Tag: regulation

A New Regulation I Can Support

Normally I would be happy to leave labelling decisions to retailers and manufacturers, but here’s a proposal for a new mandatory labelling scheme that I can get behind.

James Gibney, a reporter from the Atlantic, called me last week to ask some questions about dairy supports. He was preparing a blog post to propose a new labelling idea that might help break the frustrating stranglehold that the farm lobby has over U.S. agricultural policy. Here’s James’ idea:

To wit, every product whose ingredients benefit from a subsidy should include the following language on the label:

“This product has been subsidized by the U.S. government at taxpayer expense. For more information, please visit usda.gov.”

And every product that benefits from tariff protection should have the following language on the label:

“This product is protected from foreign competition by U.S. import tariffs. Its price is higher as a result. For more information, please visit usitc.gov.”

I like it. For more on Cato’s work on agricultural policy, see here and here.

The Failure of Do-Nothing Policies

A news story from today in a slightly alternate universe:

Jobless Rate at 26-Year High

Employers kept slashing jobs at a furious pace in June as the unemployment rate edged ever closer to double-digit levels, undermining signs of progress in the economy, and making clear that the job market remains in terrible shape.

The number of jobs on employers’ payrolls fell by 467,000, the Labor Department said. That is many more jobs than were shed in May and far worse than the 350,000 job losses that economists were forecasting.

Job losses peaked in January and had declined every month until June. The steep losses show that even as there are signs that total economic activity may level off or begin growing later this year, the nation’s employers are still pulling back.

White House press secretary Robert Gibbs said, “President Obama proposed a $787 billion stimulus program to get this country moving again. He tried to save the jobs at GM and Chrysler. But the do-nothing Republicans filibustered and blocked that progressive legislation, and these are the results.”

House Speaker Nancy Pelosi said at a press conference, “We begged President Bush to save Fannie Mae, Merrill Lynch, Bank of America, AIG, the rest of Wall Street, the banks, and the automobile industry. We begged him to spend $700 billion of taxpayers’ money to bail out America’s great companies. We begged him to ignore the deficit and spend more money we don’t have. But did he listen? No, he just sat there wearing his Adam Smith tie and refused to spend even a single trillion to save jobs. And now unemployment is at 9.5 percent. I hope he’s happy.”

Democrats on Capitol Hill agreed that the “do-nothing” response to the financial crisis had led to rising unemployment and a sluggish economy. If the Bush and Obama administrations had been willing to invest in American companies, run the deficit up to $1.8 trillion, and talk about all sorts of new taxes, regulations, and spending programs, then certainly the economy would be recovering by now, they said.

The European Union Stops Banning Ugly Veggies

The European Union has helped create a continental European market and knock down protectionist barriers, which is good.  But it also has created another opportunity for meddling bureaucrats to interfere with people’s lives. 

Now consumer protests have led to at least one victory for liberty.  Reports London’s Sun newspaper:

Now the European Commission has finally scrapped the 20-year ban on 26 types of fruit and veg including asparagus, celery and aubergines.

They ruled they can now be sold - as long as they are labelled as “intended for processing”.

Sainbury’s spokeswoman Lucy Maclennan said: “We are delighted to have played a part in winning the wonky veg war against these bonkers EU regulations.”

Tesco spokesman Adam Fisher said: “It’s not before time. We welcome this move.”

And last night it was predicted the change could see some prices fall by 40 PER CENT.

A Commission official said: “Times have changed - now household budgets are tighter and there is the problem of wasting food.”

One bad regulation down.  Who knows how many to go?

The Roberts Revolution to Come

As I mentioned yesterday, the U.S. Supreme Court surprised many people by ordering a reargument in the case of Citizens United v. Federal Election Commission. Specifically, the Court called for the parties to the case to address the question of overruling Austin v. Michigan Chamber of Commerce.

The Court decided Austin v. Michigan Chamber of Commerce in 1989.  The state of Michigan had prohibited corporations from spending money on electoral speech. In the case in question, the Chamber of Commerce wished to pay for an advertisement backing a candidate for the House of Representatives. The Chamber took this action on its own and not in tandem with the candidate or his party.  Paying for the ad was a felony under Michigan law.

A majority of the Court in 1989 said the Michigan law did not violate the First Amendment. However, the majority had a problem. Previous cases permitted limits on funding electoral speech only in pursuit of a compelling state interest: the prevention of quid pro quo corruption or its appearance. The Court had also ruled that independent spending by groups could not corrupt candidates.

So the majority needed a novel rationale for approving Michigan’s suppression of speech. The majority concluded that speech funded by corporations would distort the democratic process and that the state could prohibits such outlays to prevent harms done by “immense wealth.” In other words, the Austin majority tried to redefine “corruption” as “inequality of influence.” That revision had its own set of problems. Buckely v. Valeo, the Ur-decision in campaign finance, had excluded equality as a compelling state interest justifying regulation of campaign finance.

