(Washington, DC) Although President Obama plans to issue an executive order on cybersecurity, Congress still needs to pass comprehensive cybersecurity legislation, Department of Homeland Security (DHS) Secretary Janet Napolitano said today. Speaking at the Cybersecurity Summit hosted by the National Journal and Government Executive here, Napolitano said that “an executive order will help but we still need comprehensive cybersecurity legislation.”
An executive order can’t do a lot of things that legislation can do, such as give critical infrastructure industries liability protection or give DHS relief to offer higher civil service salaries in order to attract the much in-demand specialists the agency needs. “Congress has had a full opportunity to act and that is the preference. Any executive order cannot do what legislation can do but in the meantime there are things the president can do under existing authority,” she said.
Some Republicans and scholars have indeed challenged the President’s legal authority to issue an executive order on cybersecurity, a thorny and complex constitutional question that has arisen time and again when the administrative branch has taken action on matters without specific Congressional directives to do so. One option for Obama is to issue the current order as a modification of an earlier, related executive order, arguably giving him greater legal justification for this latest action.
But, Napolitano said, the current order will instead likely be in the format of a new order, not a modification of an existing order. When asked under what authority, if not Congressional directive, the new order will be issued she said that Article II of the Constitution, which grants the President executive power and assigns him responsibility as Commander in Chief of the military, is sufficient legal authority. (CRS has a recent and concise overview and the history of executive orders in this PDF, including discussion of Article II authority.)
When the executive order will come out is unclear. “I can’t give you a firm timeline,” Napolitano said. The executive order is still in draft form and the “president has not yet had an opportunity to review it.”
On the subject of cyberwar, Napolitano advocated greater international collaboration in developing conventions of use, much the way countries have cooperated in developing accepted practices regarding traditional warfare. “It’s time for the nations of the world to have some kind of opportunity to come together and look at a global convention...for having a safe cyber environment for everybody’s benefit. That international dialog has been missing.”