can actively monitor, detect, and
respond to threats. For example, agencies will be required to
continuously monitor their systems the way a security guard would watch
a building through a video camera rather than just taking a snapshop,
developing the film, and reporting on the results once a year.
Finally, our bill makes a number of important investments in
developing the next generation of cyber security professionals. This is
workforce development. For example, the bill provides stronger cyber
security training and
[[Page S5717]]
establishes better cyber security programs in our schools and in our
universities. This legislation also makes research and development for
cyber security a priority so we can develop cutting-edge technologies
here at home and bring jobs to our country. Doing so will not only make
us safer as a nation, it will help ensure that America's workforce is
better prepared for tomorrow's job market, and tomorrow is just around
the corner.
I wish to conclude my remarks here today with something that one of
our colleagues, Mike Enzi of Wyoming, introduced to me several years
ago. Mike calls it the 80-20 rule. He used it at the time to explain to
me how he, one of the most conservative Republicans in the Senate, and
the late Ted Kennedy, one of the most liberal Democrats in the Senate,
were able to accomplish so much prior to Ted's death when they were the
two senior leaders on the Senate Health, Education, Labor, and Pensions
Committee.
I said to Senator Enzi: How come the two of you, very different
people--one a Democrat and one a Republican--were able to get so much
done?
Senator Enzi said to me: Ted and I agreed on about 80 percent of what
needed to be done on most issues, and we disagreed on the other 20
percent. Somewhere along the way, we just decided to focus on the 80
percent we agreed on and set the other 20 percent aside for another
day.
The cyber security legislation we are debating here today this week
is an 80-20 bill. I think it is worth asking, is it worthwhile to pass
a bill that achieves maybe only 80 percent of what we want to do or
even only 70 percent of what we want to do? I would just say, well,
compared to what? Compared to doing nothing? Compared to zero? Given
all that is at stake in today's dangerous world, you bet it is
worthwhile. That much we ought to be able to agree on, so let's get it
done.
Like many of my colleagues who have worked on the legislation for
years, I welcome the opportunity this week to legislate--to legislate--
on an issue of great importance to our Nation, to offer our amendments,
to debate them, to defend them, to vote on them, make this bill better
by doing so, and in the end adopt this bill as amended by a bipartisan
margin. A lot of people in this country of ours question today whether
we are still able to set aside our partisan and other differences when
the stakes are high and summon the political will to do what is best
for America. Let's show them by our actions this week that, yes, we
can. Let's seize the day. Carpe diem.
With that, I yield the floor.
The PRESIDING OFFICER. The Senator from Connecticut.
Mr. LIEBERMAN. Madam President, I ask unanimous consent that the
period for debate only on S. 3414, the Cybersecurity Act, be extended
until 6:30 p.m.; further, that the majority leader be recognized at
6:30 p.m.
The PRESIDING OFFICER. Without objection, it is so ordered.
The PRESIDING OFFICER (Mr. Whitehouse). The Senator from New York.
Mr. SCHUMER. Mr. President, first, I wish to salute my colleague from
Delaware. We have a number of people in this body who will take on the
very tough issues--issues, frankly, that can only succeed when there is
bipartisan agreement but that are deep and complicated and take day
after day, week after week, even month after month of effort--and there
are not many who can craft that type of legislation. The Senator from
Delaware is one of them. He did it on the postal bill. He is doing it
here on cyber security. I believe on both of them he will have ultimate
success, and we thank the Senator. We thank him for his good work.
Now I would like to discuss the cyber security bill. I am very
hopeful that we will pass a bill that will find a good and workable
balance--one certainly that ensures that our critical infrastructure
has the most effective countermeasures to prevent cyber attacks but one
that will also encourage our dynamic technology industry to continue to
innovate, and protect freedom of expression and privacy on the
Internet.
Let me remind my colleagues that the Internet was originally
developed as a way for universities, governments, and companies to
collaborate on research and other projects. The whole purpose of the
Internet was meant to stimulate the open exchange of ideas, and as a
result it has changed the world. We have seen it in Egypt, in Russia,
in China. We have seen the Internet--people's ability to communicate,
unfettered by government or other strong forces--create huge amounts of
power--good power, positive power.
Just ask the entrepreneurs who developed whole new ways of selling
products and developing services about how the Internet was made to
stimulate the open exchange of ideas. It has given the opportunity to
someone with an idea to actually take that idea and turn it into a
business because it so reduces the transaction costs of doing so. Just
ask the inventors and creators who have fostered new means of
expression, allowing us to communicate in real time, efficiently and
inexpensively, with our colleagues all over the world.
I am an efficiency bug. I like to use ``I am a busy fella.'' I love
the work I do, and I like to use it as efficiently as possible--the
fact that I can have a laptop or an iPad in the car while the car is
driving forward. I am not driving; I am sitting there working. In the
old days, you could not do that. It is amazing how it has improved our
efficiency. It is sort of, in a certain sense, Adam Smith's dream
because it reduces transaction costs and allows us to focus effectively
on producing what people want and need.
In short, our cyber world is one we could have never imagined 30
years ago. It is both simple--it can be accessed through a few
keystrokes or screen touches--and yet it is enormously complex in its
infrastructure. We have to do everything we can to protect that free
and open access--that is the theme of my speech today--although we
also, of course, have to protect the critical infrastructure behind it.
We are all aware of the national security risks if we do not do a
cyber bill. Many of us have sat up in the Visitor Center, in the secure
room, and heard leaders of our military and intelligence agencies tell
us that the greatest threat to America is a cyber attack on our
critical infrastructure--in many of their estimation, even more
dangerous than terrorism.
Hackers broke into the Pentagon's F-35 Joint Strike Fighter project,
stealing the aircraft's design and electronic-related schematics. It is
not hard to imagine a scenario where hackers break into a gas refinery
or a nuclear powerplant to wreak havoc with the control computer
systems, nor is it hard to see a scenario where Iran attempts to learn
some of our nuclear secrets. So it is very important to deal with the
critical infrastructure piece.
Mr. President, let me commend you for your hard work in this area,
along with the Senator from Arizona. We are still hoping and praying
you guys can come to an agreement, along with the help of many. I know
Senator Mikulski has been very active and many other of my colleagues,
but the Presiding Officer's leadership has been exemplary as well, and
I would apply the same words to you that I applied to the Senator from
Delaware before in terms of working on complex, difficult projects and
moving forward with them.
Anyway, it is so very important that we protect our infrastructure,
but at the same time--and this is what makes the legislation even more
difficult--we have to be aware of the risk to a critical part of our
economy if we do not do it right, if we do not do it carefully, if we
do not do it thoughtfully, and if we do not balance the need to protect
infrastructure with legitimate rights of the freedom of the Internet
and of privacy.