It is easy to see why the Buckley Court had rejected equality of influence as a reason for restricting political speech. Imagine Congress could prohibit speech that had “too much influence.” But how could that be determined? A majority in Congress would be tempted to suppress speech that threatened the power of that majority.  Paradoxically, the equality rationale would strengthen those who already held power while vitiating representative government. The First Amendment tries to prevent that outcome.

In last year’s decision in Davis v. FEC, the Court again rejected the equality rationale for campaign finance laws.  More and more the Austin decision is looking like bad law.

Justices Kennedy and Scalia, both current members of the Court, wrote dissents in Austin. Justice Thomas has called for Austin to be overruled in other contexts.  Neither Justices Roberts nor Alito is likely to vote to uphold Austin (or the relevant parts of McConnell v. FEC for that matter). But it would seem that either or both of them were unwilling to strike down a precedent without a formal hearing. That hearing will come on September 9 with a decision expected by Thanksgiving.

Almost six years after the Court utterly refused to defend free speech in McConnell v. FEC, the Roberts Court may be ready to vindicate the First Amendment against its accusers in Congress and elsewhere.

Some Thinking on “Cyber”

Last week, I had the opportunity to testify before the House Science Committee’s Subcommittee on Technology and Innovation on the topic of “cybersecurity.” I have been reluctant to opine on it because of its complexity, but I did issue a short piece a few months ago arguing against government-run cybersecurity. That piece was cited prominently in the White House’s “Cyberspace Policy Review” and – blamo! – I’m a cybersecurity expert.

Not really – but I have been forming some opinions at a high level of generality that are worth making available. They can be found in my testimony, but I’ll summarize them briefly here.

First, “cybersecurity” is a term so broad as to be meaningless. Yes, we are constructing a new “space” analogous to physical space using computers, networks, sensors, and data, but we can no more secure “cyberspace” in its entirety than we can secure planet Earth and the galaxy. Instead, we secure the discrete things that are important to us – houses, cars, buildings, power lines, roads, private information, money, and so on. And we secure these things in thousands of different ways. We should secure “cyberspace” the same way – thousands of different ways.

By “we,” of course, I don’t mean the collective. I mean that each owner or controller of a prized thing should look out for its security. It’s the responsibility of designers, builders, and owners of houses, for exmple, to ensure that they properly secure the goods kept inside. It’s the responsibility of individuals to secure the information they wish to keep private and the money they wish to keep. It is the responsibility of network operators to secure their networks, data holders to secure their data, and so on.

Second, “cyber” threats are being over-hyped by a variety of players in the public policy area. Invoking “cyberterrorism” or “cyberwar” is near-boilerplate in white papers addressing government cybersecurity policy, but there is very limited strategic logic to “cyberwarfare” (aside from attacking networks during actual war-time), and “cyberterrorism” is a near-impossibility. You’re not going to panic people – and that’s rather integral to terrorism – by knocking out the ATM network or some part of the power grid for a period of time.

(We weren’t short of careless discussions about defending against “cyber attack,” but L. Gordon Crovitz provided yet another example in yesterday’s Wall Street Journal. As Ben Friedman pointed out, Evgeny Morozov has the better of it in the most recent Boston Review.)

This is not to deny the importance of securing digital infrastructure; it’s to say that it’s serious, not scary. Precipitous government cybersecurity policies – especially to address threats that don’t even have a strategic logic – would waste our wealth, confound innovation, and threaten civil liberties and privacy.

In the cacophony over cybersecurity, an important policy seems to be getting lost: keeping true critical infrastructure offline. I noted Senator Jay Rockefeller’s (D-WV) awesomely silly comments about cybersecurity a few months ago. They were animated by the premise that all the good things in our society should be connected to the Internet or managed via the Internet. This is not true. Removing true critical infrastructure from the Internet takes care of the lion’s share of the cybersecurity problem.

Since 9/11, the country has suffered significant “critical-infrastructure inflation” as companies gravitate to the special treatments and emoluments government gives owners of “critical” stuff. If “criticality” is to be a dividing line for how assets are treated, it should be tightly construed: If the loss of an asset would immediately and proximately threaten life or health, that makes it critical. If danger would materialize over time, that’s not critical infrastructure – the owners need to get good at promptly repairing their stuff. And proximity is an important limitation, too: The loss of electric power could kill people in hospitals, for example, but ensuring backup power at hospitals can intervene and relieve us of treating the entire power grid as “critical infrastructure,” with all the expense and governmental bloat that would entail.

So how do we improve the state of cybersecurity? It’s widely believed that we are behind on it. Rather than figuring out how to do cybersecurity – which is impossible – I urged the committee to consider what policies or legal mechanisms might get these problems figured out.

