Tag: regulation

Picture Don Draper Stamping on a Human Face, Forever

Last week, a coalition of 10 privacy and consumer groups sent letters to Congress advocating legislation to regulate behavioral tracking and advertising, a phrase that actually describes a broad range of practices used by online marketers to monitor and profile Web users for the purpose of delivering targeted ads. While several friends at the Tech Liberation Front have already weighed in on the proposal in broad terms – in a nutshell: they don’t like it – I think it’s worth taking a look at some of the specific concerns raised and remedies proposed. Some of the former strike me as being more serious than the TLF folks allow, but many of the latter seem conspicuously ill-tailored to their ends.

First, while it’s certainly true that there are privacy advocates who seem incapable of grasping that not all rational people place an equally high premium on anonymity, it strikes me as unduly dismissive to suggest, as Berin Szoka does, that it’s inherently elitist or condescending to question whether most users are making informed choices about their privacy. If you’re a reasonably tech-savvy reader, you probably know something about conventional browser cookies, how they can be used by advertisers to create a trail of your travels across the Internet, and how you can limit this.  But how much do you know about Flash cookies? Did you know about the old CSS hack I can use to infer the contents of your browser history even without tracking cookies? And that’s without getting really tricksy. If you knew all those things, congratulations, you’re an enormous geek too – but normal people don’t.  And indeed, polls suggest that people generally hold a variety of false beliefs about common online commercial privacy practices.  Proof, you might say, that people just don’t care that much about privacy or they’d be attending more scrupulously to Web privacy policies – except this turns out to impose a significant economic cost in itself.

The truth is, if we were dealing with a frictionless Coaseian market of fully-informed users, regulation would not be necessary, but it would not be especially harmful either, because users who currently allow themselves to be tracked would all gladly opt in. In the real world, though, behavioral economics suggests that defaults matter quite a lot: Making informed privacy choices can be costly, and while an opt-out regime will probably yield tracking of some who would prefer not to be under conditions of full information and frictionless choice, an opt-in regime will likely prevent tracking of folks who don’t object to tracking. And preventing that tracking also has real social costs, as Berin and Adam Thierer have taken pains to point out. In particular, it merits emphasis that behavioral advertising is regarded by many as providing a viable business model for online journalism, where contextual advertising tends not to work very well: There aren’t a lot of obvious products to tie in to an important investigative story about municipal corruption. Either way, though, the outcome is shaped by the default rule about the level of monitoring users are presumed to consent to. So which set of defaults ought we to prefer?

Here’s why I still come down mostly on Adam and Berin’s side, and against many of the regulatory remedies proposed. At the risk of stating the obvious, users start with de facto control of their data. Slightly less obvious: While users will tend to have heterogeneous privacy preferences – that’s why setting defaults either way is tricky – individual users will often have fairly homogeneous preferences across many different sites. Now, it seems to be an implicit premise of the argument for regulation that the friction involved in making lots of individual site-by-site choices about privacy will yield oversharing. But the same logic cuts in both directions: Transactional friction can block efficient departures from a high-privacy default as well. Even a default that optimally reflects the median user’s preferences or reasonable expectations is going to flub it for the outliers. If the variance in preferences is substantial, and if different defaults entail different levels of transactional friction, nailing the default is going to be less important than choosing the rule that keeps friction lowest. Given that most people do most of their Web surfing on a relatively small number of machines, this makes the browser a much more attractive locus of control. In terms of a practical effect on privacy, the coalition members would probably achieve more by persuading Firefox to set their browser to reject third-party cookies out of the box than from any legislation they’re likely to get – and indeed, it would probably have a more devastating effect on the behavioral ad market. Less bluntly, browsers could include a startup option that asks users whether they want to import an exclusion list maintained by their favorite force for good.