To be perfectly frank, I have a big dog in this fight. You see, the
Silicon Valley may have given us the semiconductor, but New York City,
in my opinion, will be the birthplace of the next great generation of
Internet giants. New York entrepreneurs started Foursquare, Tumblr, and
Kickstarter. CodeAcademy, TechStars, and General Assembly are training
the next generation of Internet entrepreneurs. Venture capital is
flocking to New York to help these startups. For the first time, we are
getting engineers and scientists who want to be in New York. We are
still not at the level of the Silicon Valley, but we are probably No. 2
in the country in this regard, and, like all New Yorkers, we want to be
No. 1 at some point.
[[Page S5718]]
What is more, the existing Internet giants--Facebook and Google and
Twitter--have all opened major offices in New York City. Google has
over 3,000 people. I was proud to be at the opening of Facebook, and
they are so happy with their office, they are expanding its role
already. These companies know the talent and energy that are unique to
New York, and they do not want to miss out on the next great idea.
That, as I said, is likely to come from New York.
These ideas are not just important for New York but for America.
Internet and tech companies around the country have ushered in a new
era of change. They have made our world a drastically and dramatically
different place than it was even 10 years ago--a better world, a more
open world, a more productive world.
But one thing remains the same: We do not have a coherent and
comprehensive national strategy to protect the critical networks that
power our everyday lives--our homes, our businesses, and our computers.
It is akin to protecting the Taj Mahal with a chain link fence and a
bike lock. These networks protect our water systems and our financial
information, the electric grid and our e-mail accounts.
This bill goes a long way in establishing a set of principles and
programs that will make these vulnerable networks safer, but there are
some parts of the bill I fear go a step too far in the name of security
over privacy, and there has to be a balance. The same minds who have
given us the great Internet innovations of the 21st century have told
me, convinced me, educated me that we cannot cede too much power to one
side of this equation.
We all know that in this very complex cyber world, we do give up some
of our privacy, but unabated authority to stifle innovation in the name
of cyber security is a bridge too far. That is why I am happy to
cosponsor the amendment of my colleague from Minnesota Al Franken. He
has become an expert on trying to figure out how we can preserve the
dynamism, the effectiveness, the efficiency of the Internet but at the
same time preserve our privacy.
As more and more of our economic lifeblood has shifted into the cyber
world, we have an obligation to ensure that the infrastructure that
validates credit card purchases, directs planes, and controls
electricity is well protected against cyber attack. It is not a secret
that people want to disrupt our way of life, and it is easy to imagine
a world where terrorists attempt to take control of railroad switches
and traffic lights to cause incredible disruption to our everyday
lives. However, we must make sure that in protecting what we have, we
do not stifle innovation, we do not trample on people's privacy rights.
We have to leave room for the creation from the next Steve Jobs, Bill
Gates, or whomever, while protecting the security the average middle-
class family, the Baileys, feel when they go online to buy birthday
presents for their grandchildren.
So in the final bill, we must find the right balance to preserve the
economic viability of the Internet; otherwise, there will be no
critical infrastructure to protect. But we must protect privacy rights,
and I think the Franken amendment--and I commend it to my colleagues; a
lot of work has gone into it--puts the balance in the right place.
I hope that as we move forward on this bill--either now or in
September when we return--we will get broad bipartisan support for that
amendment because it enables us to, in a certain sense, have our cake
and eat it too: protect our infrastructure but at the same time
protect, nurture our creativity and the openness of the Internet and
protect our privacy.
With that, Mr. President, I yield the floor.
The PRESIDING OFFICER. The Senator from Nebraska.
The Farm Bill
Mr. NELSON of Nebraska. Mr. President, the worst drought in 50 years
has hit Nebraska and the entire Midwest hard. Every single one of
Nebraska's 93 counties is in a state of severe drought.
If you look at the chart I have in the Chamber, you can see that the
drought is throughout the Midwest, into the Middle East, down into the
Southeast, down into Texas and the West, even drought conditions in
Hawaii, and it is abnormally dry up in the northern part of Alaska. The
USDA has already declared more than 40 Nebraska counties as natural
disaster areas. If you take a look at this picture, you can see the
cornfields that are just completely dirt fields now; pasture that is
nothing more than dried grass, where there is still grass and dirt; the
soybean fields are decimated; and corn is in many areas not only
dwarfed in its growth but is not producing ears of corn. The bone-dry
conditions continue to damage corn, soybeans, pastures, and rangeland,
even as we speak.
Just last week a small blaze quickly spread over the parched land in
north central Nebraska. It rapidly grew into a fire that consumed tens
of thousands of acres, 14 houses, and forced many others from their
homes.
Nebraska is fortunate to have had hard-working firefighters in our
State and others to put out those flames. Hopefully, we will not need
to utilize their talents in the near future. Now what Nebraska needs is
disaster relief. And we are not alone. If you look at this chart, you
will see that a good part of the rest of the country needs disaster
relief as well. Unfortunately, the disaster programs in the 2008 farm
bill have already expired.
While the Senate passed the 5-year farm bill in June, the House is
not even expected to take action on it. The Senate's 5-year farm bill
strengthens and improves the 2008 farm bill, particularly the natural
disaster relief provisions. It beefs up and rehabilitates livestock
disaster programs, it provides tools to help reduce fire risk and
improve forest health, it improves and increases access to crop
insurance to protect against future natural disasters, it authorizes
direct and guaranteed loans for recovery from wildfires and drought,
and the list goes on--all important programs necessary to deal with
this disaster we are facing in our country today.
The Senate's 5-year farm bill makes necessary upgrades to the
policies in the 2008 farm bill to help Americans recover from natural
disasters, and it does it without digging the country deeper into debt.
The Senate passed this bipartisan farm bill in June, but the House will
not take action on it. Plus, the House is expected to move a separate
bill, essentially a 1-year extension of the old 2008 farm bill. A 1-
year extension of outdated and inefficient policies is not adequate, it
is irresponsible. We need the substantial reforms in the Senate's 5-
year farm bill now. A 1-year extension of current policy does nothing
to help those who need the farm bill and its disaster relief the most.
When you can do better, you should do better.
Congress passed a 5-year farm bill in 2008, 2002, 1996, 1990, 1985--
you get the picture--just about every 5 years between 1965 and today.
Surely the House can pass a proper 5-year farm bill. And the need to is
all the more apparent in the face of the nationwide drought, with the
disaster relief provisions in the 2008 farm bill having expired on
September 30 last year, 2011.
Now, instead of passing a 5-year extension of the farm bill, they
have held a lot of political messaging votes and they put off doing
what should have been done at the very beginning. And now, while
America is getting hit by drought and fire, while American farmers and
ranchers do not have the disaster relief because there is no farm bill,
the House is merely going to pass a 1-year extension of current
policies. They want to buy some time, kick the can down the road.
