With Republicans in control of the House of Representatives, Democrats in control of the Senate, and both parties focusing on next year's election, there's a whole lot of nothing happening in Washington right now.
But there are a few areas where legislation of some significance could emerge. Prominent among them: cybersecurity.
National security is, at least in theory, a cause that can attract bi-partisan support. And China Inc.'s massive theft of American intellectual property and the frightening prospect — however remote — of a major attack on the country's electrical grid or banking system offer plenty of incentive for action.
The opportunity for a major bill is of particular interest to Rhode Island's Congressional delegation. Representative James Langevin is among a handful of key players in the House on the issue and Senator Sheldon Whitehouse has been active on cybersecurity in his chamber.
But until recently, Langevin, Whitehouse, and the rest of Washington officialdom were playing a painful waiting game.
Even as Senate aides worked behind the scenes to craft a comprehensive bill, Congressional leaders felt they couldn't act until the Obama Administration had conducted a thorough review and staked out a position. And it took a long time for the administration to stake out a position.
But finally, earlier this month, a proposal.
The biggest concern in cybersecurity circles is an attack on critical infrastructure — plunging the East Coast into darkness, for instance, or dismantling Wall Street. The trouble is, the vast majority of that infrastructure is controlled by a private sector that has little incentive to invest in protecting against a low-probability threat.
The White House's solution: require companies owning sensitive infrastructure to develop cybersecurity plans that would be audited by a third party. Firms that fall short could be publicly named and shamed, possibly spooking customers. And their plans would be subject to Department of Homeland Security revision.
It is, by most accounts, a restrained approach — no heavy regulation, here, for a private sector that has dawdled for years.
But Travis Sharp, an analyst with the Washington-based Center for a New American Security, says that approach is probably appropriate. Both government and business have made mistakes on cybersecurity, he says. And a flexible, collaborative approach, he suggests, is the best way to get better results moving forward.
The plan has plenty of critics, though — Langevin among them. The representative, who gives the administration credit for "moving us in the right direction," says more robust, direct regulation is required in some places.
"I don't want government to intrude in the private sector any more than is necessary," he says. "But I use the example of the airline industry . . . They have an interest in making sure they get the traveling public safely to their destination. But I believe their interest in providing good service will only get us so far in terms of safety. I don't think anybody would argue that we shouldn't have the [Federal Aviation Administration] or the [National Transportation Safety Board]."
Langevin has also called for a National Office of Cyberspace (NOC) in the White House, with a Senate-confirmed director, to coordinate policy and whip into shape federal departments that have done a poor job of protecting their own networks.