Topic: Telecom, Internet & Information Policy

Ready to Pay More for Longer Lines at the DMV?

The Decatur (Alabama) Daily News reports that a server shut-down froze driver licensing operations on Friday.

Lines that tend to be long on the best days meandered double-file through hallways at the Morgan County Courthouse after a computer server in Montgomery shut down at about 12:45 p.m. The faulty server, which came back online at 3, is owned and maintained by Oregon-based Digimarc Co., a state contractor, according to [the Alabama Department of Public Safety].

Digimarc is one of several companies that are in the business of licensing and regulating driving. Another cited in the story is AAMVA, the American Association of Motor Vehicle Administrators, which operates a variety of driver surveillance programs under the AAMVAnet brand.

AAMVAnet is the conduit most states use to access various databases involved in driver license applications and renewals. Alabama uses the service for commercial driver license information, problem-driver point systems and Social Security number verification.

AAMVA is particularly interesting because it styles itself as a neutral interlocutor on motor vehicle administration, police traffic services and highway safety. But according to its non-profit disclosure form, its $30 million in 2003 revenue was comprised of $11 million in government grants and more than $14 million from “contracts/user fees” - most of it likely from operation of the Commercial Driver License Information System.

Anyone who understands the role of self-interest in guiding organizations - even ‘non-profits’ like AAMVA - must recognize that this is an advocate for increased driver regulation and surveillance, most recently through the REAL ID Act’s national identification card. If REAL ID is implemented, AAMVA stands to increase its revenue ten times over.

Department of Public Safety spokeswoman Martha Earnhardt told the Decatur Daily News, “As more and more states go through AAMVAnet, it hasn’t been able to handle the volume.” But AAMVA intends to move you into the national ID program - long lines or not - using your state and federal tax dollars.

More on AAMVA and the REAL ID Act can be found in my book Identity Crisis: How Identification is Overused and Misuderstood.

The New Social Engineering

Apparently I’m behind the times. I’ve always understood the term “social engineering” to mean what the American Heritage Dictionary calls “the practical application of sociological principles to particular social problems,” or what Mises called “treat[ing] human beings in the same way in which the engineer treats the stuff out of which he builds bridges, roads, and machines.”

But in Thursday’s Wall Street Journal I discover that “social engineering” now means “tactics that try to fool users into giving up sensitive financial data that criminals can use to steal their money and even their identities.” It includes “phishing” and other online scam tactics. If you Google “social engineering,” you can wade through pages and pages before you find any links to the older meaning.

I guess there is a connection between the two kinds of social engineering. One online tech dictionary says, “Social engineering is manipulating people into doing what you want, in much the same way that electrical engineering is manipulating electronics into doing what you want.”

That definition would probably embrace the kind of social engineering that libertarian scholar Wendy McElroy criticizes here, or the wide variety of schemes — from Mao to McNamara, from urban renewal to rural resettlement — that James C. Scott discussed in his book Seeing Like a State.

Perhaps the classic critique of social engineering, before the term was invented, comes from Adam Smith in The Theory of Moral Sentiments:

The man of system, on the contrary, is apt to be very wise in his own conceit; and is often so enamoured with the supposed beauty of his own ideal plan of government, that he cannot suffer the smallest deviation from any part of it. He goes on to establish it completely and in all its parts, without any regard either to the great interests, or to the strong prejudices which may oppose it. He seems to imagine that he can arrange the different members of a great society with as much ease as the hand arranges the different pieces upon a chess-board. He does not consider that the pieces upon the chess-board have no other principle of motion besides that which the hand impresses upon them; but that, in the great chess-board of human society, every single piece has a principle of motion of its own, altogether different from that which the legislature might chuse to impress upon it. If those two principles coincide and act in the same direction, the game of human society will go on easily and harmoniously, and is very likely to be happy and successful. If they are opposite or different, the game will go on miserably, and the society must be at all times in the highest degree of disorder.

U.S. Manufacturing Expands along with China’s Economy

Sen. Charles Schumer (D-N.Y.) renewed his threat this week to demand a vote in the Senate on legislation that would impose steep tariffs on imports from China if the Chinese government does not move promptly to strengthen its currency.