Well, now it is time for the House to do its job. Do what is right
for the country. Do not take the easy way out. Show the American people
that you remember why you are here and what you need to do and can
actually do it. Americans do not want a flimsy 1-year extension of
inadequate coverage and outdated policies. Americans want a dependable,
modern, and economical 5-year farm bill that cuts Federal spending.
That is what the Senate gave the House. That is what the House
Agriculture Committee gave the House to work with--its own 5-year plan.
Sure, there are real differences between the Senate bill and the House
Agriculture bill, but there should be room for consensus. So the House
must pass the bill or pass our bill, but do not pass a 1-year extension
of outdated policies that will not work for modern American
agriculture. Do not try to just coast along without a 5-year farm bill.
[[Page S5719]]
The lack of a 2012 farm bill will fail to provide certainty to
farmers and ranchers and lead to higher prices for all consumers at the
grocery store. And this is on top of the already predicted 3 to 4
percent rise in food prices caused by the drought. We do not want that
and America deserves better. Nebraska's farmers and our American
farmers and ranchers and all those affected by the drought are
depending on Congress to do our job right and fairly debate this issue.
So do not kick the can down the road.
I urge the House to bring a 5-year farm bill to the House floor as
soon as possible.
I yield the floor.
Mr. LIEBERMAN. Mr. President, I suggest the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The legislative clerk proceeded to call the roll.
Mr. LIEBERMAN. Mr. President, I ask unanimous consent that the order
for the quorum call be rescinded.
The PRESIDING OFFICER. Without objection, it is so ordered.
Mr. LIEBERMAN. Mr. President, I rise to continue the discussion on
the cyber security legislation, and particularly S. 3414, the pending
business before the Senate, which is the Cybersecurity Act of 2012, the
bipartisan piece of legislation to deal with an urgent national crisis.
I want first, again, to speak to our colleagues about the seriousness
of the threat. I think sometimes that because most people haven't
experienced the consequences of a cyber attack--and most are not aware
of the constant cyber theft going on with moving money from bank
accounts and stealing industrial secrets--frankly, a lot of the
businesses that are victims of the theft don't want to acknowledge them
or announce them for fear of exposing their own lack of adequate cyber
defenses, but also a kind of general embarrassment. Yet we now know as
a public matter--whether it has sunk into the consciousness among most
of the American people--that some great companies that are very tech
savvy, cyber savvy, have been the victims of cyber attacks.
Sony, RSA, Google, and others have come momentarily to public
attention, but I think what this has meant has been unclear to people.
It may, in fact, be unclear to many of the leaders of the private
corporations that control so much of our critical cyber infrastructure.
In America, 80 to 85 percent of the critical infrastructure is
privately owned. That is the American way. That is the way it ought to
be. But it means when the private sector owns critical infrastructure
which can, and will be, a target of hostile action, enemy attack in
this new world of ours, then we have to create a partnership with the
private owners of this critical infrastructure to raise our defenses
because it is not just their businesses they are defending, it is the
security of the United States.
A chief information officer at one of the businesses that owns part
of our critical infrastructure said to me at one point that it is hard
to get the attention of the CEO on this problem. The CEO is balancing a
lot of considerations, looking at annual budgets and quarterly profits.
For the average CEO, the threat of cyber attack is distant. For the
average chief information officer, it is not so distant.
As the majority leader pointed out earlier, I think it may help to
look at something very difficult to look at, which is what is happening
in India today where the power system has collapsed for hundreds of
millions of people. That is a breakdown, as far as we know--and I
believe that is what is the fact--that is a breakdown in parts of the
electric grid.
Let me give another example. Last year, in Connecticut, we had a very
serious early winter storm where there were still a lot of leaves on
the trees; the branches were heavy. A lot of trees fell and took out a
lot of power lines in our State. A lot of people were without power for
days and days and days. Public buildings were used as shelters for the
homeless. Elderly people, particularly, were affected with food
spoiling in the refrigerators, the lack of lights in their dwelling, et
cetera.
Just imagine for a moment if that was not the result of a weather
event but of a cyber attack. Cyber systems are controlling the electric
power grid, and I believe they are vulnerable. I think the same of a
lot of the other cyber systems that control critical infrastructure in
our financial system. The computer systems we depend on for the
movement of money from one account to the other, the direct deposits we
do, the money in our accounts, the billions of dollars that move
between financial institutions every day--what would happen to our
country if those systems were knocked out or what would happen if Wall
Street and the stock exchanges were knocked out?
Again, as I said earlier today, think about the real nightmare
situation, which is that a dam controlled by a cyber system is
penetrated by an enemy who opens the dam and unleashes water, and
torrents of water knock out communities in the path of that water and
kill a lot of people. That is all, unfortunately, the age that we live
in and the vulnerability we have.
There was a story in the Washington Post--I believe I talked about it
before in this debate, but I will repeat it--about a young man on the
other side of the world sitting at his computer at home. He was nothing
special, but he was smart and computer savvy. He broke into the
computer-controlled system--the cyber system controlling a small water
utility in Texas. He had the ability to disrupt the functioning of that
entire utility. He didn't do it, thank God. He posted online what he
had done--a warning at least, perhaps a bit of bragging that he was
able to do it. But think about an enemy who had hostile intent against
the United States who would launch similar attacks against several
small utilities around the country--or large utilities, for that
matter.
Mr. President, last week, the people who are the real experts on
cyber space gathered in Las Vegas at the annual--and this is an
interesting title--Black Hat Computer Security Conference. They issued
yet more warnings.
The conference opened with a very strong warning from Shawn Henry
who, until recently, was the Assistant Director of the FBI in charge of
the FBI's considerable cyber program. Some people call Shawn Henry the
Nation's top cyber cop. He said this at the Black Hat Conference:
The adversary knows that if you want to harm civilized
society--take their water away, do away with their
electricity. There are terrorist groups that are online now
calling for the use of cyber as a weapon.
He went on:
People will not truly get this until they see the real
implications of a cyber attack. For example, people knew
about Osama bin Laden prior to 9/11, but that awareness had
risen by several orders of magnitude after the attacks.
Mr. Henry, former director of cyber programs at the FBI, concluded:
I believe something like that will have to happen in the
cyber world before people truly get it.
Obviously, we all hope and pray not, but at this moment in this
debate, in the Senate's consideration of the Cybersecurity Act, there
are a lot of inflexible positions that are being taken. People are not
willing to come together across ideological and political divides to
deal with a problem and a threat that faces us all. I fear that Mr.
Henry may well have been right.
Mr. President, I urge my colleagues, don't run the risk that it will
take a cyber 9/11 to bring us rushing back here to adopt cyber security
legislation. It doesn't take much to imagine what will happen if we are
the victims of a major cyber attack. Minor cyber attacks are happening
every day. Major cyber thefts occur regularly in America every day.
