Tag: risk

Serial Innumeracy on Homeland Security

This post was co-authored with Mark G. Stewart, professor of civil engineering and director of the Centre for Infrastructure Performance and Reliability at The University of Newcastle in Australia.

At hearings of the Senate Homeland and Governmental Affairs Committee earlier this month, former congresswoman Jane Harman (D-CA), now head of the Wilson Center in Washington, made a gallant stab at coming up with, and hailing, some homeland security functions that “execute well.”

At the top of Harman’s list was the observation that Customs and Border Protection (CBP) last year stopped more than 3,100 individuals from boarding U.S.-bound aircraft at foreign airports for national security reasons. Since these were plucked out of more than 15 million travelers that went through 15 pre-clearance locations overseas, it was, she exclaimed enthusiastically, “like picking needles from a haystack!”

Committee chair Senator Joseph Lieberman (I-CT) waxed even more enthusiastic about the number, concluding grandly that it “took very sophisticated data systems and implementation of those systems to make that happen” and that “we’re all safer as a result of it.”

This was an exercise in serial innumeracy, of course, because the relevant statistic is not how many individuals were denied entry, but how many of those denied actually presented a security threat. Neither enthusiast presented relevant data, but, judging from the fact that no one apparently was arrested (we’d tend to know if they had been), the number was likely just about  zero. Nor was information presented about the problems or costly inconvenience inflicted upon the many who were likely waylaid in error.

Moreover, it is not clear where the Harman/Lieberman number even comes from. According to Homeland Security officials interviewed by Michael Schmidt for a recent article in the New York Times, only 250 people in each of the last two years were turned away or even pulled aside for questioning as potential national security risks by pre-clearance screeners. Maybe CBP is even more “sophisticated” at picking needles from haystacks than Harman and Lieberman give it credit for. Does that mean we’re even safer as a result? Or less so?

Schmidt also supplies information that calls into question the whole pre-clearance enterprise. Stimulated in considerable measure by the failed underwear bomber attempt to blow up an airliner flying from Europe to Detroit in 2009, the program is, as Department of Homeland Security chief Janet Napolitano stresses “an expensive proposition.” Although it has been instituted so far only in airports in Canada, the Caribbean, and Ireland, it already costs $115 million a year. Expansion to hundreds of other airports (including the one the underwear bomber actually took off from) is not only costly, but requires a major diplomatic effort because it involves cajoling foreign governments into granting the United States police-like powers on their own soil. The program has not foiled any major plots thus far, notes Schmidt, and he pointedly adds that it would scarcely be difficult for a would-be terrorist to avoid the few airports with pre-clearance screening to board at one of the many that do not enjoy that security frill.

But the main innumeracy issue in all this is that the key question, as usual when homeland security is up for consideration, is simply left out of the discussion. The place to begin is not “are we safer” with the security measure in place, but how safe are we without it.

We have calculated that, for the 12-year period from 1999 through 2010 (which includes 9/11, of course), there was one chance in 22 million that an airplane flight would be hijacked or otherwise attacked by terrorists.

The question that should be asked of the numerically-challenged, then, is the one posed a decade ago by risk analyst Howard Kunreuther: “How much should we be willing to pay for small reductions in probabilities that are already extremely low?”

Cross-posted from the Skeptics at the National Interest.

Soviet-Style Cybersecurity Regulation

Reading over the cybersecurity legislative package recently introduced in the Senate is like reading a Soviet planning document. One of its fundamental flaws, if passed, would be its centralizing and deadening effect on society’s responses to the many and varied problems that are poorly captured by the word “cybersecurity.”

But I’m most struck by how, at every turn, this bill strains to release cybersecurity regulators—and their regulated entities—from the bonds of law. The Department of Homeland Security could commandeer private infrastructure into its regulatory regime simply by naming it “covered critical infrastructure.” DHS and a panel of courtesan institutes and councils would develop the regulatory regime outside of ordinary administrative processes. And—worst, perhaps—regulated entities would be insulated from ordinary legal liability if they were in compliance with government dictates. Regulatory compliance could start to usurp protection of the public as a corporate priority.

The bill retains privacy-threatening information-sharing language that I critiqued in no uncertain terms last week (Title VII), though the language has changed. (I have yet to analyze what effect those changes have.)

