Archive for April, 2010
How Broadly Did School Laptops Spy?
Remember the case of Blake Robbins? He’s the Pennsylvania student suing the Lower Merion School District over photos his school-issued laptop took while he was at home, thanks to a remotely activated security program that hijacked the computer’s webcam. The school always claimed that the program was only used to locate laptops that had gone missing or been stolen, and some reports suggested that Robbins might have triggered it by inappropriately taking home a temporary “loaner” laptop. I’ve argued elsewhere that this would still constitute a Fourth Amendment violation, but once the school announced it would stop using the security camera feature, parents could at least reassure themselves that Robbins’ case had been an aberration.
But now the teen’s lawyers have filed a motion alleging far broader and more disturbing surveillance—some of which the school seems to at least partly confirm.
The motion alleges that the webcam was active, not for a few minutes or hours one evening, but over two weeks, during which time it captured more than 400 screenshots and photos, including images of Blake asleep or partially undressed, and of private IM conversations. Not only that, but the discovery process appears to have uncovered “thousands of webcam pictures and screen shots” of “numerous other students in their homes, many of which [sic] never reported their laptops lost or missing.” Also obtained by the plaintiffs were e-mails between school IT personnel, in which one supposedly describes webcam images as “a little LMSD soap opera,” to which another replies “I know, I love it!”
The school has responded in a statement denying any deliberate wrongdoing, but admitting that their investigation had uncovered a “substantial number of webcam photos” of students. They intend to contact the families of any students pictured so that they can see what images were taken—images that it seems the families previously had no idea existed.
Suppose the school is telling the truth—that all this happened without anyone deliberately attempting to spy on school children. Shouldn’t that be even more disturbing? If this really can happen by accident, shouldn’t we be asking how many of the hundreds of other one-to-one schools in the country have similar security programs? Asking how many other such “accidents” there may have been?
It seems like only a matter of time before schools issuing computing devices is no rarer than schools issuing textbooks; not all of those schools will necessarily think deeply about the privacy implications of building surveillance capabilities into a network of devices toted by kids. They’ll understandably be thinking about how to protect their investment in those laptops or tablets. If parents don’t ask questions about student privacy when the systems are being built and the computers being purchased, there’s every reason to think we’ll start seeing more cases like this one.
This Week in Government Failure
Over at Downsizing Government, we focused on the following issues this week:
- In the short-lived Depression of 1920-21, federal spending was dramatically reduced and prosperity followed.
- The Congressional Budget Office’s long-term budget projections show that unless Washington changes course, the interest on the debt alone will consume 30 percent of the economy by 2080.
- Federal spending on K-12 education has been a failure. It’s well past time to abolish the Department of Education.
- There’s nothing happy about Tax Day.
- If the exploding debt is to be brought under control, policymakers are going to have to rein in entitlement spending.
Obama Same-Sex Order Right in Spirit, Wrong in Letter
President Obama has ordered the Department of Health and Human Services to craft new rules that would facilitate hospital visitation rights for same-sex couples and smooth the way for gays and lesbians to make medical decisions on behalf of their partners.
On public policy grounds, the president’s directive is indeed welcome. Two people who have joined in a long-term, committed, and mutually reinforcing relationship are entitled to equal treatment, regardless of sexual preference.
Regrettably, however, the president has exceeded his constitutional authority. His order to his health secretary is deficient in two respects:
First, the government is invoking its power to spend for Medicare and Medicaid, then demanding that all hospitals receiving such funds adopt the new rules. But there is no explicit power to spend in the Constitution. Despite the Supreme Court’s contrary pronouncements, spending is permitted only as a “necessary and proper” means to execute other enumerated powers. Quixotic though it might sound given post-New Deal jurisprudence, there is no enumerated power for the federal government to be engaged in providing health care to private citizens.
Second, the Constitution requires that “All legislative Powers … shall be vested in a Congress.” That means laws conferring benefits or imposing obligations on private parties are supposed to be passed by the legislature, not the executive. Yes, the Court has condoned delegations of legislative authority for a vast array of programs, but that merely reinforces the need to interpret the Constitution as it was originally understood.
Ten Protectionist Senators Pay Lip-Service to International Trade Rules
Sen. Sherrod Brown (D, OH), along with eight other “usual suspects,” yesterday sent a letter to Senators John Kerry (D, MA), Joe Lieberman (I, CT) and Lindsey Graham (R, SC), outlining what’s necessary for their support of the latter’s climate green jobs bill (there seems to be some confusion about the precise purpose). The math, assuming that Republicans vote as a block to defeat the bill, requires that these senators’ demands be met if the Democrats are to overcome a filibuster and pass the bill.
