Tag: law

The Pay Czar at Work

Mark Calabria notes how the form of salary scheme at financial institutions played no apparent role in sparking the financial crisis.  But that hasn’t stopped the federal pay czar from boasting about his power, even to regulate compensation set before he took office.

Reports the Martha’s Vineyard Times:

Speaking to a packed house in West Tisbury Sunday night, Kenneth Feinberg rejected the title of “compensation czar,” but he also said said his broad and “binding” authority over executive compensation includes not only the ability to trim 2009 compensation for some top executives but to change pay plans for second tier executives as well.

In addition, Mr. Feinberg said he has the authority to “claw back” money already paid to executives in the seven companies whose pay plans he will review.

And, he said that if companies had signed valid contractual pay agreements before February 11 this year, the legislation creating his “special master” office allowed him to ask that those contracts be renegotiated. If such a request were not honored, Mr. Feinberg explained that he could adjust pay in subsequent years to recapture overpayments that were legally beyond his reach in 2009.

This isn’t the first time that federal money has come with onerous conditions, of course.  But it provides yet another illustration of the perniciousness of today’s bail-out economy.

PASS ID and National ID - Rejoinder to Schwartz

Ari Schwartz responded in characteristic even tones to my critique of his testimony in favor of the PASS ID Act, which would revive the moribund REAL ID law. It’s worth a rejoinder, and I’ll offer him the same again here if he wishes.

Ari clouds matters slightly by suggesting that my “strong biases” obscure certain facts. I readily admit having a strong bias in favor of liberty – it’s why I do what I do. Ari admits several biases, including one in favor of consensus-building, which was what I accused him of prioritizing over principle. Let’s put aside the question of bias.

It’s good to see Ari state that CDT does not support a national ID system. It would be better to see him state that CDT opposes having a national ID system. (I imagine this is just a matter of word choice, but it would be good to have clarity.)

Next, Ari says his testimony “makes it clear that we believe that PASS ID prevents the creation of a National ID system.” I don’t believe this is clear from his testimony. More importantly, this is not a sound assessment of what a national ID is or what PASS ID does.

We need some defined terms, so let’s tease out what he means by “national ID.” (He has told me that there is some distinction between a “national ID,” a “national ID system,” and perhaps a “national ID card,” but the distinction is lost on me. I believe a national ID card is part of a national ID system, both of which are commonly referred to in shorthand as a “national ID.”)

Twice in his testimony, he correctly calls REAL ID a national ID system. The factors that make it so appear to be “the very real possibility that individuals would not be able to function in American society without a REAL ID card” and “giving unfettered discretion to DHS to expand the ‘official purposes’ for which REAL ID cards could be required.”

In my recent post on the subject, I defined a national ID as being a card: 1) nationally uniform in its key elements; 2) the possession of which is either practically or legally required; and 3) that is used for identification.

I think 1) and 3) are both given. Ari’s take on 2) - inability to function without it – and my formulation – practically required – are equivalent, so Ari and I agree on that much.

But is DHS discretion to expand “official purposes” an essential element of a national ID card? I don’t think so.

Let’s say Congress passes a law requiring employers to check a certain card before they hire new workers. What if Congress requires credit issuers to check the card? States require presentation of the card at the voting booth? What if Congress requires pharmacists to check it before selling people cold medicine?

Is this card system saved from being a “national ID system” because someone other than DHS came up with these ideas? Of course not. DHS discretion to expand usage is not what makes an ID system a “national ID system.”

The better definition is what we agree on: A national ID is national, identifying, and practically or legally required, meaning the lack of it disables people from functioning in society.

Do REAL ID and PASS ID differ in ways that make the one a national ID and the other not a national ID? No, and Ari doesn’t say so. He merely says PASS ID would slow national ID mission creep by some margin because it denies DHS some discretion. (PASS ID “[r]emoves from DHS’s authority the ability to unilaterally determine new official purposes for which a PASS ID-compliant card can be required … .”)

This is not central to “national ID-ness,” and PASS ID doesn’t actually deny DHS that authority – it simply removes the specific grant of authority in REAL ID. Removing a grant of authority in one law does not deny an agency authority it has elsewhere. (It’s like the difference between “not supporting” and “opposing” something.) DHS and other agencies almost certainly have power under other law to require the IDs they choose for functions that are plausibly related to security or fraud prevention.