On the model proposed by the coalition, individuals have to make affirmative decisions about what data collection to permit for each Web site or ad network at least once every three months, and maybe each time they clear their cookies. If you think almost everyone would, if fully informed, opt out of such collection, this might make sense. But if you take the social benefits of behavioral targeting seriously, this scheme seems likely to block a lot of efficient sharing. Browser-based controls can still be a bit much for the novice user to grapple with, but programmers seem to be getting better and better at making it more easy and automatic for users to set privacy-protective defaults. If the problem with the unregulated market is supposed to be excessive transaction costs, it seems strange to lock in a model that keeps those costs high even as browser developers are finding ways to streamline that process. It’s also worth considering whether such rules wouldn’t have the perverse consequence of encouraging consolidation across behavioral trackers. The higher the bar is set for consent to monitoring, the more that consent effectively becomes a network good, which may encourage concentration of data in a small number of large trackers – not, presumably, the result privacy advocates are looking for. Finally – and for me this may be the dispositive point – it’s worth remembering that while American law is constrained by national borders, the Internet is not. And it seems to me that there’s a very real danger of giving the least savvy users a false sense of security – the government is on the job guarding my privacy! no need to bother learning about cookies! – when they may routinely and unwittingly be interacting with sites beyond the reach of domestic regulations.

There are similar practical difficulties with the proposal that users be granted a right of access to behavioral tracking data about them.  Here’s the dilemma: Any requirement that trackers make such data available to users is a potential security breach, which increases the chances of sensitive data falling into the wrong hands. I may trust a site or ad network to store this information for the purpose of serving me ads and providing me with free services, but I certainly don’t want anyone who sends them an e-mail with my IP address to have access to it. The obvious solution is for them to have procedures for verifying the identity of each tracked user – but this would appear to require that they store still more information about me in order to render tracking data personally identifiable and verifiable. A few ways of managing the difficulty spring to mind, but most defer rather than resolve the problem, and add further points of potential breach.

That doesn’t mean there’s no place for government or policy change here, but it’s not always the one the coalition endorses. Let’s look  more closely at some of their specific concerns and see which, if any, are well-suited to policy remedies. Only one really has anything to do with behavioral advertising, and it’s easily the weakest of the bunch. The groups worry that targeted ads – for payday loans, sub-prime mortgages, or snake-oil remedies – could be used to “take advantage of vulnerable consumers.” It’s not clear that this is really a special problem with behavioral ads, however: Similar targeting could surely be accomplished by means of contextual ads, which are delivered via relevant sites, pages, or search terms rather than depending on the personal characteristics or browsing history of the viewer – yet the groups explicitly aver that no new regulation is appropriate for contextual advertising. In any event, since whatever problem exists here is a problem with ads, the appropriate remedy is to focus on deceptive or fraudulent ads, not the particular means of delivery. We already, quite properly, have rules covering dishonest advertising practices.

The same sort of reply works for some of the other concerns, which are all linked in some more specific way to the collection, dissemination, and non-advertising use of information about people and their Web browsing habits. The groups worry, for instance, about “redlining” – the restriction or denial of access to goods, services, loans, or jobs on the basis of traits linked to race, gender, sexual orientation, or some other suspect classification. But as Steve Jobs might say, we’ve got an app for that: It’s already illegal to turn down a loan application on the grounds that the applicant is African American. There’s no special exemption for the case where the applicant’s race was inferred from a Doubleclick profile. But this actually appears to be something of a redlining herring, so to speak: When you get down into the weeds, the actual proposal is to bar any use of data collected for “any credit, employment, insurance, or governmental purpose or for redlining.” This seems excessively broad; it should suffice to say that a targeter “cannot use or disclose information about an individual in a manner that is inconsistent with its published notice.”

