WisPolitics.com reports that Wisconsin Governor Jim Doyle (D) plans to take more than $20 million out of the state’s REAL ID account and transfer it into the state’s general fund.

Wisconsin Representative Jim Sensenbrenner (R) objects:

When I shepherded the REAL ID bill through Congress 3 years ago, it was in response to one of the key recommendations made by the 9/11 Commission, that ‘fraud in identification documents is no longer just a problem of theft.’ As we saw in 2001, in the hands of a terrorist, a valid ID accepted for travel in the US can be just as dangerous as a missile or bomb.

Congressman Sensenbrenner is correct to claim responsibility for REAL ID, but less accurate in other parts of his statement. The 9/11 Commission’s ‘key’ recommendation wasn’t key. (Indeed, Congress’ effort to follow the Commission’s recommendation was repealed by REAL ID.)

Nobody - not the 9/11 Commission, not Congressman Sensenbrenner, not Stewart Baker, nor anyone else - can explain the proximity between false ID and terrorist attacks, or how REAL ID cost-effectively secures the country against any threat.

Wisconsin’s governor has issued a mighty well-placed snub to the creator of the “Sensenbrenner tax.”

A recent story in the Arizona Republic describes the rising practice of using “registered agents” to take care of the paperwork associated with the E-Verify system, which is mandatory for employers in Arizona. Registered agents know how to navigate this system, which requires employers to submit information about their new hires to the federal government for an immigration-status background check. Registered agents are there to step in and reap the rewards when employers throw up their hands.

The story reports that registered agents charge from $7.50 to $10.00 per new hire. There are about 50,000,000 new hires per year in the country (according to Labor Department statistics), and let’s assume that average employer is a little more efficient than those who use a registered agent - so make it $5.00 per new hire. That’s $250,000,000 per year, just on basic administration of the E-Verify system.

There are plenty of other costs to electronic employment elgibility verification, which I wrote about in my recent paper, “Franz Kafka’s Solution to Illegal Immigration.”

At a recent hearing, Representative Ken Calvert (R-CA) reportedly said, “There are certain interests that simply do not want employment verification.” He was referring to an internecine fight with a human resources group. But I found in my paper that “successful internal enforcement of federal immigration law requires an overweening, unworkable, and unacceptable identity system.”

Freedom-loving Americans do not want employment verification. They think it’s doubly or triply foolish to spend taxpayer dollars and burn employers’ time on policies that reduce our economic growth.

Inspired by the promotional brochure I recently came across, I’ve taken a look at L-1 Identity Solutions in a new Cato TechKnowledge. Though it has better options, L-1 and its new acquisition, Digimarc ID Systems, seem likely to continue lobbying for the REAL ID Act. My concluding line: “A corporate lobbying operation can do as much harm to liberty as any government agency or official.”

Yesterday - Sunday, May 11, 2008 - was the statutory deadline for state compliance with the REAL ID Act. Not a single state has begun issuing nationally standardized IDs as called for by the law. Nor are they putting driver information into nationally accessible databases.

Matthew Blake of the Washington Independent has a solid recap of the situation.

A couple of weeks ago, I wrote about a legal permanent resident who was arrested because he shared a common name with a suspected illegal immigrant. It illustrated how the E-Verify program would foul things for legal workers, a prominent subject of this paper.

Here’s another story of legal permanent resident mistreatment. This illustrates how overblown terror fears can cloud officials’ judgments and foul things for . . . well, everyone.

It seems that a woman in Florida asked her relatives in Monterrey, Mexico to ship her the birth certificates of two relatives who want to apply for their Mexican passports at the consulate in South Miami. At the behest of U.S. Customs and Border Security, the envelope is being held by the United Parcel Service in Louisville, Kentucky until she identifies herself further.

Asked to explain, a CBP spokeswoman in Washington asserted the U.S. government’s right to examine everything entering or exiting the country and said, “Identity documents are of concern to CBP because of their potential use by terrorists.”

This is a terrific example of poorly generated suspicion. In our paper on predictive data mining, Jeff Jonas and I wrote about how suspicion is properly generated in the absence of specific leads: “[T]here must be a pattern that fits terrorism planning . . . and the actions of investigated persons must fit that pattern while not fitting any common pattern of lawful behavior.”