The news for Kremlin Beltway-watchers, of course, is that the Department of Homeland Security has won the upper-hand in the turf battle. (That’s the upshot of Title III of the bill.) It’s been a clever gambit of Washington’s to make the debate which agency should handle cybersecurity, rather than asking what the government’s role is and what it can actually contribute. Is it a small consolation that it’s a civilian security agency that gets to oversee Internet security for us, and not the military? None-of-the-above would have been the best choice of all.

Ah, but the government has access to secret information that nobody else does, doesn’t it? Don’t be so sure. Secrecy is a claim to authority that I reject. Many swoon to secrecy, assuming the government has 1) special information that is 2) actually helpful. I interpret secrecy as a failure to put facts into evidence. My assumption is the one consistent with accountable government and constitutional liberty. But we’re doing Soviet-style cybersecurity here, so let’s proceed.

Title I is the part of the bill that Sovietizes cybersecurity. It brings a welter of government agencies, boards, and institutes together with private-sector owners of government-deemed “critical infrastructure” to do sector-by-sector “cyber risk assessments” and to produce “cybersecurity performance requirements.” Companies would be penalized if they failed to certify to the government annually that they have “developed and effectively implemented security measures sufficient to satisfy the risk-based security performance requirements.” Twenty-first century paperwork violations. But in exchange, critical infrastructure owners would be insulated from liability (sec. 105(e))—a neat corporatist trade-off.

How poorly tuned these security-by-committee processes are. In just 90 days, the bill requires a “top-level assessment” of “cybersecurity threats, vulnerabilities, risks, and probability of a catastrophic incident across all critical infrastructure sectors” in order to guide the allocation of resources. That’s going to produce risk assessment with all the quality of a student term paper written overnight.

Though central planning is not the way to do cybersecurity at all, a serious risk assessment would take at least a year and it would be treated explicitly in the bill as a “final agency action” for purposes of judicial review under the Administrative Procedure Act. The likelihood of court review and reversal is the only thing that might cause this risk assessment to actually use a sound methodology. As it is, watch for it to be a political document that rehashes tired cyberslogans and anecdotes.

The same administrative rigor should be applied to other regulatory actions created by the bill, such as designations of “covered critical infrastructure,” for example. Amazingly, the bill requires no administrative law regularity (i.e., notice-and-comment rulemaking, agency methodology and decisions subject to court review) when the government designates private businesses as “covered critical infrastructure” (sec. 103), but if an owner of private infrastructure wants to contest those decisions, it does require administrative niceties (sec. 103(c)). In other words, the government can commandeer private businesses at whim. Getting your business out of the government’s maw will require leaden processes.

Hopefully, our courts will recognize that a “final agency action” has occurred at least when the Department of Homeland Security subjects privately owned infrastructure to special regulation, if not when it devises whatever plan or methodology to do so.

The same administrative defects exist in the section establishing “risk-based cybersecurity performance requirements.” The bill calls for the DHS and its courtesans to come up with these regulations without reference to administrative process (sec. 104). That’s what they are, though: regulations. Calling them “performance requirements” doesn’t make a damn bit of difference. When it came time to applying these regulatory requirements to regulated entities (sec. 105), then the DHS would “promulgate regulations.”

I can’t know what the authors of the bill are trying to achieve by bifurcating the content of the regulations with the application of the regulations to the private sector, but it seems intended to insulate the regulations from administrative procedures. It’s like the government saying that the menu is going to be made up outside of law—just the force-feeding is subject to administrative procedure. Hopefully, that won’t wash in the courts either.

This matters not only because the rule of law is an important abstraction. Methodical risk analsysis and methodical application of the law will tend to limit what things are deemed “covered critical infrastructure” and what the regulations on that infrastrtucture are. It will limit the number of things that fall within the privacy-threatening information sharing portion of the bill, too.

Outside of regular order, cybersecurity will tend to be flailing, spasmodic, political, and threatening to privacy and liberty. We should not want a system of Soviet-style regulatory dictates for that reason—and because it is unlikley to produce better cybersecurity.

The better systems for discovering and responding to cybersecurity risks are already in place. One is the system of profit and loss that companies enjoy or suffer when they succeed or fail to secure their assets. Another is common law liability, where failure to prevent harms to others produces legal liability and damage awards.