Like many other members of Congress, Schumer believes that China has “manipulated” the value of its currency in a way that makes Chinese goods artificially cheap in the U.S. market while discouraging U.S. exports to China. One result, according to Schumer, has been serious damage to America’s manufacturing base.

Three news items this week, though, should give Congress pause before it slaps tariffs on imports from China:

  • The latest reports from Beijing confirmed that China’s economy continues to grow rapidly. China’s economy reached an annualized growth rate of 11 percent in the second quarter and more than 10 percent for the first half of 2006. 
  • But China’s growth is not coming at the expense of the U.S. economy or U.S. manufacturing. The U.S. Federal Reserve Board of Governors reported this week that U.S. manufacturing output is up 5.7 percent so far in 2006 compared to a year ago. Indeed, according to a recent Cato study, U.S. manufacturing output is up 50 percent in the past 12 years along with our expanding trade with China.
  • The number of Internet users in China has reached 123 million. That gives China the second largest group of users in the world, behind the 200 million users in the United States.

Rapid economic growth in China is not coming at the expense of the U.S. manufacturing sector. But that growth is creating a growing middle class in China that is increasingly engaged not only in the global economy but in the global sharing of ideas.America’s economic relationship with China was the topic of a lively discussion at a Cato policy forum this week. You can view or listen to the event here.

Broadband Bad News Is Good News … but It’s Bad News

Headlines are meant to draw readers in, and this one did me: Broadband’s Double-Digit Growth Coming to an End.

Something’s gone wrong with broadband! Quick! To the BroadbandMobile!

In the next instant, I realized that something had actually gone right. You see, double-digit change in percentage-based figures can’t keep going forever. In fact, it can’t last more than about ten time-periods. (Because then you’d have 110% of something, which only makes sense in rock ‘n’ roll, where the loudest speakers go to 11.)

Adoption of broadband is slowing as people who want it have already got it and people who don’t want it persist in not having it. (Bizarrely to people who live every minute of every day online, some people live no minute of every day online - ever. That is perfectly acceptable.)

There is undoubtedly a tiny margin of poor people who can’t afford broadband. But “can’t afford” is subjective. Many prioritize things other than broadband to buy with their limited resources (which is fine - remember, sans broadband is an acceptable way to live).

But the news report says this is all bad news:

One of the goals of US public policy when it comes to broadband is to ensure all US residents have access to broadband. President Bush said in 2004 that he wanted universal access to broadband in 2007, an achievement that appears unlikely at this point.

But, but … if people who want it are getting it, and people who don’t are not, isn’t that universal access to broadband? Apparently not. Affordability has been added to the metric, moving the goal posts so that federal subsidies for telecommunications seem important once again. Our news report continues:

The Democrats think it’s a great idea too—one plank in their platform for the 2006 mid-term elections is universal access. The telecom law rewrite which may or may not emerge from Congress this year intends to further that goal by funding broadband in areas currently unserved via the Universal Service Fund.

That’s the Universal Service Fund about which Daniel Berninger asks: What have we gotten for our $50 billion dollars?

In the end, this report amounts to an argument that satiation is a basis for subsidy.

Huh.

There’s No Fixing the FBI’s Computers

While Congress and the Department of Justice consider mandating that ISPs retain data about all of our communications, the FBI, it seems, can’t keep its own IT systems up to date. Putting aside the irony to focus on practical matters, what will bring the FBI up to snuff? I told the reporter in the article linked just above that nothing will.

The problem is institutional; when an organization’s membership doesn’t enjoy feast or famine based on the success of the organization, very little can bring it into focus and create success. … Congressional and public oversight is a weak, weak substitute for competitive pressure.

But the FBI’s computer systems have to be fixed, don’t they? They do. And to get there, you might have to shrink the FBI and law enforcement generally — especially federal law enforcement.

Because of the nature of bureaucracies, I don’t think there is an effective management solution to the FBI’s problems with IT. The better answer occurs at a higher level of abstraction:

Too many risks and threats are being treated as public problems to be dealt with through law enforcement when they should be treated as private problems to be dealt with through security.

To illustrate: Imagine that the nation’s garages had been designed without garage doors. People finding that their lawn mowers and garden tools were being stolen could call the cops (public/law enforcement) or design and install garage doors (private/security). Much going on in Internet security and online anti-fraud these days equates to people without garage doors calling the cops. There should be more personal and corporate responsibility, less government and law enforcement.

