Tag: House Judiciary Committee

‘How an E-Verify Requirement Can Help’

I know little about a House Judiciary Committee hearing tomorrow on E-Verify, but the title of it has a peculiar odor: “Document Fraud in Employment Authorization: How an E-Verify Requirement Can Help.”

You see, the immigration policies Congress has set are the source of the problem. Document fraud is made more likely by employment authorization requirements meant to enforce them, which are also—let’s remember—intrusive and costly business regulation.

In my Cato Policy Analysis “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration,” I wrote about restrictive immigration policies and the intrusive “internal enforcement” programs they have spawned. In a section titled “Counterattacks and Complications,” I examined how workers and employers will collude to avoid and frustrate worker verification. Mandatory E-Verify will increase identity and document fraud because it makes these frauds profitable. Trying to solve this problem, the government will naturally gravitate toward more powerful identity systems, including biometric identity cards and tracking.

Sure enough, House Judiciary Committee chairman Lamar Smith’s bill, the “Legal Workforce Act,” has a “pilot program” for a biometric national identity card.

When committing fraud is the pathway to productive employment, you know something is out of whack. Among the things out of whack are: too-restrictive immigration policy, internal enforcement, and E-Verify. This is supposed to be a free country where willingness and ability are the keys to employment.

The New SOPA: Now With Slightly Less Awfulness!

On Thursday, the House Judiciary Committee is slated to take up the misleadingly named Stop Online Piracy Act, an Internet censorship bill that will do little to actually stop piracy. In response to an outpouring of opposition from cybersecurity professionals, First Amendment scholars, technology entrepreneurs, and ordinary Internet users, the bill’s sponsors have cooked up an amended version that trims or softens a few of the most egregious provisions of the original proposal, bringing it closer to its Senate counterpart, PROTECT-IP. But the fundamental problem with SOPA has never been these details; it’s the core idea. The core idea is still to create an Internet blacklist, which means everything I say in this video still holds true:



Let’s review the main changes. Three new clarifying clauses have been added up front: the first two make clear that SOPA is not meant to create an affirmative obligation for site owners to monitor user content (good!) or mandate the implementation of technologies as a condition of compliance with the law (also good!). But the underlying incentives created by the statute push strongly in that direction whether or not it’s a formal requirement: What else do we imagine sites threatened under this law because of user-uploaded content or links will do to escape liability? A third clause says the bill shouldn’t be construed in a way that would impair the security or integrity of the network—which is a bit like slapping a label on a cake stipulating that it shouldn’t be construed to make you fat. These are all nice sentiments, but they remind me of the old philosophers’ joke: “You’ve obviously misinterpreted my theory; I didn’t intend for it to have any counterexamples!”

The big changes in the section establishing court-ordered blocking of supposed “rogue” sites appear to be intended to respond to the objections of cybersecurity professionals and network engineers, who pointed out that requiring falsification of Domain Name System records to redirect users from banned domains would interfere with a major government-supported initiative to secure the Internet against such hijacking. The updated language explicitly disavows the idea of redirection, removes a hard five-day deadline for compliance, and (crucially) says that any DNS operator (like your ISP) has fully satisfied its obligations under the statute if it simply fails to respond to DNS queries for blacklisted sites.

This is bad for transparency, in both the engineering and democratic senses of that term, insofar as it makes a government block indistinguishable from a technical failure, but it does, in a sense, address the direct conflict with DNSSEC. But as network engineers point out, a well-designed application implementing DNSSEC isn’t just going to give up when it doesn’t get a valid, cryptographically signed reply: it’s going to try other DNS servers (including servers outside US jurisdiction) until it finds one that answers.

There are two possibilities here. The first is that application designers don’t design their software properly to implement DNSSEC for fear of liability under the statute’s anti-circumvention provisions, which would be a Very Bad Thing. The second is that they’re assured they won’t be held liable for good design, in which case this whole elaborate censorship process—which was never going to be particularly effective against people who actually want to find pirated content—becomes a truly farcical pantomime, in which nobody running reasonably up-to-date clients even notices the nominal “blocking,” beyond a few seconds delay in resolving the “blocked” site. Now, if we’ve got to have an Internet censorship law, a completely impotent one is surely the best kind, but it becomes a bit mysterious what the point of all this is, beyond providing civil libertarians with a chuckle at the vast amount of money Hollywood has wasted ramming this thing through.

The other big change is to the private right of action, which previously would have allowed any copyright holder to unilaterally compel payment processors and ad networks to cut off sites that it merely accuses of infringement, or enabling infringement, or (in a baffling specimen of tortured language) taking “deliberate actions to avoid confirming a high probability” that the site would be used for infringement. That last little hate crime against English is mercifully absent from the revised SOPA, and it makes clear that only foreign sites are covered, and a judge is now required to actually issue an order before intermediaries are obligated to sever ties.

Which ultimately goes to show that the original proposal was so profoundly wretched that you can improve it a great deal, and still have a very bad idea. This is still, as many legal scholars have correctly observed, censorship by slightly circuitous economic means. The involvement of a judge should (knock on wood) weed out the most obviously frivolous complaints, but it still makes it far too easy for U.S. corporations to effectively destroy foreign Internet sites based on a one-sided proceeding in U.S. courts.

These changes are somewhat heartening insofar as they evince some legislative interest in addressing the legitimate concerns that have been raised thus far. But the problem with SOPA and PROTECT-IP isn’t that they need to be tweaked in order to get the details of an Internet censorship system right. There is no “right” way to do Internet censorship, and the best version of a bad idea remains a bad idea.

Moral Panic and Your Privacy

Want to understand a big chunk of what Washington, D.C. does? Learn about “moral panic.”

Moral panic is a dynamic in the political and media spheres in which some threat to social order—often something taboo—causes a response that goes far beyond meeting the actual threat. It’s a socio-political stampede, if you will. You might be surprised to learn how easily stampeded your society is.

Take a look at H.R. 1981, the Protecting Children from Internet Pornographers Act of 2011. It’s got everything: porn, children, the Internet. And it’s got everything: financial services providers dragooned into law enforcement, data retention requirements heaped on Internet service providers, expanded “administrative subpoena” authority. (Administrative subpoenas are an improvisation to accommodate the massive power of the bureaucracy, and they’ve become another end-run around the Fourth Amendment. If it’s “administrative” it must be reasonable, goes the non-thinking…)

This isn’t a bill about child predation. It’s a bald-faced attack on privacy and limited government. Congress can move legislation like this, even in the era of the Tea Party movement, because child predation is a taboo subject. The inference is too strong in too many minds that opposing government in-roads on privacy is somehow supporting child exploitation. Congress and its allies use taboos to cow the populace into accepting yet more government growth and yet more surveillance.

I’m not turned to mush by taboos, so the question I’m most interested in having asked at tomorrow’s hearing on the bill in the House Judiciary Committee is: “Under what theory of the Commerce Clause is this bill within the power of the federal government?”