POLITICO Pro
Conservatives are increasingly knives out for the nation’s top cyber agency
Lawmakers are racing to defuse attacks the hard-right has levied against the Cybersecurity and Infrastructure Security Agency.
“Federal courts have ordered CISA to stop, but the trust CISA has abused cannot be restored until the agency gives a full accounting of what it has done,” Rand Paul said. | J. Scott Applewhite/AP
By JOHN SAKELLARIADIS
10/22/2023 07:00 AM EDT
An agency set up under Donald Trump to protect elections and key U.S. infrastructure from foreign hackers is now fighting off increasingly intense threats from hard-right Republicans who argue it’s gone too far and are looking for ways to rein it in.
These lawmakers insist work by the Cybersecurity and Infrastructure Security Agency to combat online disinformation during elections singles out conservative voices and infringes upon free speech rights — an allegation the agency vehemently denies and the Biden administration is contesting in court. The accusations started in the wake of the 2020 election and are ramping up ahead of 2024, with lawmakers now calling for crippling cuts at the agency.
“CISA has blatantly violated the First Amendment and colluded with Big Tech to censor the speech of ordinary Americans,” Rand Paul (R-Ky.), the ranking member of the Senate Homeland Security Committee, which oversees CISA, said in a statement to POLITICO.
The fight over CISA underscores yet another way Trump’s election fraud claims are reverberating into 2024. And though the hard right doesn’t have enough votes to defund CISA today, the growing backlash against it has supporters worried that a hard-right faction could hobble the agency in the years ahead — undermining its efforts not just to secure future elections, but also protect key U.S. and federal networks from major hacks.
CISA had broad bipartisan support in Congress when lawmakers passed legislation creating the agency in 2018. At the ceremony where Trump signed it into law, he called it “very, very important legislation” to protect the U.S. against both nation-state hackers and cybercriminals.
But when Chris Krebs, the then-head of CISA, debunked Trump’s 2020 election fraud claims, the president fired him. And since the GOP assumed control of the House in 2022, like-minded Republicans have been ratcheting up their scrutiny of the agency.
In June, the Republican-led House Judiciary Committee, chaired by Jim Jordan of Ohio, issued a fiery report labeling CISA “the nerve center” of the federal government’s censorship apparatus. Then at the end of September, more than 100 House Republicans launched an unsuccessful bid to dramatically slash CISA’s $3 billion budget by 25 percent. And earlier this month, Republican attorneys general, who had taken CISA and other federal agencies to court over possible First Amendment violations, won new restrictions against it.
The Supreme Court temporarily froze those restrictions on Friday, allowing the government to continue working with social media platforms until it has a chance to review the case itself.
In addition to election security, CISA protects government computer networks and essential private sector institutions, like chemical manufacturers, schools and hospitals, from both physical and digital sabotage. Of the agency’s $3 billion budget, roughly $45 million is dedicated to election security, according to internal figures shared with POLITICO by the agency. A fraction of that, less than $2 million, goes to combating foreign influence operations and disinformation.
“Defunding CISA is inviting a Chinese and/or Russia cyberattack against our government and thousands of costly ransomware attacks against small and medium-sized businesses,” Eric Swalwell (D-Calif.), the ranking member of the Homeland Security Committee’s cyber subcommittee, said in a text message.
Conservatives’ frustrations with CISA stem from work it started five years ago to prevent the brand of online influence operations Russian hackers deployed in the run-up to the 2016 elections.
Up to the 2022 election, CISA coordinated regular calls between social media platforms and federal agencies on election-related disinformation. Through the 2020 elections, it also engaged in a practice known as “switchboarding,” in which the agency forwarded tips about hoaxes it received from state and local election authorities to companies like Facebook and X, (formerly Twitter).
Conservatives now argue that activity has become a smokescreen for left-leaning government censorship. In Congress and within the courts, they contend that pressure from federal agencies like CISA led social media companies to limit the spread of information perceived as damaging to Joe Biden’s campaign, such as stories relating to Hunter Biden.
In a sign of trouble for an agency once boasting strong bipartisan support, 108 Republicans supported the failed push to cut CISA’s budget last month — a near majority within the conference.
Backers of the budget cut included a swathe of increasingly influential hard-right lawmakers, like Jordan and James Comer (R-Ky.), chair of the powerful House Oversight Committee. Those with direct oversight over CISA also backed the vote, such as the chief of the Homeland Security Committee, Mark Green (R-Tenn.), and another panel member, August Pfluger (R-Texas).
CISA vehemently denies the allegations against it. It contends that it acted only as an intermediary and never pressured social media platforms to censor specific posts. “CISA does not and has never censored speech or facilitated censorship,” spokesperson Avery Mulligan said in a statement.
CISA supporters also argue the allegations are overblown and outdated, pointing out that the agency halted its switchboarding activity ahead of the 2022 election. Some argue that CISA’s role in rebutting Trump’s claims in 2020 left Republicans hungry for payback.
“To criticize CISA and this leadership for stuff that happened in the previous administration makes no sense,” said former Rep. Jim Langevin (D-R.I.), a longtime agency supporter who left Congress last year. He added that he hopes whoever becomes House speaker “would do some homework and really look at the facts.”
In the court case against CISA brought by GOP attorneys general, a Republican-dominated appeals court ruled Oct. 3 that the agency “likely violated” the First Amendment in its interactions with social media companies. It concluded the agency’s efforts were improper because it coordinated with the FBI, a law enforcement agency, and opined on the veracity of certain posts flagged to social media platforms.
The Biden administration is now challenging the ruling, which would curb CISA’s communications with Silicon Valley. But the appeals court’s conclusions — which the Supreme Court intends to review by June — have nonetheless emboldened conservatives.
“Federal courts have ordered CISA to stop, but the trust CISA has abused cannot be restored until the agency gives a full accounting of what it has done, and Congress changes the law to create severe penalties for anyone who tries to do the same thing in the future,” Paul said in his statement to POLITICO.
Several influential House Republicans still back CISA, including Mike Gallagher of Wisconsin, the chair of the cyber panel on the House Armed Services Committee, and Nancy Mace of South Carolina, who heads the House Oversight Committee’s cyber subcommittee. The House recently passed an annual appropriations bill that would keep the agency’s funding roughly on par with what Biden sought in this year’s budget request.
Still, CISA supporter Andrew Garbarino (R-N.Y.), the chair of the Homeland Security Committee’s cyber subcommittee, expressed concern about the spread of “misinformation” within his party.
“At a time when America is facing more complex cyber threats than ever before, attempting to kneecap our lead civilian cybersecurity agency is dangerous,” he said in a statement to POLITICO. “Those of us who support CISA are working to educate the members who voted to cut CISA’s funding to ensure its cyber and physical resilience work can continue.”
A key concern for lawmakers like Garbarino and the agency itself is that large funding cuts would hamper other key aspects of its mandate — like protecting government networks, schools and private hospitals from criminal ransomware groups.
“As our nation continues to face complex and urgent cyber threats, funding at levels below the amounts that the administration has requested would put the safety and security of the critical infrastructure Americans rely on every day at serious risk,” CISA’s Mulligan said.
Gerry Connolly (D-Va.), the ranking member of the House Oversight Committee’s cyber panel, told POLITICO: “Any cuts to the agency, whether targeted or across-the-board, will do measurable damage to our ability to protect our critical infrastructure and maintain system security across the federal government.”
Maggie Miller contributed to this report.
