Topic: Telecom, Internet & Information Policy

DHS Promoting Violation of State Law - and Fish Now Smell Good

The Department of Homeland Security is instructing Illinois businesses that they do not have to comply with a law called the Illinois Right to Privacy in the Workplace Act.

The state’s law bars Illinois employers from enrolling in E-Verify or any similar system until the Social Security Administration and DHS can make final determinations on 99 percent of their “tentative nonconfirmation notices” - findings that people aren’t authorized to work under the immigration laws - within three days.

But in a notice that would panic any lawyer advising Illinois clients, the DHS claims that the state “has agreed to not enforce this law” because of its lawsuit against the state. “Illinois has agreed that it will not penalize employers simply for participating in the program, at least until the lawsuit is finished.”

The notice asks people who have been asked to comply with the law to “please contact DHS immediately.” The worry, one supposes, is that a rogue state employee might ask an Illinois business to comply with the state’s laws.

Fascinating. Whatever’s happening here makes the smell of fish downright pleasant.

You’ll be able to learn why Illinois might not want its employers using E-Verify in my forthcoming study, “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration.”

The World Is Not Going To End This Weekend

One of the biggest problems in the FISA debate is that a lot of the reporters writing about the subject seem to be seriously confused about the details of the legislative process. Take, for example, the lede to this write-up of yesterday’s action from the Politico:

House Democrats were unable to hold together their caucus on a key intelligence vote on Wednesday, as a coalition of Republicans, Blue Dog Democrats and liberals helped defeat a measure to extend the Foreign Intelligence Surveillance Act as the deadline approaches.

The measure, which failed 191 to 229, would have extended the bill an additional three weeks to work out differences with the Senate on the issue of granting immunity to telecom companies which aided the federal government in wiretapping.

FISA is not expiring this weekend. FISA was passed in 1978 and isn’t slated to expire ever. What’s going to expire this weekend is the Protect America Act, which gave the president some additional spying powers beyond those he enjoyed under FISA. And in fact, even that is misleading, because all that’s really going to expire is the ability to authorize new surveillance activities. The PAA allowed the government to authorize surveillance programs for a year, which means that any surveillance programs that have already been approved will continue to be authorized until August at the earliest.

What this means is that the only real effect of the PAA’s expiration is that if a new terrorist suspect comes to the government’s attention, and he makes a phone call or sends an email that passes through the United States, then the government would need to fill out the extra paperwork required to get a FISA warrant in order to surveil that call. This paperwork can be filled out after the interception begins, so we’re not talking about the NSA missing any important phone calls, we’re just talking about bureaucrats doing some paperwork. That’s a problem, to be sure, but it’s a pretty minor one.

Yet virtually every press account I’ve seen seems to accept the White House’s story that the expiration of the PAA would completely shut down terrorist surveillance activities. My guess is that this is a combination of ignorance on the part of reporters and the desire to make the story seem more dramatic. (And conservative pundits like Andrew McCarthy have made no effort to clear up the confusion) But it’s a real problem, because it may allow the president to stampede Congress into passing legislation they’ll regret later.

Update: Luckily, some journalists are paying attention. My friend (and Cato alum) Julian Sanchez has a write-up for Ars Technica that accurately describes the state of play:

House Speaker Nancy Pelosi (D-CA) has signaled that she may be prepared to face down the threat. “Even if the Protect America Act expires later this week,” Pelosi said in a statement, “the American people can be confident that our country remains safe and strong. Every order entered under the law can remain in effect for 12 months from the date it was issued.” Since many observers believe that the surveillance authorizations under the PAA are likely to be couched in quite broad terms, it is likely that intelligence agencies will be able to continue most surveillance without further authorization even if the bill does lapse. The ACLU has urged Congress to simply allow the PAA to expire.

Business Travel Group Seeks Change to REAL ID

The Association of Corporate Travel Executives recognizes the problems that the Department of Homeland Security will cause if it follows through on the threat to make air travel inconvenient for people from states that refuse the REAL ID Act’s national ID mandate. That’s why ACTE has released a statement asking for change to the REAL ID law.

An ACTE release published on etravelblackboard.com says:

“The traveling public needs more time to consider how these new regulations will affect them, and to be made aware of alternative efforts that may serve the same security objectives with less stress,” said Gurley. “Divisive activity by pressuring states into accepting a mandate at the risk of inconveniencing travelers is not conducive to the best policy-making.”Gurley is referring to the Identification Security Enhancement Act S.717, described as a “compelling alternative to Real ID,” and is cosponsored by four senators from both parties. A companion bill, H.R. 1117, introduced by Tom Allen (D-ME) has been cosponsored by 32 representatives. It has been stated that these bills would produce a more secure identification program, faster than the implementation date (2017) given by DHS.

As I wrote in the American Spectator a week ago:

With enough states saying “Hell No” to the REAL ID mandate, the feds will back down from their threat to make air travel inconvenient. The airline industry will be up on Capitol Hill faster than you can say “You are now free to move about the country.” Congress will back the DHS off.

I was close. It turns out to be an air travelers group making the first to move to end DHS’s brinksmanship.