Let's heed the warning and come together over special interests to meet
a national security interest and challenge.
I yield the floor and suggest the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The assistant legislative clerk proceeded to call the roll.
Mr. NELSON of Florida. Mr. President, I ask unanimous consent that
the order for the quorum call be rescinded.
The PRESIDING OFFICER. Without objection, it is so ordered.
Mr. NELSON of Florida. Mr. President, there is such an important
subject that is looming over the country right now that Congress can do
something about; that is, the possibility of
[[Page S5720]]
cyber attack. We have had this discussed by a number of people in very
high and responsible positions and the threat is real.
What the threat means to all of us in our everyday lives is that
electrical systems could be shut down, water systems could be shut
down, the banking system could be shut down, sewer systems could go
awry, and we can go on and on. For months we have been stymied from
passing anything because of a disagreement in the business community,
which is going to be one of the main recipients of a potential cyber
attack.
I will choose my words very carefully as a member of the Senate
Intelligence Committee and say this potential attack is real. It is
real not only from rogue players but also some state actors, and we
need to get this legislation up and going. I am most encouraged to
think we are at a position to get agreement; that the chairman and vice
chairman of our Intelligence Committee are going to come together in an
agreement. We need to pass this--this week--because this is deadly
serious.
I refer to a letter that has been made public from the commander of
Cyber Command, a four-star general, GEN Keith Alexander. He is also the
head of the National Security Agency. He has done a remarkable job. He
sent a letter, dated today, to the majority leader imploring the Senate
to move.
Whatever disagreements there have been over the concern of the
Department of Homeland Security being the interfacing agency can be
worked out. The National Security Agency--which almost all of us have
enormous confidence in--is going to be directly involved.
It is my hope and I am expressing optimism that we are going to get
this legislation out of here and to the House. If they can't pass it
before this August recess, at least we can have some items over the
August recess start to be informally conferenced to iron out any
differences between the House and the Senate.
The PRESIDING OFFICER (Mr. Bennet). The Senator from Rhode Island.
Mr. WHITEHOUSE. Mr. President, I am here this afternoon to speak
about the Cybersecurity Act of 2012, the measure that is on the Senate
floor right now. This important bill addresses a serious and immediate
threat to our Nation's security. I served 4 years on the Intelligence
Committee during which I worked hard to understand the cyber security
threat. I helped Senator Mikulski and Senator Snowe write the Senate
Intelligence Committee Cyber Security Report. I am the chairman of the
Judiciary Subcommittee on Crime and Terrorism that has jurisdiction
over cyber security. As I have explained before on the floor of the
Senate, the cyber threat against our Nation--against our intellectual
property, against our privacy, and against our safety--is vast and it
is upon us. It is a national security threat. It is a national economic
threat. We cannot afford to wait to pass legislation to respond to this
threat. The leading national security experts in each party agree: Now
is the time to pass comprehensive cyber security legislation.
The Cybersecurity Act of 2012 is a strong, comprehensive bill that
will make our Nation safer. It will provide for the sharing of threat
information between the government and private sector, and it will
provide for the hardening, for the protection of the networks of the
private companies that operate America's critical infrastructure--that
run our electric grid, that run our financial networks, that run our
communications systems and the other infrastructure that is essential
to conducting the day-to-day way of life Americans enjoy, that is
essential to our national security and to our economic well-being.
The Senate voted to proceed to this bill in a very broad, bipartisan
manner--84 votes, as I recall. It has been disappointing in the wake of
that that some elements within the business community are failing to
cooperate, are failing to, for instance, provide constructive
suggestions in areas where they have disagreement with this important
legislation. Indeed, some appear intent on just preventing the Senate
from passing legislation that would make us all safer.
In some cases these interests are not negotiating to get a bill that
protects their interests. They are blockading to stop a bill that will
protect all of our interests. To put this blockade into context,
consider the views of GEN Keith Alexander, the Director of the National
Security Agency and of United States Cyber Command. General Alexander
is the most senior and respected cyber security expert in our Nation's
military. He runs our two most technically sophisticated and skilled
cyber operations. Today he wrote:
The cyber threat facing the Nation is real and demands
immediate action. The time to act is now; we simply cannot
afford further delay. Moreover, to be most effective in
protecting against this threat to our national security,
cyber security legislation should address both information
sharing and core critical infrastructure hardening.
The Cybersecurity Act addresses both of those issues, information
sharing and core critical infrastructure hardening. It does what our
military's leading cyber security expert says is necessary to be done
to protect the Nation.
That, then, is the view of the leader of our military cyber warriors
and cyber defenders based on both deep experience and access to the
most deeply classified information held by the U.S. Government.
In contrast, industry arguments against cyber security legislation
appear to have been developed with little or no awareness of the threat
facing our Nation. Kevin Mandia of the leading security firm Mandiant
has explained, for example, that ``in over 90 percent of the cases we
have responded to, government notification was required to alert the
company that a security breach was underway. In our last 50 incidents,
`` he said, ``48 of the victim companies learned they were breached
from the Federal Bureau of Investigation, the Department of Defense, or
some other third party.''
The FBI's experience was similar. When the FBI-led National Cyber
Investigative Joint Task Force informs the corporation it has been
hacked, 9 times out of 10, the FBI reports, the corporation had no
idea.
In Operation Aurora, the cyber attack which targeted numerous
companies, only 3 out of the approximately 300 companies attacked were
aware that they had been attacked before they were contacted by the
government.
These are not unique incidents. Globally, I have said, General
Alexander has said, and others have said that America is right now on
the losing end of the largest illicit transfer of wealth in human
history through cyber attack and through the theft through cyber attack
of our intellectual property. So this is an industrywide problem.
Even the U.S. Chamber of Commerce has been the completely unwitting
victim of a long-term and extensive cyber intrusion. Just last year the
Wall Street Journal reported that a group of hackers in China breached
the computer defenses of the U.S. Chamber, gained access to everything
stored on its systems, including information about its 3 million
members, and remained on the U.S. Chamber of Commerce's network for at
least 6 months and possibly more than a year. The chamber only learned
of the break-in when the FBI told the group that servers in China were
stealing its information.
Even after the chamber was notified and increased its cyber security,
the article stated that the chamber continued to experience suspicious
activity, including a ``thermostat at a townhouse the Chamber owns on
Capitol Hill . . . communicating with an Internet address in China . .
. and . . . a printer used by Chamber executives spontaneously . . .
printing pages with Chinese characters.'' These are the people we are
supposed to listen to about cyber security.