(more…)

Joining the National Conference of State Legislatures, the Association of Corporate Travel Executives has endorsed S. 717, the Identification Security Enhancement Act of 2007. This bill would reinstitute a negotiated rulemaking process regarding identity security that was established in the 9/11-Commission-inspired Intelligence Reform and Terrorism Prevention Act.

The FCC’s review of the XM-Sirius merger is a perfect example of the type of quagmire that’s inevitably created when a government agency is given broad, discretionary authority over private businesses. Various special interest groups have proposed that the merger be subjected to a laundry list of requirements. Lefty groups want an open device mandate. A rent-seeker entrepreneur named Chester C. Davenport wants the merged entity to set aside 20 percent of its spectrum for minority-controlled broadcasting. There are a variety of other proposals to require the firm to lease spectrum to unaffiliated entities. Clear Channel is demanding that it be subjected to the same “indecency” regulations that now plague terrestrial radio.

There are good arguments against each of these proposals, and there are some plausible arguments for some of them as well. But what I find most problematic about the situation is the way the proposals are handled. We have a constitutional system of government in which Congress is supposedly in charge of writing laws, the executive branch is in charge of executing them, and the courts are in charge of interpreting them. This ensures that laws are written by the most politically-engaged branch—Congress—and interpreted by the most impartial branch—the courts.

But in this case, as in many others, Congress has effectively given the FCC its blessing to wear all three hats. It can dream up new “conditions” (read: regulations) for the merger focusing on virtually any subject that strikes its fancy. The conditions are specific to one company, so there’s ample scope for favoritism and arbitrary decision-making. And once the conditions have been announced, and XM-Sirius have been blackmailed into “accepting” them, the FCC effectively wears executive and judicial hats as well. Yes, supplicants before the FCC can and do appeal decisions to federal courts, and the FCC is sometimes overruled. But the courts tend to give the FCC relatively wide deference in its policy decisions, and firms that practice regularly before the FCC may be reluctant to too aggressively defend their prerogatives in the courts for fear of souring their relationship with the FCC going forward.

The fundamental problem (aside from the courts’ failure to require that lawmaking powers be limited to Congress as required by the Constitution) is the FCC’s baroque process for apportioning spectrum. The right way to handle it would be for XM, Sirius, and every other broadcaster to have a property right in the spectrum they use, which would entitle them to do as they please with that spectrum (as long as it didn’t interfere with other broadcasters) or to lease or sell the spectrum to anyone else. In a world with genuine property rights, spectrum would find its way to owner with the highest-valued use, and anyone who wanted to enter a market like satellite radio would be able to do so simply be purchasing spectrum rights in the appropriate bands. The FCC’s role would be limited to keeping track of who held which license and verifying that spectrum uses did not create interference with one another.

My suspicion is that in such a world, satellite radio would prove economically infeasible because the spectrum would be more valuable in other uses. But I don’t know, and the FCC’s soviet-style spectrum allocation process is certainly not a good way to figure it out. The FCC should approve the XM-Sirius merger without conditions. But the more important lesson is that, Congress should be moving toward genuine property rights in spectrum, so that the 21st-century wireless market ceases to be micro-managed by an anachronistic 20th-century bureaucracy.

Once we have a real market for spectrum, Congress may choose to enact general regulations governing the use of that spectrum. But the current system, in which the FCC has the arbitrary power to single out individual companies for arbitrary restrictions on virtually any subject the FCC’s commissioners happen to be concerned with, is deeply flawed. It’s not fair to companies that have the misfortune of attracting the FCC’s scrutiny, and it’s not good for consumers, who are deprived of the benefits of a robust and competitive market for spectrum.

Last week, Minnesota Governor Tim Pawlenty (R) vetoed a transportation bill that included a provision objecting to the federal REAL ID Act. The bill would have required the federal government to pay 95 percent of the cost of issuing national IDs before Minnesota would participate. Claiming political machinations were afoot, Pawlenty said that he preferred “something more reasonable like 50 or 60 percent.” One wonders what principle of federalism, liberty, or privacy could possibly support his willingness to accept a 50% unfunded surveillance mandate.