Particular methods of tracking may also be covered by current law, and I find it unfortunate that the coalition letter lumps together so many different practices under the catch-all heading of “behavioral tracking.” Most behavioral tracking is either done directly by sites users interact with – as when Amazon uses records of my past purchases to recommend new products I might like – or by third party companies whose ads place browser cookies on user computers. Recently, though, some Internet Service Providers have drawn fire for proposals to use Deep Packet Inspection to provide information about their users’ behavior to advertising partners – proposals thus far scuppered by a combination of user backlash and congressional grumbling. There is at least a colorable argument to be made that this practice would already run afoul of the Electronic Communications Privacy Act, which places strict limits on the circumstances under which telecom providers may intercept or share information about the contents of user communications without explicit permission. ECPA is already seriously overdue for an update, and some clarification on this point would be welcome. If users do wish to consent to such monitoring, that should be their right, but it should not be by means of a blanket authorization in eight-point type on page 27 of a terms-of-service agreement.

Similarly welcome would be some clarification on the status of such behavioral profiles when the government comes calling. It’s an unfortunate legacy of some technologically atavistic Supreme Court rulings that we enjoy very little Fourth Amendment protection against government seizure of private records held by third parties – the dubious rationale being that we lose our “reasonable expectation of privacy” in information we’ve already disclosed to others outside a circle of intimates. While ECPA seeks to restore some protection of that data by statute, we’ve made it increasingly easy in recent years for the government to seek “business records” by administrative subpoena rather than court order. It should not be possible to circumvent ECPA’s protections by acquiring, for instance, records of keyword-sensitive ads served on a user’s Web-based e-mail.

All that said, some of the proposals offered up seem,while perhaps not urgent, less problematic. Requiring some prominent link to a plain-English description of how information is collected and used constitutes a minimal burden on trackers – responsible sites already maintain prominent links to privacy policies anyway – and serves the goal of empowering users to make more informed decisions. I’m also warily sympathetic to the idea of giving privacy policies more enforcement teeth – the wariness stemming from a fear of incentivizing frivolous litigation. Still, the status quo is that sites and ad networks profitably elicit information from users on the basis of stated privacy practices, but often aren’t directly liable to consumers if they flout those promises, unless the consumer can show that the breach of trust resulted in some kind of monetary loss.

Finally, a quick note about one element of the coalition recommendations that neither they nor their opponents seem to have discussed much – the insistence that there be no federal preemption of state privacy law. I assume what’s going on here is that the privacy advocates expect some states to be more protective of privacy than Congress or the FTC would be, and want to encourage that, while libertarians are more concerned with keeping the federal government from getting involved at all. But really, if there’s an issue that was made for federal preemption, this is it.  A country where vendors, advertisers, and consumers on a borderless Internet have to navigate 50 flavors of privacy rules to sell a banner add or an iTunes track does not sound particularly conducive to privacy, commerce, or informed consumer choice.

Hillary: The Movie

The Supreme Court is soon to hear a case that may drastically roll back campaign finance regulation in the United States:

The case involves “Hillary: The Movie,” a mix of advocacy journalism and political commentary that is a relentlessly negative look at Mrs. Clinton’s character and career. The documentary was made by a conservative advocacy group called Citizens United, which lost a lawsuit against the Federal Election Commission seeking permission to distribute it on a video-on-demand service. The film is available on the Internet and on DVD. The issue was that the McCain-Feingold law bans corporate money being used for electioneering.

The right position for the Court is that McCain-Feingold, and all other campaign finance regulation, constitutes unconstitutional limitation on free speech. This means reversing the Court’s 1974 Buckley v. Valeo decision, which held that government limits on campaign spending were unconstitutional but limits on contributions were not.

This distinction is meaningless. If it is OK for a millionaire to spend his own money promoting his own campaign, why can he not give that money to someone else, who might be a more effective advocate for that millionaire’s views, so that this other person can run for office?

More broadly, campaign finance regulation is thought control: it takes a position on whether money should influence political outcomes. Whether or not one agrees, this is only one possible view, and freedom of speech is meant to prevent government from promoting or discouraging particular points of view.

It would be a brave step for Court to reverse Buckley, but it is the right thing to do.