I was wrong to assume that it was lack of principle driving CDT and Ari to endorse the PASS ID Act, which revives our moribund national ID law. Other explanations are no more palatable, though, and no other group that I am aware of missed the true import of PASS ID.

Here’s a memorable Bruce Schneier quote to emphasize the importance of opposing a national ID, which so many civil liberties groups are doing:

History will record what we, here in the early decades of the information age, did to foster freedom, liberty and democracy. Did we build information technologies that protected people’s freedoms even during times when society tried to subvert them? Or did we build technologies that could easily be modified to watch and control? It’s bad civic hygiene to build an infrastructure that can be used to facilitate a police state.

No civil liberties group supports PASS ID. CDT can’t claim that mantle while it does.

Sotomayor Playing Out the Clock

As she began to do more and more yesterday, the nominee has started today’s hearings with a series of painfully drawn-out non-answers to Senator Kyl’s questions.

Kyl is pointing out the conflict between Sotomayor’s claim that in Ricci she was simply following precedent and the Supreme Court’s finding that there was no precedent on point—and so Sotomayor’s panel summary disposition was improper.

Sotomayor’s responses have ranged from explaining again the procedural posture of the case, to references to irrelevant background cases (not binding precedent), to recounting en banc voting procedures in the Second Circuit. It is clear that, even as the Republicans reload and regroup at every break and recess, Sotomayor has been counseled to talk and talk—again, in an excruciatingly slow rate—without really saying anything.

CP Townhall

Civil Liberties and President Barack W. Bush?

It’s fair to say that civil liberties and limited government were not high on President George W. Bush’s priorities list.  Indeed, they probably weren’t even on the list.  Candidate Barack Obama promised “change” when he took office, and change we have gotten.  The name of the president is different.

Alas, the policies are much the same.  While it is true that President Obama has not made the same claims of unreviewable monarchical power for the chief executive–an important distinction–he has continued to sacrifice civil liberties for dubious security gains.

Reports the New York Times:

Civil libertarians recently accused President Obama of acting like former President George W. Bush, citing reports about Mr. Obama’s plans to detain terrorism suspects without trials on domestic soil after he closes the Guantánamo prison.

It was only the latest instance in which critics have argued that Mr. Obama has failed to live up to his campaign pledge “to restore our Constitution and the rule of law” and raised a pointed question: Has he, on issues related to fighting terrorism, turned out to be little different from his predecessor?

The answer depends on what it means to act like Mr. Bush.

As they move toward completing a review of their options for dealing with the detainees, Obama administration officials insist that there is a fundamental difference between Mr. Bush’s approach and theirs. While Mr. Bush claimed to wield sweeping powers as commander in chief that allowed him to bypass legal constraints when fighting terrorism, they say, Mr. Obama respects checks and balances by relying on — and obeying — Congressional statutes.

“While the administration is considering a series of options, a range of options, none relies on legal theories that we have the inherent authority to detain people,” Robert Gibbs, the White House press secretary, said this week in response to questions about the preventive detention report. “And this will not be pursued in that manner.”

But Mr. Obama’s critics say that whether statutory authorization exists for his counterterrorism policies is just a legalistic point. The core problem with Mr. Bush’s approach, they argue, was that it trammeled individual rights. And they say Mr. Obama’s policies have not changed that.

“President Obama may mouth very different rhetoric,” said Anthony D. Romero, executive director of the American Civil Liberties Union. “He may have a more complicated process with members of Congress. But in the end, there is no substantive break from the policies of the Bush administration.”

The primary beneficiaries of constitutional liberties are not terrorist suspects, but the rest of us.  The necessary trade-offs are not always easy, but the president and legislators must never forget that it is a free society they are supposed to be defending.

The Roberts Revolution to Come

As I mentioned yesterday, the U.S. Supreme Court surprised many people by ordering a reargument in the case of Citizens United v. Federal Election Commission. Specifically, the Court called for the parties to the case to address the question of overruling Austin v. Michigan Chamber of Commerce.

The Court decided Austin v. Michigan Chamber of Commerce in 1989.  The state of Michigan had prohibited corporations from spending money on electoral speech. In the case in question, the Chamber of Commerce wished to pay for an advertisement backing a candidate for the House of Representatives. The Chamber took this action on its own and not in tandem with the candidate or his party.  Paying for the ad was a felony under Michigan law.

