Yesterday, during the consideration of HR 998, the Searching for and Cutting Regulations that are Unnecessarily Burdensome (SCRUB) Act, the House rejected an amend by Rep. McNerney (D,CA) that would have exempted rules related to the physical security or cybersecurity of the bulk-power system from the provisions of the bill.
HR 998 would establish the Retrospective Regulatory Review Commission to conduct a review of the Code of Federal Regulations to identify rules and sets of rules that collectively implement a regulatory program that should be repealed to lower the cost of regulation. The bill would then require rulemaking agencies, when making a new rule, to repeal rules or sets of rules classified by the commission as recommended for repeal to offset the costs of the new rule (cut-go procedure).
McNerney’s amendment would have changed the definition of the term ‘rule’ in §501(4) by adding “, except that the term does not include any rule relating to the physical and cyber security of the bulk-power system (as defined in section 215(a) of the Federal Power Act (16 U.S.C. 824o(a)), including any emergency action to protect and restore reliability of the bulk-power system”.
During the limited debate about this amendment, McNerney spoke in favor of the amendment. He argued that: “The Critical Infrastructure Protection standards have worked. My amendment ensures that Federal agencies will have the flexibility needed to respond to challenges without sacrificing any other necessary protections.”
Rep. Ross (R,FL) argued against the amendment; noting “Ensuring the physical and cybersecurity of the bulk power system is absolutely important and critical. We should know whether or not the existing regulations are effective and are useful.”
Today, the House passed the amended HR 998 by a largely partisan vote of 240 to 185. The partisan nature of the vote would seem to indicate that it would be difficult to get the bill to the floor of the Senate for a vote.
HR 988 is not a bill that I would normally cover in this blog. The McNerney amendment does show, however, that congress is starting to look at more areas where cybersecurity issues may arise. This means that more bills are likely to see cybersecurity amendments being offered.
It is interesting to see that both sides of the debate on this amendment cited their concerns about the cybersecurity of the bulk-power system as the reason that members should vote one way or the other on the bill. This is another indication of the increasing politicization of cybersecurity in Congress. Given the relatively low state of cybersecurity knowledge in congress critters and their staffs, this could make for some very interesting comments being made in future debates.