A much clearer vision will be on display next week when Governor Mark Sanford (R-SC) joins Senator Jon Tester (D-MT) here at the Cato Institute to discuss the REAL ID Act. South Carolina has barred itself from participating in the national ID system created by the Act, and Governor Sanford defiantly refused to ask the Department of Homeland Security for an extension of the compliance deadline earlier this year.

Senator Tester represents a state that has been similarly defiant. He is an original cosponsor of legislation that would repeal the REAL ID Act and restore the identification security provisions of the Intelligence Reform and Terrorism Protection Act, which REAL ID repealed.

The event is called The REAL ID Rebellion: Whither the National ID Law?, next Wednesday, May 7th, at noon, and it will be Webcast.

I recently had the opportunity to conduct a pair of briefings for congressional staff regarding electronic employment eligibility verification. A pair of bills are vying for the attention of Congress these days. I suggested in my recent paper, “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration,” that Congress should ignore both. Indeed, it should eliminate “internal enforcement” of immigration law entirely.

One of my co-briefers provided staffers with some interesting information pertaining to the idea of building a regulatory contraption for automatic nationwide verification of workers’ identity and immigration status. He was a representative of SSA workers from the American Federation of Government Employees, National Council of SSA Field Operations Locals.

The programs slated to go national under these proposals would compare data about new workers (and in some cases, existing workers) with databases at the Social Security Administration and the Department of Homeland Security. When the data didn’t match, workers would receive what is called a “tentative nonconformation.” With the 4.1% error rate in SSA files (as found by its Inspector General), that’s a lot of tentative nonconfirmations going even to law-abiding American citizens. A higher percentage of the time, naturalized citizens would get them, too, as government data about them is even more error-prone. Bad government data is just one source of error.

Anyway, when a tentative nonconfirmation is issued, employers are supposed to communicate this to the employee (not all do) and the worker is supposed to report to a Social Security Administration office or the Department of Homeland Security to clear the problem up. This is where the interesting new information comes in.

What would the process be like? Well, try calling your local SSA field office to find out. The SSA worker rep reported that 50% of those calls aren’t answered because field offices are too busy. Calls to the SSA’s national 800-number don’t go through 25% of the time.

It’s not just a phone problem. The agency currently has a backlog of 752,000 on disability rulings. That’s three quarters of a million people who aren’t getting an answer from SSA. It takes 530 days – a little under a year and a half – to get a disability ruling out of SSA.

In my paper, I wrote about the experience American workers would get at the Social Security offices when they went to clear up their tentative nonconfirmations:

Disputes of tentative nonconfirmations would not happen in lushly carpeted offices with marble columns, hot coffee, and friendly, attentive staff. The experience of American workers when they sought permission to work would be much more like their trips to the nation’s departments of motor vehicles, post offices, and dentists—long lines, unfriendly service, and painful procedures.

The SSA union rep assures me that SSA workers are friendly. Any perception of unfriendliness is due to overwork. Fair enough; I may have been slapdash in my writing about SSA employees. But a national electronic employment eligibility verification system would result in 3.6 million new visits to these folks, overworking them and eroding their courtesy even more. These visits, and administering tentative nonconfirmations at SSA, would cost $1 billion, according to the union rep.

Of course, an SSA employee union rep would happily take the money and add workforce to do whatever Congress wants. My preference is to save the money. Enforcement of our abnormally restrictive immigration law causes us to spend taxpayer money on undermining the productive economy. That shouldn’t make sense to anyone.

The Supreme Court has rendered its decision in Crawford v. Marion County Election Board. This is the case challenging Indiana’s voter ID requirement.

Briefly, the plaintiffs in the case did not establish sufficient proof of the burden on voting that the ID requirement would have. This was a facial challenge to the statute, and there was no plaintiff who had actually been dissuaded or prevented from voting. Sayeth the court:

[O]n the basis of the record that has been made in this litigation, we cannot conclude that the statute imposes “excessively burdensome requirements” on any class of voters.

There was also no evidence that Indiana has ever been victimized by impersonation at the polling place, which a voter ID requirement would help thwart, but in a facial challenge to a law like this, courts will defer to the state’s interests in deterring and detecting voter fraud, and in safeguarding voter confidence.