A majority of the Court in 1989 said the Michigan law did not violate the First Amendment. However, the majority had a problem. Previous cases permitted limits on funding electoral speech only in pursuit of a compelling state interest: the prevention of quid pro quo corruption or its appearance. The Court had also ruled that independent spending by groups could not corrupt candidates.

So the majority needed a novel rationale for approving Michigan’s suppression of speech. The majority concluded that speech funded by corporations would distort the democratic process and that the state could prohibits such outlays to prevent harms done by “immense wealth.” In other words, the Austin majority tried to redefine “corruption” as “inequality of influence.” That revision had its own set of problems. Buckely v. Valeo, the Ur-decision in campaign finance, had excluded equality as a compelling state interest justifying regulation of campaign finance.

It is easy to see why the Buckley Court had rejected equality of influence as a reason for restricting political speech. Imagine Congress could prohibit speech that had “too much influence.” But how could that be determined? A majority in Congress would be tempted to suppress speech that threatened the power of that majority.  Paradoxically, the equality rationale would strengthen those who already held power while vitiating representative government. The First Amendment tries to prevent that outcome.

In last year’s decision in Davis v. FEC, the Court again rejected the equality rationale for campaign finance laws.  More and more the Austin decision is looking like bad law.

Justices Kennedy and Scalia, both current members of the Court, wrote dissents in Austin. Justice Thomas has called for Austin to be overruled in other contexts.  Neither Justices Roberts nor Alito is likely to vote to uphold Austin (or the relevant parts of McConnell v. FEC for that matter). But it would seem that either or both of them were unwilling to strike down a precedent without a formal hearing. That hearing will come on September 9 with a decision expected by Thanksgiving.

Almost six years after the Court utterly refused to defend free speech in McConnell v. FEC, the Roberts Court may be ready to vindicate the First Amendment against its accusers in Congress and elsewhere.

Some Thinking on “Cyber”

Last week, I had the opportunity to testify before the House Science Committee’s Subcommittee on Technology and Innovation on the topic of “cybersecurity.” I have been reluctant to opine on it because of its complexity, but I did issue a short piece a few months ago arguing against government-run cybersecurity. That piece was cited prominently in the White House’s “Cyberspace Policy Review” and – blamo! – I’m a cybersecurity expert.

Not really – but I have been forming some opinions at a high level of generality that are worth making available. They can be found in my testimony, but I’ll summarize them briefly here.

First, “cybersecurity” is a term so broad as to be meaningless. Yes, we are constructing a new “space” analogous to physical space using computers, networks, sensors, and data, but we can no more secure “cyberspace” in its entirety than we can secure planet Earth and the galaxy. Instead, we secure the discrete things that are important to us – houses, cars, buildings, power lines, roads, private information, money, and so on. And we secure these things in thousands of different ways. We should secure “cyberspace” the same way – thousands of different ways.

By “we,” of course, I don’t mean the collective. I mean that each owner or controller of a prized thing should look out for its security. It’s the responsibility of designers, builders, and owners of houses, for exmple, to ensure that they properly secure the goods kept inside. It’s the responsibility of individuals to secure the information they wish to keep private and the money they wish to keep. It is the responsibility of network operators to secure their networks, data holders to secure their data, and so on.

Second, “cyber” threats are being over-hyped by a variety of players in the public policy area. Invoking “cyberterrorism” or “cyberwar” is near-boilerplate in white papers addressing government cybersecurity policy, but there is very limited strategic logic to “cyberwarfare” (aside from attacking networks during actual war-time), and “cyberterrorism” is a near-impossibility. You’re not going to panic people – and that’s rather integral to terrorism – by knocking out the ATM network or some part of the power grid for a period of time.

(We weren’t short of careless discussions about defending against “cyber attack,” but L. Gordon Crovitz provided yet another example in yesterday’s Wall Street Journal. As Ben Friedman pointed out, Evgeny Morozov has the better of it in the most recent Boston Review.)

This is not to deny the importance of securing digital infrastructure; it’s to say that it’s serious, not scary. Precipitous government cybersecurity policies – especially to address threats that don’t even have a strategic logic – would waste our wealth, confound innovation, and threaten civil liberties and privacy.