For more background on the case, watch this:

C/P Libertarianism, from A to Z

Have Mexican Dishwashers Brought California to Its Knees?

workerAn article published this week by National Review magazine blames the many problems of California on—take a guess—high taxes, over-regulation of business, runaway state spending, an expansive welfare state? Try none of the above. The article, by Alex Alexiev of the Hudson Institute, puts the blame on the backs of low-skilled, illegal immigrants from Mexico and the federal government for not keeping them out.

Titled “Catching Up to Mexico: Illegal immigration is depleting California’s human capital and ravaging its economy,” the article endorses high-skilled immigration to the state while rejecting the influx of “the poorly educated, the unskilled, and the illiterate” immigrants that enter illegally from Mexico and elsewhere in Latin America.

Before swallowing the article’s thesis, consider two thoughts:

One, if low-skilled, illegal immigration is the single greatest cause of California’s woes, how does the author explain the relative success of Texas? As a survey in the July 11 issue of The Economist magazine explained, smaller-government Texas has avoided many of the problems of California while outperforming most of the rest of the country in job creation and economic growth. And Texas has managed to do this with an illegal immigrant population that rivals California’s as a share of its population.

Two, low-skilled immigrants actually enhance the human capital of native-born Americans by allowing us to move up the occupational ladder to jobs that are more productive and better paying. In a new study from the Cato Institute, titled “Restriction or Legalization? Measuring the Economic Benefits of Immigration Reform,” this phenomenon is called the “occupational mix effect” and it translates into tens of billions of dollars of benefits to U.S. households.

Our new study, authored by economists Peter Dixon and Maureen Rimmer, found that legalization of low-skilled immigration would boost the incomes of American households by $180 billion, while further restricting such immigration would reduce the incomes of U.S. families by $80 billion.

That is a quarter of a trillion dollar difference between following the policy advice of National Review and that of the Cato Institute. Last time I checked, that is still real money, even in Washington.

Give Me Liberty or Give Me Death Panels

“Death panels” are a dominant motif in the debate over health care regulation, a fact that spins off political flares like a roman candle.

Extremists on both sides have taken their extreme positions: Some literally fear President Obama and his health regulation plans; others are outraged that anyone could possibly feel that way.

Charges of special-interest organizing meet counter-charges of unfairness and false accusation. Good video from town hall meetings and volleys of “Nazi” and “socialist” give cable news networks another short reprieve from their long slow decline. It’s all manna for the writers at Comedy Central.

But let’s talk substance: Health care is a scarce good, so it will always be rationed. The core question is whether government should take the dominant role in health care rationing over from insurance companies, or whether reform should restore rationing decisions to patients advised by doctors. 

Though they would never have the name or the form, the “death panel” label roughly (and unfairly) describes what would happen if health decisions were turned over to government bureaucrats under the leading proposals today. The bureaucracy would do exactly what “reform” asks it to do(!): prioritize cost savings and efficiency over the unique, individual interests of patients and their families.

The bureaucracy would serve its own interests too. Bureaucracies are subject to capture by special interests, of course, and they can be corrupted. These things are easier when the people who might die look like statistics.

Many people feel very strongly that problems with health care today indicate the need for President Obama’s and Congress’ health care plans. But what’s wrong with health care doesn’t mean that these proposals would make things better. Because they would move control of health care in the wrong direction, they would make things worse.

Everyone has a personal story about health care, and I have one too. On the day my mother passed away, my family and I were called to the hospital and met by a social worker. He showed us to a small anteroom at the entrance to the intensive care unit, where he guided us through a lengthy conversation about my mother’s wishes and the family’s circumstances. He then called in the doctors to offer their prognosis and advice, which we took.

It was a death panel. It was our death panel – because my parents had fully prepared for this eventuality by buying insurance.

Just like health care will always be rationed, there will always be death panels. The question is who runs them. To the extent our public policy drives people away from financial responsibility for their own health care, it sets them up for death panels that are administered by government bureaucrats, not by loved ones and doctors.