The resistance to regular legal processes in this bill is part and parcel of the stampede to regulate in the name of cybersecurity. It’s a move toward centralized regulatory command-and-control over large swaths of the economy through “cybersecurity.”

Bathtubs, Terrorists, and Overreaction

I dislike our national obsession with anniversaries and tendency to convert solemn occasions into maudlin ones; to fetishize perceived collective victimization rather than simply recognizing real victims. That kept me from joining in the outpouring of September 11 reflection, now mercifully receding. But I have reflections on the reflections.

The anniversary commentary has, happily, included widespread consideration of the notion that we overreacted to the attacks and did al Qaeda a favor by overestimating their power and making it easier for them to terrorize. Even the Wall Street Journal allowed some of the bigwigs they invited to answer their question of whether we overreacted to the attacks to say, “yes, sort of.”

Unsurprisingly, however, the Journal’s contributors, like almost every other commentator out there, did not define overreaction. It’s easy and correct to say we’ve wasted dollars and lives in response to September 11 but harder to answer the question of how much counterterrorism is too much. So this post explains how to do that, and then considers common objections to the answer.

That answer has to start with cost-benefit analysis. As I put it in my essay in Terrorizing Ourselves, a government overreaction to danger is a policy that fails cost-benefit analysis and thus does more harm than good. But when we speak of harm and good, we have to leave room for goods, like our sense of justice, that are harder to quantify.

Cost-benefit analysis of counterterrorism policies requires first knowing what a policy costs, then estimating how many people terrorists would kill absent that policy, which can involve historical and cross-national comparisons, and finally converting those costs and benefits into a common metric, usually money. Having done that analysis, you have a cost-per-life-saved-per-policy, which can be thought of as the value a policy assigns to a statistical life—the price we have decided to pay to save a life from the harm the policy aims to prevent.

Then you need to know if that price is too high. One way to do so, preferred by economists, is to compare the policy’s life value to the value that the target population uses in their life choices (insurance purchases, salary for hazardous work, and so on). These days, in the United States, a standard range for the value of a statistical life is four to eleven million dollars. If a policy costs more per life saved than that, the market value of a statistical life, then the government could probably produce more longevity by changing or ending the policy. A related concept is risk-risk or health-health analysis, which says that at some cost, a policy will cost more lives than it saves by destroying wealth used for health care and other welfare-enhancing activities. One calculation of that cost, from 2000, is $15 million.

In a new book, Terror, Security, and Money: Balancing the Risks, Benefits, and Costs of Homeland Security,* John Mueller and Mark Stewart use this approach to analyze U.S. counterterrorism’s cost-effectiveness, generating a range of estimates for lives saved for various counterterrorism activities. I haven’t yet read the published book, but in articles that form its basis, they found that most counterterrorism policies, and overall homeland security spending, spend exponentially more per-life saved than what regulatory scholars consider cost-effective.

That is a strong indication that we are overreacting to terrorism. It is not the end of the necessary analysis however, since it leaves open the possibility that counterterrorism has benefits beyond safety that justify its costs. More on that below.

Objections to this mode of analysis have four varieties. First, people have a visceral objection to valuing human life in dollars. But as I just tried to explain, policies themselves make such valuations, trading lives lost in one way for lives lost in another. So this objection amounts to an unconvincing plea to keep such tradeoffs secret and make policy in the dark.

Second, people challenge the benefit side of the ledger by arguing that terrorists are actually far more dangerous than the data says. Analysts say that weapons of mass destruction mean that future terrorists will kill far more than past ones. One response is that you should be suspicious anytime someone tells you that history is no guide to the present. It tends to be the best guide we have, for terrorism and everything else. Our analysis of terrorists’ danger should acknowledge that the last ten years included no mass terrorism, contrary to so many predictions. Another response is that one can, as Mueller and Stewart have, include high-end guesses of possible lives saved to show the upwards bounds of what counterterrorism must accomplish to make it worthwhile. The results tend to be so far-fetched that they demonstrate how excessive these policies are.

A third objection is to claim that some counterterrorism costs are actually terrorism’s costs. Government should spend heavily to avoid terrorism, this logic says, because our reaction to the attacks we would otherwise fail to prevent will cost far more. In other words, if an expensive overreaction is inevitable, it helps justify the seemingly excessive up-front cost of defenses.