Another example: Starting more than 30 years ago, the U.S. government started taking responsibility for airline security (public/law enforcement) rather than leaving it with airlines (private/security). In fact, President Nixon announced expansion of the air marshals program on September 11, 1970, 31 years to the day before 9/11.

Mixed responsibility allowed both the public and private sectors to avoid ownership of the risk that a flight would be commandeered and used as a weapon. After 9/11, the government took further control over airline security and absolved airlines of the liability that might have accrued to them in the courts. (I don’t think they should have been liable for the full consequences of 9/11 or would have been found liable in well-functioning courts, except perhaps for the lives of their passengers.)

The lesson that private owners of critical infrastructure across the country learned is: Failure to secure themselves will bring them protection from liability, subsidies, and government-provided security services. In other words, they have been shown that leaving their garage doors open and calling the cops is better for them than taking responsibility. (In insurance economics, this is called “moral hazard.”)

“How do you fix the FBI’s computers?” You don’t. And you won’t. That’s the best answer I know.

Does it come off as too ideological to argue that the FBI should be smaller? Consider that the management problems at the FBI are merely part of a different ideological choice: having a large federal law enforcement apparatus. It doesn’t have to be this way, and the management problems are a product of the fact that it is.

Does it come off “soft on crime” to argue that federal law enforcement should be reduced? The opposite tack — “tough on crime” — means accepting incompetent law enforcement, which is the best friend crime ever had.

Fraudulent Identity Fraud Statistics

Slate has a great piece up on the use and misuse of statistics by reporters.

The magic number for journalists covering the identity theft beat has been $48 billion—the estimated annual losses suffered by identity theft victims—which carries the Federal Trade Commission’s imprimatur. … Fred H. Cate, a law professor and director of Indiana University’s Center for Applied Cybersecurity Research, notes that if the estimate were accurate, it would wipe out up to half of the banking industry’s $103 billion profits in 2005. “If those numbers were true, we’d have a banking crisis on our hands,” he says.

When I worked on the Hill, I came to recognize a similar dynamic at play: There were things everyone believed and no one questioned. I called them “political facts” because the source of the fact was consensus rather than any measurement or observation. Repetition of political facts in Members’ speeches and floor statements just made them all the more true.

A political fact relating to identity fraud is that it is a stranger crime, often a product of data breaches, that is conducted mainly over the Internet. It sometimes is, but in my book, Identity Crisis, I point out the results of an actual study showing that:

[M]ore than a third of individuals who had been impersonated in a true identity fraud knew … who the perpetrator was. And in more than half of those cases, the perpetrator was a family member or other relative. Other prominent perpetrators of identity frauds are people in companies or financial institutions with access to personal information, as well as friends, neighbors, or in-home employees of impersonation victims. So much for the Internet being the cause of identity fraud, though it certainly plays a role in some cases.

Alas, … my source was a Federal Trade Commission study.

Fake IDs Save Lives in Iraq

A fascinating AP report says that Iraqis are using fake IDs in light of the recent growth in sectarian killings.  The major groups in Iraq are not distinguishable by physical traits, but they are by name.  To avoid being killed, people are getting false identification cards:

Surnames refer to tribe and clan, while first names are often chosen to honor historical figures revered by one sect but sometimes despised by the other. 

For about $35, someone with a common Sunni name like Omar could become Abdul-Mahdi, a Shiite name that might provide safe passage through dangerous areas.

This illustrates very well how genuinely complex security can be.  At any time, the relevant authorities in Iraq could have decreed that all people get (as near as possible) forgery-proof biometric ID cards and carry them at all times - a great way to batten down a country, right? 

Doing so would have fed directly into the strategy being used by the enemies of peace and security in Iraq today: setting up fake checkpoints and killing people who arrive there members of the wrong sect. Identity cards had a role in the Rwandan genocide just over 10 years ago, as well.

Those who believe that identity cards are a simple route to good security, well, they suffer what is so rightly known as the fatal conceit. Central planning that deprives people of control over their lives can be deadly–literally–in surprising and unpredictable ways.

Thank goodness for the fake ID outlets in Iraq today, and thank goodness the promoters of ”secure ID“ in the United States didn’t take their message to Iraq.

The tradeoffs involved in identification are discussed in my book, Identity Crisis.