A recent Bloomberg News article makes it clear that this was not an
isolated incident. It describes how hackers linked to China's army have
been seen on the networks of a vast array of American businesses. The
article describes how what started as assaults on military and defense
contractors have widened into a rash of attacks from which no corporate
entity is safe. Among other cyber attacks, Bloomberg News reported, the
networks of major oil companies have been harvested for seismic maps
charting oil reserves--it saves work if you can steal that information
rather than find it yourself--
[[Page S5721]]
patent law firms have been hacked for their clients' trade secrets--
again, free access to valuable information--and investment banks have
been hacked into for market analysis that might impact the global
ventures of certain state-owned--nation-state-owned, foreign-country-
owned operations.
After having been victimized repeatedly by cyber attacks and having
learned about them only when the government arrived to help them fix
the problem, one would think critical infrastructure operators or their
representatives would be keenly aware of the urgent need for cyber
security legislation. One would think they might come to this issue
with some sense of humility based on the patent inadequacy of their
defenses. One would think that elected officials sworn to the
protection of this country might view with some caution and some
skepticism claims by folks who are hacked and penetrated virtually at
will, usually without even knowing about it, that they can handle this
just fine on their own. Yet industry opposition remains, even after the
bill has been revised to include a very business-friendly, voluntary,
incentive-based approach to hardening up critical infrastructure that
we all depend on. Unfortunately, some colleagues can only hear the
siren song of the industry lobbyists, even with plain and ominous
national security threats staring them in the face.
Some in industry claim that a bill with only information sharing
between the government and business would be sufficient and that
protection of critical infrastructure is not necessary. This premise is
wrong. Statements to the contrary are simply false. Such assertions
have been repudiated by the people who lead the charge with our
Nation's defense, and who have been confirmed in these roles by the
Senate who have repeatedly, and as recently as today, emphasized the
need to protect critical infrastructure. These officials include
Secretary of Defense Panetta, Director of National Intelligence
Clapper, Attorney General Holder, Secretary of Homeland Security
Napolitano, and others.
Indeed, it is not just this administration that holds this view. A
wide range of national security experts from previous Republican
administrations have emphasized the vulnerability of our critical
infrastructure, including former Director of National Intelligence and
NSA Director ADM Mike McConnell, former Secretary of Homeland Security
Michael Chertoff, and former assistant attorney general OLC, and now
Harvard Law School professor Jack Goldsmith. These people know what
they are talking about, they are not kidding around, and they deserve
to be listened to.
Secretary Chertoff has explained that the existing status quo is not
generating adequate cyber security for our critical infrastructure. The
marketplace, former Homeland Security Secretary Chertoff has explained,
is likely to fail in allocating the correct amount of investment to
manage risk across the breadth of the networks on which our society
relies. One example of this type of market failure is the decision of
gas, electric power, and water utility industries to forgo
implementation of a powerful new encryption system to shield
substations, pipeline compressors, and other key infrastructure from
cyber attack because of cost concerns. It should be noted the costs in
this case would be approximately $500 per vulnerable device, and they
still would not do it.
The unwillingness of industry to adopt necessary security standards
is particularly troubling when we consider the scope and scale of the
risks associated with a failure of critical infrastructure. The current
electricity grid knocked down in India--leaving 600 million people
without power--shows how bad things can get when critical
infrastructure fails. The cause of this massive failure is not clear,
and there is not yet any evidence that it was caused by a cyber attack,
but it vividly illustrates the vulnerability of humankind when the
critical infrastructure we depend on is knocked down and of the
terrible possible consequences of the failure of that critical
infrastructure.
The scale of the threat we face, the plain inadequacy of current
safeguards in the corporate sector, and the consequences of failure in
this area of critical infrastructure all join together to demand
passage of comprehensive cyber security legislation. This is a matter
of national security. It is our responsibility here in this building to
do what we can to make the Nation safer regardless of any parochial
interests. Now is the time for us all to come together to get this
important job done.
I will conclude by saying we are tantalizingly close to having an
agreement. If people will take one last step forward to get that
agreement, I think we can do it. If people back away because of the
urging of parochial interests, we will fail at this opportunity.
I want to conclude by expressing my congratulations to the chairman
of the committee on Homeland Security and his ranking member who have
worked hard and who have given an enormous amount. We began with a
traditional government-run regulatory procedure, which is one that
everybody is familiar with and has lots of checks and balances in it,
but it is also a fairly mandatory and top-controlled procedure. As a
result of considerable bipartisan discussions, a new model emerged that
allows the industry immense independence and control in this area.
The regime it has been moved to is a huge step by the chairman and
the ranking member and begins with the rule that originates in the
private sector, has it vetted by experts from the private sector, has a
national institute for science and technology review as well, ends up
with an array of government agencies approving or disapproving that,
and whatever standard is ultimately approved by the government council
of agencies, the industry companies are free to opt in or opt out. If
they think the regulation is unreasonable, they are at liberty to opt
out entirely. A comprehensive liability protection structure has been
created as an inducement for companies to participate, but it is a
strong and powerful check on the standard-setting apparatus that
ultimately the industry can choose to opt out if it is unreasonable. An
enormous step has been taken by the authors of the current bill toward
a compromise. We need a step coming back the other way in order to get
this done.
I see my distinguished colleague from Tennessee is here. Let me take
one moment as I yield to express my appreciation to Nick Patterson of
the Department of Justice who has been on my staff on assignment from
the national security division for months and months working on this
issue. Today is his last day. I want to thank him for his work on this
effort. I want to thank the Department of Justice for loaning him to me
and having them lose this valuable member of their national security
division to help us develop this legislation. He has been a valuable
part of an immensely capable team in my office, led by Stephen Lilley,
that has gotten us to at least where I am today on this legislation.
I thank the Presiding Officer, and I thank the Senator from Tennessee
for his courtesy.
I yield the floor.
The PRESIDING OFFICER. The Senator from Tennessee.
Mr. ALEXANDER. Mr. President, the majority leader is coming to the
floor at 6:30, and I will yield to him at that time.
I would like to thank Neena Imam, who is sitting with me, for serving
on my staff for the past two years as a fellow with the Oak Ridge
National Laboratory. She has done a terrific job working for me on
energy and environmental policy.
Mr. President, today is the 100th anniversary of Milton Friedman's
birthday, the Nobel Prize Laureate. One of his most important
statements, in my opinion, was this, ``Nothing is so permanent as a
temporary government program.'' It was reported by several media
outlets that Governor Mitt Romney has taken the position that the wind
production tax credit should be allowed to expire at the end of the
year. He must have known Milton Friedman's birthday was coming today. I
wouldn't presume to speak for Milton Friedman, but I think he would
applaud Governor Romney's position. It shows his seriousness about our
fiscal problems in the United States. It's time to end a temporary tax
credit that was put into law in 1992, when President George H.W. Bush
was in office and when Milton Friedman was
[[Page S5722]]
only 80 years old. The wind production tax credit was a temporary tax
break, in 1992 to encourage wind power. We give wind developers 2.2
cents for every kilowatt-hour of wind electricity produced. And now
it's about to expire at the end of the year. It needs to be extended
again the developers say. Nothing is so permanent as a temporary
government program. They tell us just one more time. But it is an
argument like this that has got us into the fiscal mess we have as a
Nation.