Political debate is rollicking and unfair and full of inaccuracy. And in the terms of today’s health care debate, we don’t want “rationing” – meaning we don’t want government rationing. And we don’t want death panels – meaning we don’t want government death panels, because government death panels will deny people and their families an essential dignity of life: choosing how it ends.

In that sense I say with apologies to Patrick Henry: Give me liberty or give me death panels.

Assessing the Claim that CDT Opposes a National ID

It was good of Ari Schwartz to respond last week to my recent post querying whether the Center for Democracy and Technology outright opposes a national ID or simply “does not support” one.

Ari says CDT does oppose a national ID, and I believe that he honestly believes that. But it’s worth taking a look at whether the group’s actions are consistent with opposition to a national ID. I believe CDT’s actions – most recently its support of the PASS ID Act – support the creation of a national ID.

(The title of his post and some of his commentary suggest I have engaged in rhetorical excess and mischaracterized his views. Please do judge for yourself whether I’m being shrill or unfair, which is not my intention.)

First I want to address an unusual claim of Ari’s – that we already have a national ID system. If that is true, his support for PASS ID is more sensible because it is an opportunity to inject federal privacy protections into the existing system (putting aside whether it is a federal responsibility to manage a state system or systems).

Do We Already Have a National ID?

I have heard a few people suggest that we have a national ID in the form of the Social Security Number. I believe the SSN is a national identifier, but it fails the test of a national identification card or system because it is not used for identification. As we know well from the scourge of identity fraud, there is no definitive way to tie an SSN to a person. The SSN is not used for identification (at least not reliably and not alone), which is the third part of my national ID definition. (Senator Schumer might like the SSN to form the basis of a national ID system, of course.)

But Ari says something different. He does not claim any definition of “national ID” or “national ID system.” Instead, he appeals to the authority of a 2003 report from a National Academy of Sciences group entitled “Who Goes There?: Authentication Through the Lens of Privacy.” That report indeed says, “State-issued driver’s licenses are a de facto nationwide identity system” – on the second-to-last substantive page of its second-to-last substantive chapter

But this is a highly selective use of quotation. The year before, that same group issued a report called “IDs – Not That Easy: Questions About Nationwide Identity Systems.” From the beginning and throughout, that report discussed the many issues around proposals to create a “nationwide” identity system. If the NAS panel had already concluded that we have a national ID system, it would not have issued an entire report critiquing that prospect. It would have discussed the existing one as such. Ari’s one quote doesn’t do much to support the notion that we already have a national ID.

What’s more, CDT’s own public comments on the proposed REAL ID Act regulations in May 2007 said that its data-intensive “one person – one license/ID card – one record” policy would ”create a national identification system.”

If a national ID system already existed, the new policy wouldn’t create one. This is another authority at odds with the idea that we have a national ID system already.

Support of PASS ID might be forgiven if we had a national ID system and if PASS ID would improve it. But the claim we already have one is weak.

“Political Reality” and Its Manufacture

But the heart of Ari’s claim is that supporting PASS ID reflects good judgment in light of political reality.

Despite the fact that there are no federal politicians, no governors and no appointed officials from any party publicly supporting repeal of REAL ID today, CDT still says that repeal is an acceptable option. However, PASS ID would get to the same outcome, or better, in practice and has the added benefit of actually being a political possibility… . I realize that Harper has invested a lot of time fighting for the word “repeal,” but at some point we have to look at the political reality.

A “Dear Colleague” letter inviting support for a bill to repeal REAL ID circulated on the Hill last week. How many legislators will hesitate to sign on to the bill because they have heard that the PASS ID Act, and not repeal of REAL ID, is CDT’s preferred way forward?

The phrase “political reality” is more often used by advocates to craft the political reality they prefer than to describe anything truly real. Like the observer effect in experimental research, statements about “political reality” change political reality.  Convince enough people that a thing is “political reality” and the sought-after political reality becomes, simply, reality.