One problem with this objection is that it approaches tautology by treating a policy’s cost as its own justification. See, for example, Atlantic writer Jeffrey Goldberg’s recent response to John Mueller’s observation in the Los Angeles Times that more people die annually worldwide from bathtub drowning than terrorism and the article’s suggestion that we might therefore be overreacting to the latter. Goldberg argues, essentially, that we have to overreact to terrorism lest we overreact to terrorism. Then, after his colleague James Fallows points out the logical trouble, Goldberg, without admitting error, switches to argument two above, while failing to acknowledge, let alone respond to, Mueller’s several books and small library of articles shooting that argument down.

Another problem with the inevitable overreaction argument is that overreaction might happen only following rare, shocking occasions like September 11. Future attacks might be accepted without strong demand for more expensive defenses. Moreover, the defenses might not significantly contribute to preventing attacks and overreaction.

The best objection to Mueller and Stewart’s brand of analysis is to point out counterterrorism’s non-safety benefits. The claim here is that terrorism is not just a source of mortality or economic harm, like carcinogens or storms, but political coercion that offends our values and implicates government’s most traditional function. Defenses against human, political dangers provide deterrence and a sense of justice. These benefits may be impossible to quantify. These considerations may justify otherwise excessive counterterrorism costs.

I suspect that Mueller and Stewart would agree that this argument is right except for the last sentence. Its logic serves any policy said to combat terrorism, no matter how expansive and misguided. We may want to pay a premium for our senses of justice and security, but we need cost-benefit analysis to tell us how large that premium now is. Nor should we assume that policies justified by moral or psychological ends actually deliver the goods. Were it the case that our counterterrorism policies greatly reduced public fear and blunted terrorists’ political strategy, they might indeed be worthwhile. But something closer to the opposite appears to be true. Al Qaeda wants overreaction—bragging of bankrupting the United States—and our counterterrorism policies seem as likely to cause alarm as to prevent it.

*Muller and Stewart will discuss their book at a Cato book forum on October 24. Stay tuned for signup information.

(Cross-posted from TNI’s The Skeptics.)

Put Federal Flood Insurance Out of Its Misery

The House of Representatives is scheduled this week, as early as today, to consider an extension and “reform” of the National Flood Insurance Program (NFIP), administered by FEMA. Since Hurricane Katrina in 2005, the NFIP has been about $18 billion in the hole. And this is from a program that only collects around $2 billion a year in premiums, which barely covers losses and expenses in a normal year. So make no mistake, the NFIP is still on course to cost the taxpayer billions more in the future.

Even before Katrina, the Congressional Budget Office estimated that the NFIP was receiving a subsidy of close to a billion dollars a year. Under CBO’s optimistic projections, the House’s reform bill would increase NFIP revenues by about $4 billion over the next ten years, making only a small dent in the program’s current deficit.

The projected cost savings could potentially be lost by the expansion of the NFIP in the House bill. Yes, you read that correctly. Despite being deep in debt, the House is proposing to expand the coverage, and hence the risk, underwritten by the NFIP. For instance, the reform bill adds coverage for living expenses and “business interruption expenses,” as well as increasing the coverage limit from $350,000 (250k for structure and 100k for contents) to about $520,000 per home.

Such a massive expansion of coverage would likely drive out the existing providers of excess flood insurance coverage. And yes, you also read that correctly: there are a handful of insurers that offer private flood insurance. There is absolutely no reason that the private market could not offer flood insurance. Yes, rates might go up for the highest risk properties, but they would likely go down for others (and clearly reduce costs to the taxpayer). And given the high administrative costs of the NFIP (about 30 percent of premiums go directly to private insurance companies to help run it), it is likely that a completely private system of flood insurance would be cheaper.

In the aftermath of the housing bubble and its extreme costs to the taxpayer, we should eliminate the vast array of subsidies for housing construction, including the NFIP. If there’s one thing we should have learned, the underpricing of risk can have disastrous results.

The Folly of Succeeding in Libya

Tonight, to sell the illusion of America’s “limited military action” in Libya’s civil war, President Barack Obama insisted that America had a moral imperative to intervene militarily, implying he will do so wherever foreign leaders commit atrocities against their people. This latest mission in the name of “humanitarian imperialism” is extremely dangerous. In fact, if all goes well in Libya, it might be just as bad as if we fail.