So what exactly do they want? The main thrust of their demands seems to be for U.S. manufacturing’s competitiveness to be “addressed,” including by asking for the bill to “invest” (don’t you just love the way that word is used in the public policy context?) in retooling, R&D, and “support [for] American manufacturers of clean energy technology,” among other requirements.
Of course, no letter from these folks* would be complete without the obligatory calls for a “level playing field.” Their wish-list therefore also includes provisions to ”apply border measures to prevent carbon leakage”. That, my friends, is a clear reference to carbon tariffs. The senators explain their concerns as follows:
An automatically triggered border measure is necessary to promote comparable action from other countries and prevent carbon leakage. To avoid undermining the environmental objective of the climate legislation, a WTO-consistent border adjustment measure, which the WTO has recognized as a usable tool in combating climate change, should apply to imports from countries that do not have in place comparable greenhouse gas emissions reduction requirements to those adopted by the United States. A border adjustment measure is critical to ensuring that climate change legislation will be trade neutral and environmentally effective.
Much of these sentiments are familiar. Indeed, I have combatted some of the myths implicit in the statement, including why “carbon leakage” might be a bit of a red herring, in my paper from September 2009, “A Harsh Climate for Trade,” and at a Hill brief I gave on this topic last year.
ObamaCare Is RomneyCare 2.0
Former Massachusetts governor and possible 2012 presidential contender Mitt Romney has spent a lot of time campaigning against the recent health care overhaul.
One problem: It looks a lot like the law he signed in 2006 while he was governor of Massachusetts.
“In every important respect the Obama plan and the Romney plan are identical,” says Michael Cannon, Cato director of health policy studies.
In a new video, Cato’s David Boaz and Michael Cannon explain how alike the two plans really are. Watch:
The Crusade against Sexting
As my colleague Tim Lynch pointed out in this post, the Third Circuit recently upheld an injunction against a prosecutor who threatened charges against teenagers who engaged in “sexting.” A conviction would have turned these minors into registered sex offenders for flirting via cellphone. Professor Eugene Volokh has more on the decision.
“Sexting” is sending an explicit photo of yourself to your significant other, and is an increasingly common occurrence with high school–aged teens. It’s dumb — those digits don’t ever go away, and they can come back to embarrass you — but it shouldn’t make you a sex offender.
Unfortunately, the laws don’t reflect this sensible distinction between poor teenage judgment (but I repeat myself) and intentional criminality. I don’t think this guy is a threat to society, but he’s a registered sex offender now.
Even staunch conservative Andy McCarthy expressed concern about the heavy mandatory minimums for possession of child pornography over at The Corner. First-time offenders can get 15-year minimum sentences, more than some of the mobsters that McCarthy prosecuted as an assistant U.S. attorney. As McCarthy puts it:
I think that’s nuts. And mind you, compared to the average person (and even the average prosecutor), I am Atilla the Hun: I would not have the slightest problem imposing capital punishment on the people who actually produce and “perform” in these depictions in which young children are sexually abused…
But the mandatory minimums have to be sensible — “Doing it for the children” is not a rationale for failing to distinguish the truly evil from the venial.
Are Libertarians Anti-Government?
The term “anti-government” is getting tossed around a lot these days, and used rather indiscriminately to describe libertarians, libertarian-ish Tea Partiers, hate groups, and violent individuals (not to mention opponents of specific leaders and regimes in countries around the world). That’s a pretty wide spectrum, and journalists and politicians ought to be more careful with their language. In the meantime, I’m republishing here a Cato Policy Report editorial that I published in 1998:
————–
For the past several years, especially since the Oklahoma City bombing, the national media have focused a lot of attention on “anti-government” extremists. Libertarians, who are critical of a great deal that government does, have unfortunately but perhaps understandably been tossed into the “anti-government” camp by many journalists.
There are two problems with this identification. The first and most obvious is that many of the so-called anti-government groups are racist or violent or both, and being identified with them verges on libel.
The second and ultimately more important problem is that libertarians are not, in any serious sense, “anti-government.” It’s understandable that journalists might refer to people who often criticize both incumbent officeholders and government programs as “anti-government,” but the term is misleading.
A government is a set of institutions through which we adjudicate our disputes, defend our rights, and provide for certain common needs. It derives its authority, at some level and in some way, from the consent of the governed.
Libertarians want people to be able to live peacefully together in civil society. Cooperation is better than coercion. Peaceful coexistence and voluntary cooperation require an institution to protect us from outside threats, deter or punish criminals, and settle the disputes that will inevitably arise among neighbors—a government, in short. Thus, to criticize a wide range of the activities undertaken by federal and state governments—from Social Security to drug prohibition to out-of-control taxation—is not to be “anti-government.” It is simply to insist that what we want is a limited government that attends to its necessary and proper functions.