The United States of America, according to the Joint Tax Committee
and the U.S. Treasury, is spending $14 billion on subsidizing giant
wind turbines over a five-year period, $6 billion of it is this
production tax credit. That's why I am so pleased to see Governor
Romney support the idea of more responsibility in our spending. We
spend too much money in Washington that we do not have, and it has to
stop. There are many reasons we don't need this particular provision of
the tax code.
First, we can't afford it. From 2009 through 2013, the tax credit
will cost taxpayers $6 billion over five years, and the grants will
cost another $8 billion over that same five years. At a time when the
federal government is borrowing 40 cents of every dollar it spends, we
cannot justify such a subsidy, especially for what the U.S. Energy
Secretary calls a ``mature technology.''
Second, despite all the money, it produces a relatively small amount
of electricity, producing only 2.3 percent of our electricity in the
United States. We're a big country. We use 25 percent of all the
electricity in the world. We're not going to operate our country
through windmills.
Third, these massive turbines too often destroy the environment in
the name of saving the environment. Some are 50 stories high--taller
than the Statue of Liberty--with blades as long as a football field,
weighing seven tons and spinning at 150 miles an hour, with blinking
lights visible for 20 miles. These aren't your grandma's windmills.
These gigantic turbines are three times as tall as the sky boxes at
University of Tennessee's Neyland Stadium in Knoxville. There is a new
movie called ``Windfall'' about residents in upstate New York who are
upset and have left their homes because of these big wind turbines.
Mr. President, the majority leader has come to the floor, and I will
forgo my remarks at this time so he has a chance to say what he wishes
to say.
Mr. REID. Mr. President, it is my understanding that the senior
Senator from Tennessee wishes to speak for another 10 minutes, is that
right?
Mr. ALEXANDER. Mr. President, 5 minutes would do it.
Mr. REID. Mr. President, I ask unanimous consent that the period for
debate only on S. 3414, the Cybersecurity Act of 2012, be extended
until 6:40, and that at 6:40 I be recognized.
The PRESIDING OFFICER. Without objection, it is so ordered.
The Senator from Tennessee.
Mr. ALEXANDER. I thank the majority leader for his courtesy, and I
will continue.
The fourth reason that we don't need to allow these production tax
credits for wind to be renewed is that they have not created as many
American jobs as expected. An American University study reported in
2009 that the first $1 billion of stimulus grants to wind went to
foreign manufacturing companies.
And what did we get in return for these billions of dollars of
subsidies? A puny amount of unreliable electricity generated mostly at
night when we don't use it.
I mentioned a little earlier that our country is a big country. It
uses lots of electricity. The Senator from Rhode Island was talking
about the problems in India that are being caused by failure of the
grid. We need large amounts of reliable baseload electricity to power
this country. We're very fortunate that we have, through unconventional
natural gas discoveries, found that we're going to have a lot of cheap
natural gas in the United States, and we can make electricity from
natural gas power plants at a low cost and with very little air
pollution.
Nuclear power produces 70 percent of our carbon-free electricity, and
20 percent of the total electricity generated in the U.S. It needs to
be a part of our future energy mix. Coal should also be part of our
energy future, as long as coal plants have pollution control equipment
on them to reduce the sulfur, nitrogen and mercury. I was one of those
senators who voted to require coal plants that operate in the future to
have pollution control equipment on them. This means in a few years
every operating coal plant in the United States will be clean except
for carbon, and I am convinced that such programs as ARPA-E at the
Department of Energy will find what I think is the holy grail of energy
technologies.
One of the companies that ARPA-E invests federal research dollars in
is experimenting with growing micro-organisms on electrodes. These
bacteria can turn carbon dioxide into fuel. In other words, they create
a commercial energy use for the carbon that comes from our coal plants.
And when that happens, the United States will have massive amounts of
cheap, clean, reliable electricity. And we won't be powering our
country with windmills.
We should congratulate Dr. Friedman for his great career, for his
wisdom in pointing out to us that nothing is so permanent as a
temporary government program, and applaud Governor Romney for
recognizing that and calling for the end of this tax credit.
We're coming upon something we call the fiscal cliff. I know the
senator from Colorado is very interested in this, spending a lot of
time working in a bipartisan way to try to find a way to deal with it.
My friend, the Foreign Minister of Australia, is a great fan of the
United States, and he said to the United States that we're one budget
agreement away from restoring our global preeminence--One budget
agreement away from restoring our global preeminence.
Now, to get that agreement what do we have to do? We have to deal
with appropriations bills at the end of the year, a problem we may have
solved today with a solution the leaders recommended. We have to deal
with the Bush tax cuts, and multiple items that expire at the end of
the year such as the tax extenders that need to be renewed or not, and
the alternative minimum tax which started out as a tax on rich people
and now threatens to impact millions of Americans. There's appropriate
payment to doctors who provide medical care, we call this the doc fix.
There is the sequester that none of us likes. There's the problem of
the debt limit, the payroll tax cut and unemployment benefits. All of
this is happening at the end of the year.
This is a good time to get serious about with dealing with the fiscal
cliff, and let a 20 year, temporary tax break to encourage wind
energy--which costs the American people $6 billion over five years--to
expire and let wind stand on its own. I would suggest that for the $6
billion in savings we put $2 of every $3 we save into reducing the debt
and $1 into energy research to see if we can find even more amounts of
cheap, clean energy.
So it is a good occasion to celebrate Milton Friedman's 100th
birthday, and it is a good occasion to applaud Governor Romney for
following Milton Friedman's advice: ``Nothing is so permanent as a
temporary government program.''
I thank the Presiding Officer. I thank the majority leader for his
courtesy.
Mr. WHITEHOUSE. Mr. President, I rise to discuss three amendments to
the Cybersecurity Act of 2012 that I am introducing today with Senator
Mikulski. This important piece of legislation, which was introduced by
Senators Lieberman, Collins, Feinstein, Rockefeller, and Carper,
responds to the serious and growing cyber security threat facing our
Nation. It will strengthen our national security, our economic well-
being, the safety of our families, and our privacy. The three
amendments Senator Mikulski and I are introducing today would ensure
that the bill also harnesses law enforcement agencies' cyber
authorities and capabilities as effectively as possible.
