Topic: Telecom, Internet & Information Policy

Harpers Denounce Border Plan, ID Systems

A prominent Harper spoke out this week against the plan to require passports or passport-‘lite’ ID cards for crossing the U.S.-Canada border. That’s Canadian Prime Minister Stephen Harper. 

He is no relation to the Cato Institute’s director of information policy studies, Jim Harper, who spoke out about the Western Hemisphere Travel Initiative’s PASS card system two weeks ago

The Western Hemisphere Travel Initiative (WHTI) sounds like a wonderful thing. It’s hard to be against travel. But WHTI is actually about shrinking commerce and travel among the friendly countries in our region.

In the Intelligence Reform and Terrorism Prevention Act of 2004, Congress pushed the Department of Homeland Security to create an “automated biometric entry and exit data system” for people crossing the borders. A prominent proposal is the PASS card, which stands for People Access Security Service. It is envisioned as a card containing an RFID chip that is to be given to passport holders. The chip would alert the DHS when a person arrives at a border crossing. 

“Pre-positioning” data by sending an electronic signal from 30 or more feet sounds like it would make border crossings go faster. But moving identification data is not what takes time at border crossings — it’s checking to see if the person and the identity information match up. 

An RFID-chipped PASS card would mean that lots more information about American citizens’ movements would be collected. It’s a system not just verifying that travelers are citizens or legal aliens — it’s a system for collecting information about our comings and goings, yet another dimension of our lives revealed to the government to do with as it will.

Congress seems held in thrall by national ID systems. Last week, the House passed a bill to require showing identification cards for voting. And, of course, we already have the REAL ID Act, which by May 2008 will have states issuing drivers’ licenses and ID cards to national standards (sharing driver information nationwide, too) — if states comply. Harper of the Cato Institute testified to a New Mexico legislative committee about that issue last week. The National Conference of State Legislatures reports that compliance with the REAL ID Act will cost $11 billion dollars nationwide.

Identification seems to offer an easy technological quick-fix for ailments like illegal immigration and terrorism. But what most of these schemes would do is further regiment and control law-abiding people while merely inconveninencing criminals, terrorists, and any other threat with a modicum of sophistication and motivation.

My book Identity Crisis has more on this and all other facets of identification.

Cato Unbound - Migrating Toward National ID?

The current Cato Unbound, Mexicans in America, is the usual provocative and wide-ranging fare.  There’s no lack of issues - or passion - in the debate about immigration.

One item in the current discussion that piques my interest - indeed, concerns me - is the formative consensus that “internal enforcement” of the immigration laws is a good idea. 

University of Texas at Austin economics professor Stephen Trejo writes:

Given that most illegal immigrants come to the United States to work, why don’t we get serious about workplace enforcement? Retail stores are able to verify in a matter of seconds consumer credit cards used to make purchases. Why couldn’t a similar system be put in place to verify the Social Security numbers of employees before they are hired? …  I suspect that we could do much more to control illegal immigration by directing technology and other enforcement resources toward the workplace rather than toward our porous southern border.

Doug Massey, co-director of the Mexican Migration Project at the Office of Population Research, Princeton University, has interesting information and ideas for reform to which he would adjoin ”a simple employment verification program required of all employers to confirm the right to work.”

It does sound simple - until you step back and realize that the simple idea they’re talking about is giving the federal government the power to approve or reject every Americans’ job application.  Does anyone think that this power, once adopted - and the technology put in place to administer it - will be limited to immigration law enforcement?

To do this, all people - not just immigrants, all people - would have to be able to prove their identity to federal standards, likely using some kind of bullet-proof identity document (even more secure than current law requires).  That will soon be in place thanks to the REAL ID Act.  Once we’re all carrying a bullet-proof identity document, do you think that its use will be limited to proof of identity for new employees?

It’s easy to see how facile acceptance of internal immigration law enforcement adds weight to arguments for expanded government control and tracking of all citizens.  There are plenty of reasons to be concerned with internal enforcement, and the national ID almost certainly required to make that possible.  Many of them are discussed in my book, Identity Crisis: How Identification is Overused and Misunderstood.

Privacy Debacle Top Ten

Wired News reporter Annalee Newitz has compiled a “top ten” list of privacy debacles

It’s easy to quibble with the results, but I was delighted to see “The Creation of the Social Security Number” at #1.  Our national identifier has used its government backing to push aside all others and enable government and corporate surveillance on a scale that would never have occurred under natural conditions.

In Identity Crisis: How Identification is Overused and Misunderstood, I discuss how the uniform identification system we’ve built around the Social Security Number is insecure for individuals, making information about them too readily available to governments, corporations, and crooks. 