Advocates of voter ID will interpret this as a ringing endorsement, but it’s an unsurprising result. Hopefully, they won’t pursue a national voter identification requirement. In a recent TechKnowledge column inspired by the case, “Voter ID: A Tempest in a Teapot that Could Burn Us All,” I wrote:

A national registration system for voting would quickly be repurposed and used for many other kinds of regulatory control. There is no shortage of proposals for national registration and control of citizens. Should the voter ID tempest in a teapot boil over, the tiny specter of voter fraud could thrust a mandatory national ID into the hands of law-abiding citizens.

The Constitution gives Congress power to regulate the elections that select its members and, to a lesser degree, the president. But Congress does not have to use that power to its fullest extent. States recognize their own interests in fair elections, and they should experiment among themselves with ways to secure elections while making sure the vote is available to all qualified people.

Kerry Howley has a great article on the supposedly common-sense proposal to create a massive federal database of eligible workers as a disincentive to illegal immigration:

While undocumented workers probably contribute more in federal taxes than they consume in federal services, no one doubts that they pose some fiscal burden to border communities where they arrive. Still, you’d have to take an improbably extreme view of these costs to deem the SAVE Act fiscally rational. According to the Congressional Budget Office (pdf), the act would decrease federal revenues by $17.3 billion between 2009 and 2018 as formerly tax-paying workers go underground. The costs of expanding E-verify and a bunch of other goodies stuffed into SAVE (thousands more border agents, a program to recruit former members of the armed forces to join the border patrol, more SUVs and unmanned aerial vehicles, hundreds of full time immigration investigators, expanded immigration detention centers) come to $23.4 billion in discretionary spending during the same period. And that doesn’t touch the cost to individual employers, who are being slapped with a huge regulatory burden in the midst of impending recession.

No presidential candidate has come out in favor of Schuler’s bill, most likely because the bill includes no avenue for undocumented workers who wish to become legal. Herein lies the ambitious stupidity of SAVE: If the bill works as intended, it will instantly turn the population of 12 million undocumented workers with no way of becoming legal into 12 million unemployed undocumented workers with no way of becoming legal. For a political constituency constantly worried about “anarchy,” this does not appear to be an ideal situation.

The SAVE Act may or may not come to a vote this session, but employment verification will almost certainly be a part of future compromise legislation on immigration reform. That’s worrying. Walls offend us aesthetically and symbolically; they’re clumsy and primitive and cruel. But they’re also easy to tear down; far easier than a slowly metastasizing system of total employment surveillance, of growing databases and expanding bureaucracies.

Our own Jim Harper has justifiably called the e-verify program Franz Kafka’s solution to illegal immigration. According to the Social Security Administration’s own estimates, almost 18 million Social Security records contain errors, many of them pertaining to US citizens. If even a small fraction of those problems find their way into the e-verify program, we’d be looking at millions of American citizens suddenly forced to “prove” to federal bureaucrats that they’re “eligible” to have a job. Giving the federal government the power to decide which US citizens are allowed to work for a living seems to me like a much bigger threat to our freedoms than anything illegal immigrants have done.

The National Conference of State Legislatures wants the REAL ID Act gone. It supports S. 717, the Identification Security Enhancement Act of 2007, which would repeal the REAL ID Act and reinstitute a negotiated rulemaking process on identity security that was established in the 9/11-Commission-inspired Intelligence Reform and Terrorism Prevention Act.

It’s not a foregone conclusion that an organization like this would reject a behemoth of a project like building a national ID and surveillance system. The NCSL isn’t a small-government organization, and it could just as well have lobbied for billions of dollars in funding.

One of the big challenges of writing about tech policy is the difficulty of explaining the subjects I write about for a general audience. This was a particular challenge a couple of years ago when I wrote a Cato Policy Analysis about the anti-circumvention provisions of the Digital Millennium Copyright Act—just typing that out is a chore. I wish I could have pointed to this story as an example, because it brilliantly illustrates my argument.