I am very honored that Senator Mikulski is introducing these
amendments with me today. She has a long record of continued leadership
on law enforcement and national security issues. It has been a
privilege to work with her on the challenge of protecting Americans
against cyber security threats, first on the Intelligence Committee and
more recently in a series of
[[Page S5723]]
discussion and working groups. As the chairman for the Commerce,
Justice, Science, and Related Agencies Subcommittee of the
Appropriations Committee, her assessment of the right approach to law
enforcement issues in cyberspace draws from a wealth of experience and
expertise. I am very grateful to her for her leadership on these
issues.
The first amendment we have introduced addresses the scale and
structure of law enforcement's cyber resources. Law enforcement
agencies have vital roles to play against cyber crime, cyber espionage,
and other emerging and growing cyber threats. Congress must ensure that
law enforcement agencies are organized and resourced in a manner that
allows them to fulfill these important responsibilities. To date,
investigatory responsibilities for cyber crime have been assigned
within existing agencies, with some held by the FBI and others by the
Secret Service or other agencies. Prosecutorial responsibilities have
been distributed among the National Security Division, the Computer
Crime and Intellectual Property Section, and U.S. attorneys' offices
across the country. Law enforcement has had some important successes
with this model, such as the FBI's takedown of the Coreflood botnet,
but these successes need to be achieved with much greater frequency.
FBI Director Mueller stated that a ``substantial reorientation of the
Bureau'' will be necessary to achieve that goal. It is Congress's
responsibility to ensure that any reorientation of law enforcement
maximizes law enforcement's effectiveness against the cyber threat and
uses Federal resources as efficiently as possible. This will require
Congress to consider important issues such as whether cyber crime
should have a dedicated investigatory agency akin to the DEA or ATF,
whether existing task force or strike force models are well suited for
addressing the cyber threat, and how cyber resources should be scaled
given the future threat.
To address these questions, our amendment would require an expert
study of our current cyber law enforcement resources. This study will
evaluate the scale and structure of these resources, identifying
strengths and weaknesses in the current approach and providing
recommendations for the future. This amendment thus will provide
Congress a necessary expert assessment to guide our work in the years
ahead.
The second amendment we have introduced would ensure that existing
and effective cyber law enforcements efforts are not unintentionally
disrupted by changes made in title II of the bill, which covers
``Federal Information Security Management and Consolidating
Resources.'' This title makes a number of valuable changes and reforms
to current law, including the creation of a center within the
Department of Homeland Security that will lead efforts to protect
Federal Government networks. The creation of this center is an
important step forward in protecting Federal networks, but we must
ensure that its operations do not disrupt law enforcement relationships
and activities that currently are making our country safer. For
example, the FBI-led National Cyber Investigative Joint Task Force,
NCIJTF, must be allowed to continue its much needed and effective work
on cyber law enforcement and intelligence.
Our amendment would clarify that the new center is focused on the
protection of Federal networks and that its responsibilities do not
extend to law enforcement. Specifically, the amendment would add a
savings clause indicating that the title does not pertain to law
enforcement or intelligence activities. It also would add definitions
that help provide a clearer picture of the new center's role in
protecting Federal Government networks and responding to cyber threats,
vulnerabilities, or incidents.
The final amendment we are introducing today is to title VI, which
covers international cooperation. This title, which incorporates
legislation first introduced by Senator Gillibrand and Senator Hatch,
will help clarify and strengthen the ability of the Federal Government
and particularly the Department of State to develop international cyber
security policy. Language in the title, however, could be read to
disrupt existing and effective working relationships between American
and foreign law enforcement agencies, interfere with the exercise of
prosecutorial discretion, and to limit the Department of Justice's
accountability to Congress for the law enforcement decisions it makes.
Our amendment would ensure that the Department of Justice works
collaboratively with the Department of State as it exercises its
prosecutorial discretion and that it is accountable to Congress for
cyber crime issues for which it is responsible and regarding which it
has particular expertise.
I look forward to working with the managers of S. 3414 and any
interested colleagues on these important issues. I thank Senator
Mikulski for her cosponsorship.
I yield the floor, and I note the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The bill clerk proceeded to call the roll.
Mr. REID. Mr. President, I ask unanimous consent that the order for
the quorum call be rescinded.
The PRESIDING OFFICER. Without objection, it is so ordered.
Mr. REID. Mr. President, to say I am disappointed is a tremendous
understatement. This body is debating a measure that would prevent what
national security experts on a bipartisan basis have called a serious
threat to our Nation since the dawn of the nuclear age. Senator McCain
called this danger an existential threat to our Nation.
Democrats were prepared to work on a bipartisan basis to pass this
legislation. I, personally, have convened many meetings, going back 2
years ago, to have a piece of legislation that we could pass through
this body. In that 2 years' time, things have gotten worse, not better,
as far as threats to our country. We have been prepared to address
concerns raised by the private sector, and I think it is only fair to
say that for the leaders of the committees involved in this issue,
there has been real cooperation, from both Democrats and Republicans.
I have said on the Senate floor many times that the work of Senator
Lieberman and Senator Collins has been exemplary. The major part of
this bill is within their jurisdiction dealing with homeland security.
I have always envisioned they have been prepared to engage in a robust
debate and to consider amendments designed to perfect the bill. I know
that is how I feel. Above all, I thought we had all been prepared to
put national security above partisan politics to address this urgent
matter.
I was surprised this morning to hear Senator McConnell say he would
like a vote on repealing ObamaCare on this bill. That is really not
appropriate. Some Republican Senators have said this matter is going to
be filibustered unless they have the right to vote on an amendment to
repeal health care reform. Obviously, that is it. The Republican leader
said that, but then I thought that might fade away.
Every Tuesday after our caucuses--the Republicans have one and the
Democrats have one--Senator McConnell and I meet at the Ohio clock, as
it is called, and both of us make a statement and answer questions the
press gives us. It is not a jump ball, as in whoever gets there first
gets to make the first presentation. We wait, and if one of us is not
ready, the other goes first.
Sometimes he goes first; sometimes I go first. But the important
point in the one today is that--and I am paraphrasing but the point is
certainly valid--the Republican leader said out here, with the entire
press corps and his leadership team with him, that cyber security--
remember, I am paraphrasing--is something we should do, but it will
take several weeks to do it. Not this week.
Compare that to the words of GEN Keith Alexander, commander of the
U.S. Cyber Command, who wrote Senator McConnell and I today. And here
is what he said. This is a quote:
The cyber threat facing this Nation is real and demands
immediate action. The time to act is now. We simply cannot
afford further delay.
I have tried to figure out a way of describing how I feel about
this. I said ``disappointed,'' and that is certainly true;
``flummoxed,'' that is certainly true. I cannot understand why we are
in this position. I am so disappointed that Leader McConnell and his
colleagues--some of his colleagues--would
[[Page S5724]]
prevent us from acting on this urgent threat. I am particularly
astounded they would rather launch yet another attack, for example, on
women's health than work to ensure the security of our Nation.