The fix is nothing so ham-handed as banning uses of Social Security Numbers.  Rather, it will be necessary to remake our identification systems so that they are diverse and competitive, and thus solicitous of individuals’ interests.

Watching the “Lack of Competition” Meme

Ars Technica — a wonderful publication with brief, informative, and interesting pieces on technology — is showing a little sloppliness in covering the broadband competition issue. The question whether there is sufficient competition in the provision of broadband Internet service underlies the debate about “net neutrality” — whether there should be public utility regulation of broadband.

Discussing FTC chair Deborah Majoras’ speech at the PFF Aspen Summit, an Ars reporter casually observes, “[M]arket forces really do not exist when it comes to broadband.” That’s at least overstatement. A little more caution would be good given the centrality of the issue.

To show the existence of a duopoly (which is not inherently a competition-free situation), the report links to an earlier Ars piece interpreting a study as showing “not much” competition between DSL and cable. But that conclusion goes only to price competition. And it’s a little overstated, too.

The actual study, from a group called Kagan Research, seems to show that DSL is the low-cost option (and getting lower), while cable is the high-bandwidth option (getting higher in bandwidth while dropping in cost more slowly). That diminishes head-to-head price(-only) competition because each is focused on a different niche. But they’re still in competition.

The Kagan Research analyst concludes: “Eventually, cable will probably have make [sic] some reductions to cater to the lower end of the consumer market simply to get more customers.” So the study author believes more direct price competition is coming.

That’s some distance from “market forces really do not exist when it comes to broadband.” There is some price and quality competition among the major broadband platforms. Substitutes (such as getting broadband at work and getting information and entertainment offline) play a role in the competition question. And several competitors wait in the wings, to become viable through improvements in technology, new investment, or bad behavior by the current platforms.

I hasten to add that I am not satisfied with the current level of competition. I would like it to be more intense along all fronts and in all regions.

Data Mining or the Fourth Amendment?

Boalt Hall Law Professor and Visiting AEI Scholar John Yoo writes in a short piece on the AEI website that we should consider using data mining to pursue terrorists. He makes at least two errors: one historical and one statistical.

Discussing the recent vogue for making U.S. law more like Britain’s, Yoo writes:

[I]ncreasing detention time or making warrants easier to come by merely extends an old-fashioned approach to catching terrorists. These tools require individualized suspicion and “probable cause”; police must have evidence of criminal activity in hand. Such methods did not prevent 9/11, and stopping terrorists, who may have no criminal record, requires something more.

It’s hard to put aside that the vogue for making U.S. law more like Britain’s would undo part of what the Revolutionary War was fought for. And Yoo’s placement of the phrase “probable cause” in quotes — I hope that’s not to suggest that the language of the Fourth Amendment is quaint.

But putting all that aside, Yoo’s first error has to do with more-recent history. He argues that traditional investigative methods “did not prevent 9/11.” But traditional investigative methods weren’t applied to the problem. 

Operatives like Khalid al Midhar — an individual with jihadist connections known to the United States — entered the country, left in June 2000, and returned July 4, 2001 on a visa the United States gave him. As the 9/11 Commission pithily noted, “No one was looking for him.” Traditional investigative methods can’t be said to have failed when they weren’t being used.

Yoo’s second error is to believe that data mining can help locate terrorists. Data mining cannot be made useful in counterterrorism: The absence of terrorism patterns means that it is impossible to develop useful algorithms. The corresponding statistical likelihood of false positives would cause the results of a data mining operation to waste the time and energy of investigators while threatening civil liberties. 

Data mining does give a “lift” to marketers’ attempts to find people with certain propensities and interests. But the ”failure rate” (if the goal is to find new, willing customers) is typically above 95%. This is with hundreds of thousands, or even millions, of patterns to work with. Data mining also helps ferret out credit card fraud — again, using the thousands of instances of this crime that happen each year to develop useful algorithms.

Probability theory teaches that the percentage of false positives a test produces will rise dramatically as the incidence of the sought-after condition drops. If you’re searching American society for left-handed people (8–15% of the population) a data mining operation might work pretty well.  If you’re searching for the 10, 12, or two terrorists in the United States, an imperfect test will be useless, time-wasting, and thus harmful to the national security mission.

No, the Fourth Amendment is good policy as well as a part of the not-old-fashioned Constitution. It is better to focus investigations, not broaden them. The best way to find wrongdoing is to look where there is probable cause to believe something is afoot.

From Your Blog to God’s Ears

Have blogs become part of the mainstream? Consider the evidence of a front-page story in Saturday’s New York Times, which reports on reaction to the federal court ruling that the NSA wiretapping program is illegal. The first three legal experts quoted are bloggers; two of the quotes are from the blogs, one appears to be from an interview with a lawyer-blogger. Stop writing those law review articles, legal scholars, and get thee to Blogger.