A few years back, Microsoft developed a copy-protection scheme called PlaysForSure (it will become clear shortly how ironic that name was) that was supposed to prevent music customers from engaging in Internet piracy with music they bought from online music stores. Microsoft licensed the format to a variety of different companies and aggressively promoted it as an alternative to Apple’s iTunes-iPod ecosystem. Unfortunately, Microsoft failed to close the gap with Apple, so in 2006 Microsoft unveiled a new product line called Zune, effectively discontinuing development of PlaysForSure. Zunes are incompatible with PlaysForSure music. If you built up a music library in the PlaysForSure format, it would, um, not play for sure (or at all) on a Zune music player.

Up to this point this is just an ordinary business story, and nothing for libertarians to be concerned about. Companies drop old product lines all the time, and sometimes that means customers are stuck with compatibility headaches. But there’s just one problem: not only will Microsoft not help you play your PlaysForSure music on a Zune, but it’s illegal under the DMCA for anyone else to develop software to convert PlaysForSure music to a format that could play on Zunes, iPods, or any other format. Such software would be considered a “circumvention device”—ostensibly a piracy tool—and could bring civil and criminal penalties. If you were stupid enough to buy music in PlaysForSure format, you’re stuck with the dwindling number of PlaysForSure-compatible music programs still left on the market. You can burn your music to CDs, and then re-rip them to an open format, but this is a time-consuming process if you have a large music library, and it will lead to some degradation in the quality of the music.

As if all that weren’t enough, Microsoft yesterday announced the next step in its campaign to make the DMCA look ridiculous: this fall, it will be switching off the license servers that allow customers to “authorize” new computers and operating systems to play music from customers that bought music from its now-defunct MSN Music store. This means that if you have a library of music from the MSN Music store, and you buy a new computer or upgrade your operating system, there will be no legal way to take your music library with you.

If Congress hadn’t enacted the DMCA, this wouldn’t be a big deal. Third parties could develop software utilities that would automatically convert peoples’ PlaysForSure-formatted music collections into an open format like MP3, which would allow it be played on almost any computer or music player. Customers wouldn’t have to worry about whether their computer had been “authorized,” or whether the company they’d purchased the music from was running the necessary “license server.”

The most frustrating thing about this is that forcing consumers to jump through these hoops hasn’t made a dent in illicit file sharing. To this day, the music industry sells most of its music in the copy-protection-free CD format. Anyone can buy a CD, rip it to MP3 format, and upload it to the Internet. And music downloaded from peer-to-peer networks comes free of copy protection. Which means that the hassles imposed on consumers by the DMCA and copy protection formats like PlaysForSure haven’t slowed down piracy at all. All they’ve done is created unnecessary headaches for customers who were foolish enough to obey the law and pay for the music they downloaded.

Says WCCO.com:

Pawlenty has threatened to veto a major transportation bill because it includes language that would hamper Minnesota’s ability to comply with the [REAL ID Act].

Prepare for more of this if electronic employment eligibility verification goes national. Reports Dianne Solís of the Dallas Morning News:

Federal immigration agents executing arrest warrants for workers at the Pilgrim’s Pride poultry plant in Mount Pleasant arrested the wrong Jesus García at his home near the plant – despite his repeated assurances that he was a legal permanent resident.

Immigration and Customs Enforcement agents targeted workers at Pilgrim’s plants in Texas and four other states, and by Thursday, had arrested 311 workers on identity fraud charges or immigration violations.

. . .

“We think it is a case of mistaken identity,” said Fernando Dubove, Mr. García’s attorney. “It is the wrong Jesus García. It is really tough when you have a common name.”

This is probably just coincidence, but were an electronic employment eligibility verification system in place, illegal immigrants would affirmatively pursue this as a strategy, deepening the simple identity frauds they commit now to get ‘legal’ employment. They would acquire proof of identification as good or better than the true holder of a given identity.

In my recent paper, “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration,” I discussed what would happen when mistaken identity/identity fraud situations arose in the EEV systems now being debated on Capitol Hill:

[L]aw-abiding citizens would regularly stand accused of identity fraud. The SSA and DHS would not know which user of a name-SSN pair was the genuine person and which was using a false identity. EEV would tentatively nonconfirm all users of that name-SSN pair. The “true” individuals attached to fraudulently used identities would learn of identity fraud in their names when they were refused work by EEV and plunged into a bureaucratic morass.