I wrote here before about how the National Governors Association, sensing profit, has worked diligently to make REAL ID a “political reality.” And it has certainly made some headway (though not enough). In the last Congress, the only legislation aimed at resolving the REAL ID impasse were bills to repeal REAL ID. Since then, the political reality is that Barack Obama was elected president and an administration far less friendly to a national ID took office. Democrats – who are on average less friendly to a national ID – made gains in both the House and Senate.

But how are political realities crafted? It has often been described as trying to get people on a bus. To pass a bill, you change it to get more people on the bus than get off.

The REAL ID bus was missing some important riders. It had security hawks, the Department of Homeland Security, anti-immigrant groups, DMV bureaucrats, public safety advocates, and the Bush Administration. But it didn’t have: state legislators and governors, privacy and civil liberties groups, and certain religious communities, among others.

PASS ID is for the most part an effort to bring on state legislators and governors. The NGA is hoping to broker the sale of state power to the federal government, locking in its own institutional role as a supplicant in Washington, D.C. for state political leaders.

But look who else was hanging around the bus station looking for rides! – CDT, the nominal civil liberties group. Alone it jumped on the bus, communicating to others less familiar with the issues that PASS ID represented a good way forward.

Happily, few have taken this signal. The authors of PASS ID were unable to escape the name “REAL ID,” which is a far more powerful beacon flashing national ID and all the ills that entails than CDT’s signal to the contrary.

This is not the first time that CDT’s penchant for compromise has assisted the national ID effort, though.

Compromising Toward National ID

The current push for a national ID has a short history that I summarized three years ago in a righteously titled post on the TechLiberationFront blog: “The Markle Foundation: Font of Evil II.”

Briefly, in December 2003, a group called the Markle Foundation Task Force on National Security in the Information Age recommended “both near-term measures and a longer-term research agenda to increase the reliability of identification while protecting privacy.” (Never mind that false identification was not a modus operandi of the 9/11 attacks.)

The 9/11 Commission, citing Markle, found that “[t]he federal government should set standards for the issuance of birth certificates and sources of identification, such as drivers licenses.” In December 2004, Congress passed the Intelligence Reform and Terrorism Prevention Act, implementing the recommendations of the 9/11 Commission, including national standards for drivers’ licenses and identification cards, the national ID system recommended by the Markle Task Force. And in May 2005, Congress passed a strengthened national ID system in the REAL ID Act.

An earlier post, “The Markle Foundation: Font of Evil,” has more – and the text of a PoliTech debate between myself and Stewart Baker. Security hawk Baker was a participant in the Markle Foundation group, as was national ID advocate Amitai Etzioni. So was the Center for Democracy and Technology’s Jim Dempsey.

I had many reservations about the Markle Foundation Task Force and its work product, and in an April 2005 meeting of the DHS Privacy Committee, I asked Dempsey about what qualified people to serve on that task force, whether people were invited, and what might exclude them. A month before REAL ID passed, he said:

I think the Markle Task Force at least sought balance. And people came to the table committed to dialogue. And those who came with a particular point of view, I think, were all committed to listening. And I think people’s minds were changed… . What we were committed to in the Markle Task Force was changing our minds and trying to find a common ground and to try to understand each other. And we spent the time at it. And that, I think, is reflected in the product of the task force.

There isn’t a nicer, more genuine person working in public policy than Jim Dempsey. He is the consummate honest broker, and this statement of his intentions for the Markle Foundation I believe to be characteristically truthful and earnest.

But consider the possibility that others participating on the Markle Foundation Task Force did not share Jim’s predilection for honest dialogue and compromise. It is even possible that they mouthed these ideals while working intently to advance their goals, including creation of a national ID.

Stewart Baker, who I personally like, is canny and wily, and he wants to win. I see no evidence that Amitai Etzioni changed his mind about having a national ID when he authored the recommendation in the Markle report that ultimately produced REAL ID.