In the cacophony over cybersecurity, an important policy seems to be getting lost: keeping true critical infrastructure offline. I noted Senator Jay Rockefeller’s (D-WV) awesomely silly comments about cybersecurity a few months ago. They were animated by the premise that all the good things in our society should be connected to the Internet or managed via the Internet. This is not true. Removing true critical infrastructure from the Internet takes care of the lion’s share of the cybersecurity problem.

Since 9/11, the country has suffered significant “critical-infrastructure inflation” as companies gravitate to the special treatments and emoluments government gives owners of “critical” stuff. If “criticality” is to be a dividing line for how assets are treated, it should be tightly construed: If the loss of an asset would immediately and proximately threaten life or health, that makes it critical. If danger would materialize over time, that’s not critical infrastructure – the owners need to get good at promptly repairing their stuff. And proximity is an important limitation, too: The loss of electric power could kill people in hospitals, for example, but ensuring backup power at hospitals can intervene and relieve us of treating the entire power grid as “critical infrastructure,” with all the expense and governmental bloat that would entail.

So how do we improve the state of cybersecurity? It’s widely believed that we are behind on it. Rather than figuring out how to do cybersecurity – which is impossible – I urged the committee to consider what policies or legal mechanisms might get these problems figured out.

I talked about a hierarchy of sorts. First, contract and contract liability. The government is a substantial purchaser of technology products and services – and highly knowledgeable thanks to entities like the National Institutes of Standards and Technology. Yes, I would like it to be a smaller purchaser of just about everything, but while it is a large market actor, it can drive standards and practices (like secure settings by default) into the marketplace that redound to the benefit of the cybersecurity ecology. The government could also form contracts that rely on contract liability – when products or services fail to serve the purposes for which they’re intended, including security – sellers would lose money. That would focus them as well.

A prominent report by a working group at the Center for Strategic and International Studies – co-chaired by one of my fellow panelists before the Science Committee last week, Scott Charney of Microsoft – argued strenuously for cybersecurity regulation.

But that begs the question of what regulation would say. Regulation is poorly suited to the process of discovering how to solve new problems amid changing technology and business practices.

There is some market failure in the cybersecurity area. Insecure technology can harm networks and users of networks, and these costs don’t accrue to the people selling or buying technology products. To get them to internalize these costs, I suggested tort liability rather than regulation. While courts discover the legal doctrines that unpack the myriad complex problems with litigating about technology products and services, they will force technology sellers and buyers to figure out how to prevent cyber-harms.

Government has a role in preventing people from harming each other, of course, and the common law could develop to meet “cyber” harms if it is left to its own devices. Tort litigation has been abused, and the established corporate sector prefers regulation because it is a stable environment for them, it helps them exclude competition, and they can use it to avoid liability for causing harm, making it easier to lag on security. Litigation isn’t preferable, and we don’t want lots of it – we just want the incentive structure tort liability creates.

As the distended policy issue it is, “cybersecurity” is ripe for shenanigans. Aggressive government agencies are looking to get regulatory authority over the Internet, computers, and software. Some of them wouldn’t mind getting to watch our Internet traffic, of course. Meanwhile, the corporate sector would like to use government to avoid the hot press of market competition, while shielding itself from liability for harms it may cause.

The government must secure its own assets and resources – that’s a given. Beyond that, not much good can come from government cybersecurity policy, except the occassional good, long blog post.

“Sweet” Victory in Oregon

As a follow-up to Jason Kuznicki’s post from January, I am pleased to report that yesterday Oregon Governor Ted Kulongoski signed HB 2817—a bill that eliminates the cartelization of the moving business in the Beaver state.

The old law required the Oregon Department of Transportation to notify existing moving companies of businesses that wanted to enter into their market. What’s more, those companies were given a veto over the would-be market entrants thereby locking out all competition to maintain artificially high prices—all with the government’s help.

The owner of a new moving company, Adam Sweet, enlisted the help of Pacific Legal Foundation lawyer and Cato adjunct scholar Tim Sandefur to litigate against the old law. That lawsuit, once it cleared challenges for dismissal, prompted several pieces of legislation that culminated into the bill that the governor signed yesterday.

Congratulations to Mr. Sweet, Tim, and PLF for their well-fought victory for economic liberty for the entrepreneurs and consumers of Oregon!

More details from PLF here.