I have no choice but to file cloture on this matter. I would hope we
could get cloture, but I am a realist, as I have learned after having
tried to work through 85 different filibusters in this congressional
session. I remain hopeful that they will come to their senses and
realize the urgent need for action on this matter.
There was a really inspirational presentation made in our caucus
today by Senator Barbara Mikulski of Maryland. Again, I am
paraphrasing, but I am pretty direct in remembering what she said. I
was not present when Senator McConnell made his statement. Senator
Mikulski said: I have served on the Intelligence Committee for 10
years. And she said: This legislation creates a rendezvous with destiny
for our country. We have to do something, and we have to do it soon.
I have stated to Senator Lieberman, to Senator Collins--anyone who
will listen--this is not a partisan piece of legislation. It should not
be. I am happy to work on an agreement to consider relevant amendments,
but this matter has been pending since last Thursday. Today is Tuesday,
and basically the slow walk that I am so used to around here has taken
place.
I hope we can find a final path forward. Senators from both sides of
the aisle have come to me personally and said they have invested time--
lots of time--in this matter, and they are trying to forge a consensus.
I take them at their word, but they all seem powerless to buck the
filibuster trend we have.
So I hope when the dust settles we can set aside crass politics and
work together for the good of our Nation and can achieve a strong,
effective, bipartisan cyber security bill.
Mr. President, Tom Donohue, head of the Chamber of Commerce, is my
friend. He really is. But I am terribly disappointed in the Chamber of
Commerce. We started out with having a requirement that businesses in
the private sector would be required to do certain things. Senators
Lieberman and Collins backed off from that, and now it is kind of a
voluntary deal. It is much weaker than I think it should be. Why in the
world would they oppose that--``they'' meaning the Chamber of Commerce,
which has sucked in most all of the Republicans on this. That is really
unfortunate.
Amendment No. 2731
So, Mr. President, on behalf of Senators Lieberman, Collins, and
others, I call up amendment No. 2731, which is at the desk.
The PRESIDING OFFICER. The clerk will report.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid], for Mr. Lieberman, for
himself, Ms. Collins, Mr. Rockefeller, Mrs. Feinstein, and
Mr. Carper, proposes an amendment numbered 2731.
(The amendment is printed in today's Record under ``Text of
Amendments.'')
Mr. REID. Mr. President, I ask for the yeas and nays on that
amendment.
The PRESIDING OFFICER. Is there a sufficient second?
There appears to be a sufficient second.
The yeas and nays were ordered.
Amendment No. 2732 to Amendment No. 2731
Mr. REID. Mr. President, on behalf of Senator Franken, I call up
amendment No. 2732, which is also at the desk.
The PRESIDING OFFICER. The clerk will report.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid], for Mr. Franken,
proposes an amendment numbered 2732 to amendment No. 2731.
The amendment is as follows:
At the end, add the following new section:
SEC. __.
Notwithstanding any other provision of this Act, section
701 and section 706(a)(1) shall have no effect.
Amendment No. 2733
Mr. REID. Mr. President, I have an amendment to the language proposed
to be stricken.
The PRESIDING OFFICER. The clerk will report.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid] proposes an amendment
numbered 2733 to the language proposed to be stricken by
amendment No. 2731.
The amendment is as follows:
On page 20, line 5, strike ``180 days'' and insert ``170
days''.
Mr. REID. Mr. President, I ask for the yeas and nays on that
amendment.
The PRESIDING OFFICER. Is there a sufficient second?
There appears to be a sufficient second.
The yeas and nays were ordered.
Amendment No. 2734 to Amendment No. 2733
Mr. REID. Mr. President, I have a second-degree amendment at the
desk.
The PRESIDING OFFICER. The clerk will report.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid] proposes an amendment
numbered 2734 to amendment No. 2733.
The amendment is as follows:
In the amendment strike ``170'' and insert ``160''.
Cloture Motion
Mr. REID. Mr. President, I have a cloture motion at the desk.
The PRESIDING OFFICER. The cloture motion having been presented under
rule XXII, the Chair directs the clerk to read the motion.
The bill clerk read as follows:
Cloture Motion
We, the undersigned Senators, in accordance with the
provisions of rule XXII of the Standing Rules of the Senate,
hereby move to bring to a close debate on S. 3414, a bill to
enhance the security and resiliency of the cyber and
communications infrastructure of the United States.
Harry Reid, Joseph I. Lieberman, Barbara A. Mikulski,
Thomas R. Carper, Richard J. Durbin, Christopher A.
Coons, Mark Udall, Ben Nelson, Jeanne Shaheen, Tom
Udall, Daniel K. Inouye, Carl Levin, John D.
Rockefeller IV, Charles E. Schumer, Sheldon Whitehouse,
John F. Kerry, Michael F. Bennet.
Motion to Commit with Amendment No. 2735
Mr. REID. Mr. President, I have a motion to commit the bill with
instructions, which is at the desk.
The PRESIDING OFFICER. The clerk will report the motion.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid] moves to commit the
bill, S. 3414, to the Committee on Homeland Security and
Governmental Affairs with instructions to report back
forthwith with an amendment numbered 2735.
The amendment is as follows:
At the end, add the following new section:
SEC. ___.
This Act shall become effective 3 days after enactment.
Mr. REID. Mr. President, I ask for the yeas and nays on that motion.
The PRESIDING OFFICER. Is there a sufficient second?
There appears to be a sufficient second.
The yeas and nays were ordered.
Amendment No. 2736
Mr. REID. Mr. President, I have an amendment to the instructions at
the desk.
The PRESIDING OFFICER. The clerk will report.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid] proposes an amendment
numbered 2736 to the instructions (amendment No. 2735) of the
motion to commit S. 3414.
The amendment is as follows:
In the amendment, strike ``3 days'' and insert ``2 days''.
Mr. REID. I ask for the yeas and nays on that amendment.
The PRESIDING OFFICER. Is there a sufficient second?
There appears to be a sufficient second.
The yeas and nays were ordered.
Amendment No. 2737 to Amendment No. 2736
Mr. REID. Mr. President, I have a second-degree amendment at the
desk.
The PRESIDING OFFICER. The clerk will report.
The bill clerk read as follows:
The Senator from Nevada [Mr. Reid] proposes an amendment
No. 2737 to amendment No. 2736.
The amendment is as follows:
In the amendment, strike ``2 days'' and insert ``1 day''.
Mr. REID. Mr. President, I ask unanimous consent that the mandatory
quorum required under rule XXII be waived with respect to the cloture
motion that has just been filed.
The PRESIDING OFFICER. Without objection, it is so ordered.
____________________