Other Markle participants I have talked to were unaware of what the report said about identity-based security, national identity standards, or a national ID. They don’t even know (or didn’t at the time) that lending your name to a report also lends it your credibility. Whatever privacy or civil liberties advocates were involved with the Markle Task Force got rolled – big-time – by the pro-national-ID team.

CDT is a sophisticated Washington, D.C. operation. It is supposed to understand these dynamics. I can’t give it the pass that outsiders to Washington might get. By committing to compromise rather than any principle, and by lending its name to the Markle Foundation Task Force report, CDT gave credibility to a bad idea – the creation of a national ID.

CDT helped produce the REAL ID Act, which has taken years of struggle to beat back. And now they are at it again with “pragmatic” support for PASS ID.

CDT has been consistently compromising on national ID issues while proponents of a national ID have been doggedly and persistently pursuing their interests. This is not the behavior of a civil liberties organization. It’s why I asked in the post that precipitated this debate whether there is anything that would cause CDT to push back from the table and say No.

Despite words to the contrary, I don’t see evidence that CDT opposes having a national ID. It certainly works around the edges to improve privacy in the context of having a national ID – reducing the wetness of the water, as it were – but at key junctures, CDT’s actions have tended to support having a U.S. national ID. I remain open to seeing contrary evidence.

Regulation Cures Cancer

That’s the implicit message of an advocacy campaign the American Cancer Society’s “Cancer Action Network” is running in the Washington, D.C. Metro’s Capitol South station.

Large placards showing pictures of people people who are “NOW” healthy but will “LATER” be stricken with cancer give Capitol Hill staffers commuting in to work a clear message: Do something — anything. It’s part of the otherworldly bubble that lobbyists and advocacy groups press around staff and members of Congress.

The message they need — perhaps a little too complex for the subway — is that Congress has Münchausen syndrome by proxy with respect to the health care system.

End the Credit Rating Monopoly

Earlier this week, SEC Chair Mary Shapiro appeared before Congress to suggest ways to fix the failings in our credit rating agencies.   Sadly her proposals miss the market, although that shouldn’t be so surprising as her suggestions appear to rest upon a misunderstanding of the problem.

The thrust of the SEC’s current approach is more disclosure, such as releasing “pre-ratings” that debt issuers may get before final issuance.  Additional disclosure of ratings methodology and assumptions is likely to be useless.  Almost all that information was available during the building housing bubble.  The problem is that the rating agencies had little incentive to go beyond the consensus forecasts of increasing to at most modest declines in home prices.  These same assumptions were the foundation of almost all government economic forecasting as well, yet few believe that forcing CBO or OMB to disclosure more of their forecasts will cure our budget imbalances.  What is needed is a change in incentives.

Here again the SEC seems to misunderstand the incentives at work, but then recognizing such would force the SEC to admit its own role in creating those some perverse incentives.  The SEC’s notion that agencies issue favorable ratings in order to gain business misses the most basic fact of the ratings business - they don’t have to compete for business, any debt issuer wanting to place “investment grade” debt has to use the agencies, and often has to use more than one of them.  Due to a variety of SEC and bank regulations, there is almost no competition among the rating agencies.  They have been given a government created monopoly.  If the rating agencies were, as the SEC proposes, competing strongly for business, then they wouldn’t have been earning huge profits on that business.  Competition erodes a business’ profits.  During the housing boom, the rating agencies continued to make ever more profits - more the sign of a monopoly than one of competition.

The truth is not that the agencies were captive to the debt issuers, but the other way around.  And like any monopolist, the agencies became lazy, slow and fat.  The real fix for the failure of the credit raters is to reduce the excessive reliance on their judgements inherent in most securities, banking and insurance regulations.  An investment grade rating should never serve as a substitute for appropriate due diligence on the part of investors (especially pension fund managers) or regulators.