Cyber Legislation Will Cost Businesses and Hurt Economy

Editor’s Note:  Cost-benefit analysis for cybersecurity is an essential prerequisite for developing an effective cybersecurity regulatory program.  For more information on the need for the federal government to develop such cost-benefit analysis tools, please see CRE’s Statement to the Information Security and Privacy Advisory Board (ISPAB) available here.  

From: Forbes

Most businesses have paid little attention to the sweeping cybersecurity legislation introduced on Valentine’s Day by Senators Lieberman, Collins, Rockefeller, and Feinstein, even though it could be one of the most expensive and intrusive pieces of legislation proposed since Sarbanes-Oxley.  Intended to help protect the nation against a major cyber attack by improving the security and resiliency of the computer systems of critical infrastructure companies, the Cybersecurity Act of 2012 (S. 2105) actually would put a federal agent inside most of these businesses’ data centers and require assessments and reporting that could make Sarbanes-Oxley seem inexpensive.

Consumer Privacy Bill of Responsibilities


The White House has unveiled a Consumer Privacy Bill of Online Rights, a voluntary code of conduct which had been accepted by major internet advertisers and met with skepticism by consumer watchdogs.

The Center for Digital Democracy reacted to the Framework for Protecting Privacy and Promoting Innovation by stating that “that in the absence of federal legislation… some progress must be made to protect consumers” but noted that “We would have preferred the White House to introduce new legislation that clearly protected consumers online.”

ACUS Considers Changes to the PRA

The issue of whether Information Collection Requests (ICRs) should continue to be subject to two public comment periods under the Paperwork Reduction Act (PRA) is being deliberated by the Administrative Conference of the United States (ACUS). The appropriate number of ICR comment opportunities has been a subject of debate for a number of years and ACUS should be applauded for addressing this matter in an analytical fashion.

Regulatory Alternatives: Best and Worst Practices

From Mercatus Center/George Mason University

Are agencies properly assessing the alternatives to regulation?

Although many presidents have advised against it, federal agencies often fail to consider a wide variety of alternatives before issuing regulations. Regulatory process reforms should require agencies to thoroughly analyze alternatives and publish their analysis before they propose a regulation.

OMB’s International Cooperation on Regulatory Analysis

Editor’s Note:  The testimony below from the State Department’s Under Secretary for Economic, Energy and Agricultural Affairs discusses OMB’s involvement in discussions with the U.S. – EU High Level Regulatory Cooperation Forum on “our respective approaches to risk analysis, cost-benefit analysis, and the assessment of the impact of regulation on trade.”  These discussions provide the opportunity for OMB to promote European adoption of the principles in the Data Quality Act and other “good government” laws.

From: US Department of State

Examining the European Debt Crisis and its Implications


Robert D. Hormats
Under Secretary for Economic, Energy and Agricultural Affairs 

Testimony before the Senate Banking Committee

Panelists see informed regs as key to unconventional production

From: Oil & Gas Journal

By Nick Snow

Development of the necessary data to reach informed regulatory decisions is the next critical unconventional production issue to be addressed, panelists said in a Feb. 14 forum co-sponsored by General Electric Co. and the Center for Strategic and International Studies.

“This is a completely unexpected revolution,” said John M. Deutch, Institute Professor in the Massachusetts Institute of Technology Chemistry Department, and chairman of the US Energy Secretary’s Energy Advisory Board Shale Gas Production Subcommittee.

Cyberwar Is the New Yellowcake, Fueling a Cybersecurity-Industrial Complex

Editor’s Note:  CRE expects that OIRA will and should play a significant role in reviewing any regulations governing IT security for critical infrastructure.  For another perspective on cybersecurity and regulations, please see The Coming Cybersecurity Regulatory Revolution.

From: Mercatus Center

By Jerry Brito, Tate Watkins

In last month’s State of the Union address, President Obama called on Congress to pass “legislation that will secure our country from the growing dangers of cyber threats.” The Hill was way ahead of him, with over 50 cybersecurity bills introduced this Congress. This week, both the House and Senate are moving on their versions of consolidated, comprehensive legislation.

President’s Budget Declares War on Medicaid Recipients

WASHINGTON, Feb. 14, 2012 /PRNewswire-USNewswire/ — The Center for Regulatory Effectiveness reports that the President’s Budget proposes to slash reimbursement to state Medicaid programs for beneficiaries who use home oxygen and other Durable Medical Equipment.  The proposed budget would cripple the ability of Medicaid beneficiaries to remain in their homes. Instead of protecting the viability of home medical care as a cost-saving alternative to more frequent hospital admittances and prolonged nursing facility care, the Budget proposes to extend a discredited payment system which is already reducing Medicare beneficiaries’ access to life-sustaining care.

Regulatory Agencies Continue to Slow the Economy

From: The New American

Written by Bob Adelmann

In a recent editorial entitled “Regulation without Representation,” Investors Business Dailypointed out that a new federal rule or regulation is published every two hours, 24 hours a day, 365 days a year. But most of them escape the notice of Congress. Congress itself passes fewer than 200 in each session, the rest are promulgated by agencies in the Executive Branch in contravention of explicit instructions in the Constitution.