I talked about a hierarchy of sorts. First, contract and contract liability. The government is a substantial purchaser of technology products and services – and highly knowledgeable thanks to entities like the National Institutes of Standards and Technology. Yes, I would like it to be a smaller purchaser of just about everything, but while it is a large market actor, it can drive standards and practices (like secure settings by default) into the marketplace that redound to the benefit of the cybersecurity ecology. The government could also form contracts that rely on contract liability – when products or services fail to serve the purposes for which they’re intended, including security – sellers would lose money. That would focus them as well.

A prominent report by a working group at the Center for Strategic and International Studies – co-chaired by one of my fellow panelists before the Science Committee last week, Scott Charney of Microsoft – argued strenuously for cybersecurity regulation.

But that begs the question of what regulation would say. Regulation is poorly suited to the process of discovering how to solve new problems amid changing technology and business practices.

There is some market failure in the cybersecurity area. Insecure technology can harm networks and users of networks, and these costs don’t accrue to the people selling or buying technology products. To get them to internalize these costs, I suggested tort liability rather than regulation. While courts discover the legal doctrines that unpack the myriad complex problems with litigating about technology products and services, they will force technology sellers and buyers to figure out how to prevent cyber-harms.

Government has a role in preventing people from harming each other, of course, and the common law could develop to meet “cyber” harms if it is left to its own devices. Tort litigation has been abused, and the established corporate sector prefers regulation because it is a stable environment for them, it helps them exclude competition, and they can use it to avoid liability for causing harm, making it easier to lag on security. Litigation isn’t preferable, and we don’t want lots of it – we just want the incentive structure tort liability creates.

As the distended policy issue it is, “cybersecurity” is ripe for shenanigans. Aggressive government agencies are looking to get regulatory authority over the Internet, computers, and software. Some of them wouldn’t mind getting to watch our Internet traffic, of course. Meanwhile, the corporate sector would like to use government to avoid the hot press of market competition, while shielding itself from liability for harms it may cause.

The government must secure its own assets and resources – that’s a given. Beyond that, not much good can come from government cybersecurity policy, except the occassional good, long blog post.

Morozov vs. Cyber-Alarmism

I’m no information security expert, but you don’t have to be to realize that an outbreak of cyber-alarmism afflicts American pundits and reporters.

As Jim Harper and Tim Lee have repeatedly argued (with a little help from me), while the internet created new opportunities for crime, spying, vandalism and military attack, the evidence that the web opens a huge American national security vulnerability comes not from events but from improbable what-ifs. That idea is, in other words, still a theory. Few pundits bother to point out that hackers don’t kill, that cyberspies don’t seem to have stolen many (or any?) important American secrets, and that our most critical infrastructure is not run on the public internet and thus is relatively invulnerable to cyberwhatever. They never note that to the extent that future wars have an online component, this redounds to the U.S. advantage, given our technological prowess.  Even the Wall Street Journal and New York Times recently published breathless stories exaggerating our vulnerability to online attacks and espionage.

So it’s good to see that the July/ August Boston Review has a terrific article by Evgeny Morozov taking on the alarmists. He provides not only a sober net assessment of the various worries categorized by the vague modifier “cyber” but even offers a theory about why hype wins.

Why is there so much concern about “cyber-terrorism”? Answering a question with a question: who frames the debate? Much of the data are gathered by ultra-secretive government agencies—which need to justify their own existence—and cyber-security companies—which derive commercial benefits from popular anxiety. Journalists do not help. Gloomy scenarios and speculations about cyber-Armaggedon draw attention, even if they are relatively short on facts.

I agree.

Administration Reform Plan Misses the Mark

The Obama Administration is presenting a misguided, ill-informed remake of our financial regulatory system that will likely increase the frequency and severity of future financial crises. While our financial system, particularly our mortgage finance system, is broken, the Obama plan ignores the real flaws in our current structure, instead focusing on convenient targets.

Shockingly, the Obama plan makes no mention of those institutions at the very heart of the mortgage market meltdown – Fannie Mae and Freddie Mac. These two entities were the single largest source of liquidity for the subprime market during its height. In all likelihood, their ultimate cost to the taxpayer will exceed that of TARP, once TARP repayments have begun. Any reform plan that leaves out Fannie and Freddie does not merit being taken seriously.

Instead of addressing our destructive federal policies aimed at extending homeownership to households that cannot sustain it, the Obama plan calls for increased “consumer protections” in the mortgage industry. Sadly, the Administration misses the basic fact that the most important mortgage characteristic that is determinate of mortgage default is the borrower’s equity. However, such recognition would also require admitting that the government’s own programs, such as the Federal Housing Administration, have been at the forefront of pushing unsustainable mortgage lending.

While the Administration plan recognizes the failure of the credit rating agencies, it appears to misunderstand the source of that failure: the rating agencies’ government-created monopoly. Additional disclosure will not solve that problem. What is needed is an end to the exclusive government privileges that have been granted to the rating agencies. In addition, financial regulators should end the outsourcing of their own due diligence to the rating agencies.

The Administration’s inability to admit the failures of government regulation will only guarantee that the next failures will be even bigger than the current ones.