Consider, for instance, if I walked through a wall of fire and came out the other side unharmed. Although I came out safe and sound, my decision to walk through the wall of fire was still misinformed. My good outcome was simply one among a host of potentially terrible outcomes. After all, if I were to walk through that wall of fire again and again, given the danger and level of risk, I would end up with many more bad outcomes than good outcomes.

In this respect, and in terms of our external security commitment to Libya, what matters is not necessarily a good outcome, but making a good decision in the face of various options. Thus, even a narrow and limited military engagement does not mean an absence of risk; one need only reference our “narrow and limited” military engagement in Vietnam to understand the danger of foreign gambles. If indeed our military can be ordered by the president to any corner of the globe, for the advance of human rights and in the absence of vital American interests, then the repercussions of our latest intervention could reverberate well beyond Libya.

The Court Tackles a Hard Case: Implications for ObamaCare?

The Supreme Court hears oral argument today in an important pre-emption case, Bruesewitz v. Wyeth, which asks whether the National Vaccine Injury Compensation Act of 1986 pre-empts state law “design defect” suits brought against vaccine manufacturers. I’ve discussed this complex case more fully in an op-ed at the Daily Caller, but in a nutshell, Congress passed the Act to address the risks inherent in vaccinations through a federal no-fault ”Vaccine Court” rather than through the vagaries of state tort law. It did so because the inability to make vaccines entirely safe, plus uncertainty surrounding causation, coupled with the penchant of state juries to discount those issues in favor of sympathetic plaintiffs, had rendered most manufacturers unwilling to produce needed vaccines at reasonable costs.  

In drafting the statute, however, Congress left things unclear, to put it charitably. Thus, the Court will have to make sense of this language:

No vaccine manufacturer shall be liable in a civil action for damages arising from a vaccine-related injury or death associated with the administration of a vaccine… if the injury or death resulted from side effects that were unavoidable even though the vaccine was properly prepared and was accompanied by proper directions and warnings.

Although the Act allows victims to sue over manufacturing defects, conduct that would subject a manufacturer to punitive damages, and a manufacturer’s failure to exercise due care, nowhere does it define “unavoidable”—and there’s the nub of the matter. In the case before the Court, a three-judge Third Circuit panel decided unanimously for Wyeth, as did the district court. But in another case five months earlier, a nine-member Georgia Supreme Court, facing similar facts, decided unanimously for the plaintiff.

And behind it all is the question whether Congress should have pre-empted state law in the first place. It probably should have here, but that’s a close call. And the implications for ObamaCare are not absent in this case, which could be a portent of the complex and uncertain litigation that lies ahead if the scheme is not repealed. As I say at the outset of my post, hard cases make bad law, but bad law too makes hard cases, and this is one. Does anyone think that ObamaCare is anything but bad law? We’ll know once we figure out “what’s in it,” as the lady said.

‘New Food Safety Bill Could Make Things Worse’

That’s not just my view; that’s the view of writer Barry Estabrook, an ardent critic of the food industry (“Politics of the Plate”), writing at The Atlantic. You needn’t go along completely with Estabrook’s dim view of industrialized agriculture to realize he’s right in one of his central contentions: “the proposed rules would disproportionately impose costs upon” small producers, including traditional, low-tech and organic farmers and foodmakers selling to neighbors and local markets. Even those with flawless safety records or selling low-risk types of foodstuff could be capsized by new paperwork and regulatory burdens that larger operations will be able to absorb as a cost of doing business. (Earlier here and here.)

Things could reach a showdown any day now. The food safety bill had stalled in the Senate under criticism from small farmer advocates, as the New York Times acknowledged the other day in an absurdly slanted editorial that somehow got printed as a news article. Now Harry Reid is talking about forcing the bill through before the midterms. Significantly – as advocates of the bill trumpet – large foodmakers and agribusiness concerns have signed off on the bill as acceptable to them. Well, yes, they would, wouldn’t they?

I was on TV the other week (Hearst news service) trying to make a few of these points. I borrowed my closing line from an excellent Steve Chapman column, which I was unable to credit on air, but can credit here.