Telecom Amnesty

Over at Slate, I wonder what ever happened to the Republican devotion to the rule of law:

Press reports suggest that the Bush administration has created at least two warrantless surveillance programs with the cooperation of major telecom companies. The first, reported by the New York Times in 2005, involved the warrantless interception of several hundred Americans’ international phone calls and e-mails. Under the second, first reported by USA Today in 2006, Verizon and AT&T (then called SBC) reportedly provided the government with access to the domestic calling records of its customers. Qwest CEO Joseph P. Nacchio declined to participate in the latter program, believing that doing so would be against the law. Nacchio now alleges that the NSA retaliated for his refusal by canceling an unrelated, lucrative government contract. (He faces unrelated charges of insider trading.) Last summer, the Heritage Foundation’s Matthew Spalding insisted that giving amnesty to illegal immigrants would be “deeply unfair to the millions who obey the law and abide by the rules.” By the same token, letting AT&T and Verizon off the hook would not only be unfair to the customers whose privacy they violated, it would also be unfair to Qwest, which was put at a competitive disadvantage for obeying the law.

Last year, when the Senate was debating immigration reform, Sen. Kay Bailey Hutchinson was arguing that “America is based on the rule of law, and that law must be enforced.” Many other Republican Senators expressed similar sentiments, opposing any leniency for illegal immigrants. But yesterday she voted with every one of her Republican colleagues to forgive telecom companies for their illegal activities. If migrant workers are obligated to obey our laws, surely our largest corporations have the same obligation.

Airport Security Technology Stuck in the Pipeline

The Washington Post has a story today on the slow pace of progress in airport security technology. We would see faster development of better, more consumer-friendly security technology if the airlines were entirely responsible for it. Here’s a glimpse of what I said about this in an written debate hosted by Reason magazine a few years ago:

Airlines should be given clear responsibility for their own security and clear liability should they fail. Under these conditions, airlines would provide security, along with the best mix of privacy, savings, and convenience, in the best possible way. Because of federal involvement, air transportation is likely less safe today than it would be if responsibility were unequivocally with the airlines.

Would Telco Immunity Be Unconstitutional?

Via EFF, a fascinating article on the possible constitutional issues raised by the push to give telecom companies retroactive immunity for illegal surveillance. Anthony Sebok points out that the courts have historically held that plaintiffs in tort suits have a constitutionally-protected property interest that the court cannot wipe away without compensation. I’m not a constitutional lawyer, so I won’t venture an opinion on whether his argument is right or not. But I think it does remind us of an important fact: the plaintiffs in these lawsuits are real people whose rights have allegedly been violated by these companies.

The FISA debate raises a lot of interesting policy questions about the appropriate relationships among the government, the courts, and the telecom industry. But while those questions are important, we shouldn’t lose sight of the fact that this debate is also about a contractual relationship between those telecom companies and millions of ordinary customers. Customers had a reasonable expectation that those companies would not share their private data with third parties unless doing so was legally required. It appears that certain large telecom companies may have violated that trust. If so, it seems to me that the customers should have their day in court.

Patents, Injunctions, and Uncertainty

There’s some fantastic back and forth between Chicago law professor Richard Epstein (a Cato adjunct scholar) and Berkeley law professor Peter Menell about the similarities and differences between physical property and what’s often called intellectual property—patents and copyrights. The exchange is a response to Menell’s previous contribution to Regulation.

I think Menell has the better of the argument. They both devote a considerable amount of ink to the eBay v. MercExchange, which centered around the question of when it’s appropriate to grant injunctions for patent infringement. Epstein has generally advocated a rule that grants injunctions more freely, arguing that this creates more certainty for the patent holder. Menell, in contrast, has argued that damages are often more appropriate.

The reason this matters is that if an injunction is granted, it can often drive the losing party into bankruptcy. In 2006, for example, Research in Motion, makers of the popular BlackBerry mobile device, was forced to pay $612 million to a company called NTP that had no employees, no products, and patents that were subsequently ruled invalid by the patent office. By rights, NTP shouldn’t have gotten a dime (because there was ample prior art for its “inventions”) but because RIM would have been forced to shut down its BlackBerry network before it had exhausted its appeals, NTP was able to extort hundreds of millions of dollars from the firm.

Interestingly, Epstein alludes to the biggest flaw in his argument, but doesn’t stop to ponder its implications. He writes:

This set of institutional arrangements [from real property] does not carry over perfectly to patent cases where the fact of infringement is harder to determine outside the piracy context, owing to the lack of clear boundaries that surround any patent.

This is a gross understatement. The boundaries of many patents—especially those relating to software, which is what the MercExchange case was focused on—are so fuzzy that it’s basically impossible for even the most experienced patent lawyer to predict accurately which of the hundreds of thousands of software patents in existence might be related to a given software product. Microsoft, for example, has darkly hinted that the Linux operating system had infringed several hundred software of its patents, but the company has refused to say which patents they are and the Linux develop community hasn’t been able to figure it out.

I share Epstein’s goal to create “a system of secure property rights that allows people to transact at low cost and high reliability,” but I think he fails to appreciate how completely our current patent system fails that test. In many cases, an inventor wishing to identify the patents his new invention might infringe has no low-cost or high-reliability means of doing so. This introduces uncertainty and litigation that greatly reduces the potential rewards for inventive activity. Strengthening these vague patents even further by making injunctions even easier to obtain will only make the problem worse, because the disincentives created by the patent system will be magnified.

It’s also worth noting the important contrast between patents and physical property: if a court fails to grant you an injunction against someone who’s using your land, you are thereby deprived of the opportunity to use the land yourself. In contrast, if the court fails to grant an injunction against a patent infringer, you have lost nothing other than potential licensing revenues. This means that unlike with physical property, there’s no compelling reason to impose the potentially devastating remedy of an injunction any earlier than absolutely necessary.