But if libertarians are not “anti-government,” then how do we describe the kind of government that libertarians support? One formulation found in the media is that “libertarians support weak government.” That has a certain appeal. But consider a prominent case of “weak government.” Numerous reports have told us recently about the weakness of the Russian government. Not only does it have trouble raising taxes and paying its still numerous employees, it has trouble deterring or punishing criminals. It is in fact too weak to carry out its legitimate functions. The Russian government is a failure on two counts: it is massive, clumsy, overextended, and virtually unconstrained in scope, yet too weak to perform its essential job. (Residents of many American cities may find that description a bit too close for comfort.)
University of Maryland Beating Editorial
The Washington Post has an excellent editorial on the beating that Prince George’s County officers gave University of Maryland student John J. McKenna. As I said in this post, the beating, and the false charges filed against McKenna, would never have resulted in the suspension of (and possible charges against) the officers involved without video that showed the officers’ unwarranted aggression. As the Post puts it:
Instead, it was not until the video surfaced this week that Prince George’s Police Chief Roberto L. Hylton learned of it, he said, adding that he was “outraged and disappointed.” Why wasn’t he “outraged and disappointed” that his own police had not come forward earlier to report the incident? After all, media reports at the time included eyewitness accounts of excessive police violence. Wasn’t it Chief Hylton’s responsibility to investigate those allegations? The unavoidable conclusion is that had there been no video, the conspiracy of police silence and coverup would have succeeded.
McKenna was fortunate that his family had the resources to hire a private investigator to find the video. Not everyone is so lucky, and it makes the case for changing Maryland’s unanimous consent law for recording conversations, as this case highlights. Laws that prevent the recording of interactions with police prevent transparency in what is supposed to be an open and free society.
Crime and Punishment in the Intel Community
On Thursday, the government indicted former National Security Agency executive Thomas Drake for obstructing justice and mishandling classified documents—though the underlying crime, for which Drake was not actually charged, was leaking embarrassing information to national security reporter Siobhan Gorman (then of the Baltimore Sun, now at The Wall Street Journal). As Glenn Greenwald observes, the decision to move forward with a rare leak prosecution in Drake’s case stands in rather sharp contrast to the decision to look the other way when it comes to other sorts of wrongdoing in the world of intelligence.
For years, the NSA managed a sweeping program of warrantless wiretaps and large-scale data mining, which a federal judge recently confirmed was in gross violation of the Foreign Intelligence Surveillance Act. The telecoms who participated in the scheme were, equally clearly, violating the Electronic Communications Privacy Act. The FBI separately and systematically flouted the same law by obtaining call records for thousands of phone numbers without any legitimate legal process. And, of course, there’s the little matter of torture. For these crimes, the administration has pronounced a verdict of “boys will be boys,” on the grounds that it’s better to gaze boldly into our shining future than get bogged down in recriminations over all that old stuff.
Drake didn’t spy on the conversations of Americans without a court order, or subject detainees to simulated drowning or sleep deprivation. Far worse, apparently, he embarrassed the NSA. The first article for which he acted as a source, “Computer ills hinder the NSA,”detailed how the agency had squandered billions on faulty computer systems that were getting in the way of effective intelligence work:
One [system] is Cryptologic Mission Management, a computer software program with an estimated cost of $300 million that was designed to help the NSA track the implementation of new projects but is so flawed that the agency is trying to pull the plug. The other, code-named Groundbreaker, is a multibillion-dollar computer systems upgrade that frequently gets its wires crossed.
The downfall of the Cryptologic Mission Management program has not previously been disclosed. While Congress raised concerns about the agency’s management of Groundbreaker in a 2003 report, the extent and impact of its inadequacies have not been discussed publicly.
To be sure, Drake broke the law—just as Daniel Ellsberg did when he leaked the Pentagon Papers. But it’s hard to say how the law here was working to protect national security, as opposed to the agency’s image. In any event, the contrast between the reaction to Drake and the non-reaction to other forms of lawbreaking makes the standard in effect for Bush-era misdeeds clear: If you illegally gathered information on members of the public, Obama’s DOJ would rather let sleeping dogs lie. If you illegally tried to get information to the public, you’d better lawyer up. From Main Justice to Fort Meade, message received.
TLJ on Justice Stevens’ Tech Influence
TechLawJournal has a thorough analysis of Justice John Paul Stevens’ opinions in technology-related areas. I reproduce it here with permission. (Tim Lee’s earlier about Justice Stevens’ legacy in tech is here.)
Justice John Paul Stevens, who has served on the Supreme Court since 1975, announced on April 9, 2010, that he will retire when the Court completes its current term this summer. This article reviews his contributions to technology related areas of law.
Outline of Article:
1. Summary.
2. Copyright Cases.
3. State Immunity in IPR Cases.
4. Patent Cases.
5. Communications Cases.
6. Internet Speech Cases.
7. Privacy Cases.
8. Other Cases.
Litan Warns Dodd Bill Would Harm Startups
I haven’t been following the debate over Sen. Dodd’s financial overhaul closely enough to have an opinion on the overall package, but Mike Masnick flags one aspect of the legislation that seems really troubling. Bob Litan explains:
Under existing law, startup companies can raise money easily and quickly from “accredited investors” — individuals with substantial wealth or income. There is no need for the companies or the investors to gain approval from any state or regulatory official.
All of this would change if Section 926 of the Dodd bill is included in any final reform legislation. That section would require, for the first time, companies seeking angel investment to make a filing with the Securities and Exchange Commission, which would have 120 days to review it. This would both raise the cost of seeking angels and delay the ability of companies to benefit from their funding.
The negative impact of the SEC filing requirement would be aggravated by the proposed doubling of the net worth or income thresholds required for investors to be “accredited.”
It’s hard to overstate how important a favorable regulatory climate is to the success of startups. Some of the most important startups have been founded by 20-somethings without the resources to hire lawyers or navigate regulatory bureaucracies. And startups frequently find themselves within weeks of insolvency before they have a big breakthrough. Having a crucial round of funding delayed by four months can be the difference between success and failure. If this description of the bill is accurate (and I have no reason to doubt that it is), this provision would be very bad for the future of high-tech innovation in the United States.
Dynamic Marketplace, Nimble Legislature
Years ago, when I worked on Capitol Hill, a colleague invited me to attend a meeting with some university professors who had a new idea for regulation of the telecommunications sector.
“Bits,” they said. “All regulation should center on bits.”
With convergence on IP-based communications, the regulatory silos dominating telecommunications would soon be more than anachronistic. Indeed, they would be a burden on the telecom sector. Bits were the fundamental unit of measure for the coming telecommunications era, and regulation should be formed around that reality.
My colleague and I looked at each other, amused.
Figuring out the substance is 5% of the problem. The other 95% is pulling together a sufficient coalition and muting opposition to your reform. More than a decade after this meeting and with “convergence” a rather old and obvious idea, the telecom regulatory regime is unchanged.
Like these professors did with telecom, many people can imagine legislative solutions to problems in the privacy era. I often don’t agree that their solutions are good, but nonetheless the capacity to imagine a suitable regulation is only 5% of the problem. Whether a good idea can be reduced to legislative language, passed in the same form, and implemented in its original spirit—all these are reasons to be wary of the legislative enterprise. What happens if something goes wrong?
Take the example of the privacy notices that the Gramm-Leach-Bliley Act requires financial institution to send to consumers each year. At the time it passed, I argued that it was an anti-marketing law much more than a privacy law. I haven’t seen anyone argue that financial privacy has flourished since it passed. I have also expressed doubts about notice and its utility for consumers many times, including in this long post, part of an abandoned debate with Cato colleague Julian Sanchez.
But putting aside these substantive issues, I don’t think anybody believed when Gramm-Leach-Bliley passed that consumers should get annual privacy notices from financial services providers that don’t share information in the ways the law was meant to affect.
But it did require those notices, and after the law passed in late 1999, those privacy notices started to go out:
“It’s 2000, and we don’t share information about you.”
“It’s 2001, and we’re still not sharing information about you.”
“It’s 2002—still not sharing information.”
“It’s 2003—we continue to not share information about you.”
“Hey, friend, here in 2004, we’re not sharing information about you!”
And so on, and so on, and so on—meaningless notices that could only confuse consumers.
So I was amused to see yesterday—more than ten years later—that the House of Representatives passed H.R. 3506, the “Eliminate Privacy Notice Confusion Act.” If would allow financial services providers that don’t share personal information in ways relevant to the GLB Act to stop sending those meaningless notices every year.
It took Congress ten years to correct a simple, obvious mistake—something nobody intended to put into the law. How many years would it take to correct privacy law on which opinion was divided?
Online privacy is more difficult and changing than financial privacy. The weakness of artificial “privacy notice” to affect consumer awareness and behavior is starting to dawn on people. But even if we did know the right answers, I would be wary of writing them into law.
A dynamic market needs a nimble legislature overseeing it. There’s just no such thing. Prefer the market.
Cato on Facebook
Cato on Twitter
Cato on Google+
Cato on YouTube