Luckily, these victims of the system would just be denied employment and not arrested - if that’s your idea of luck . . .

A “sensor” is a device that measures a physical quantity and converts it into a signal that can be read by an observer or instrument. Sensors that convert analog information into digital form are the most interesting. The information they collect is easy to store, transmit, and reuse.

Digital sensors are all around - the keyboard on your computer, your cell phone, the surveillance cameras in your office building, and so on.

Lots of good things come from having these sensors around, and the systems they attach to - that’s for sure. But they don’t always serve our interests. Let’s take a look at an example of digital sensing gone wrong.

A colleague of mine recently returned from a business trip, where he engaged in important and sober work. He arrived home late from his trip, and his patient and loving wife, already in bed, engaged him in some conversation. Fairly quickly, she asked him whether he had enjoyed himself at the strip bar (!). My hard-working and serious colleague was concerned. Why, on returning to the warm glow of his happy home-life, should he be asked this question?

As he tells it, he found himself short on cash one evening, and ducked into the nearest establishment looking for an ATM. The generous purveyors of this . . . nightclub - who could have known it was something more? - graciously allowed him entry for the few moments it took to get the cash and be on his way.

ATMs are digital sensors. They record usage information and tie it to other details, like location. This is known as “meta-data” - information about information, such as where and when a given piece of information was collected.

The ATM transmitted this data and meta-data back to my colleague’s bank and, through an online banking system, to his wife. The system identified the ATM as being at “Antics Topless Lounge” or something like that. You can understand the short string of inferences that his caring, truly lovely wife drew when presented with this single item of sensed data.

The reporting of ATM location information is a convenience to those who may have forgotten where they used the ATM, but it’s less welcome to someone whose sweet and lovely life-partner might draw unfortunate inferences from ATM use in certain locations. Sensors have social consequences, and they’re not all good.

So I was nonplussed by the cover of the latest issue of Government Technology magazine. It shows the front of a police car, photographed from a low angle to give it a pugnacious look. (Alas, I can’t find the image online.) The car is decked out with lights and sirens, of course, but also with sensors - on the roof and behind the windshield.

“FREEZE FRAME,” says the magazine cover, “License plate scanners extend the reach of local police.” Inside, an article describes how license plate scanning by U.S. police agencies is “the next big thing” for catching stolen cars and locating suspects. But the real benefit, according to the chief of detectives and commanding officer of the Detective Bureau at the Los Angeles Police Department, “comes from the long-term value of being able to track vehicles - where they’ve been and what they’ve been doing . . . .”

Make no mistake: there is value in that, just like there’s value in knowing where you used the ATM. But there’s risk in that, too. It’s not an unalloyed good to give people data about your comings and goings - other than your loving, caring family, of course.

Unlike my colleague and his saintly wife, it’s none of the police’s business where law-abiding citizens have been going and what they’ve been doing. When these sensors are used for mass surveillance and not just spotting bad guys, that crosses an important line.

This is not an argument against giving police these sensors. They will be a boon for law enforcement and an aid to our safety and security. But if the back-end systems put information about every vehicle’s location into a database for later use, that’s inappropriate surveillance of the law-abiding public. Unlike my colleague’s charming, gracious, and forgiving wife, the police shouldn’t be in a position to ask us whether we enjoyed ourselves at the strip bar.

I was pleased a couple of months ago to point out where presidential candidate Senator Barack Obama (D-IL) had distinguished himself and gotten it right on whether driver licensing should be linked to immigration status. The use of driver licensing for immigration enforcement is a major impetus behind the national ID system that our country should rightly avoid.

Such pleasures don’t last. The senator published an opinion piece in the Charlotte Observer this week calling for a “mandatory electronic system that enables employers to verify the legal status of their employees within days of hiring them.”

It is very hard to hold both positions. As I pointed out in my recent paper on electronic employment verification, it is nearly impossible to “strengthen” internal enforcement of immigration law through EEV without creating a national identification system:

[T]he things necessary to make a system like this really impervious to forgery and fraud would convert it from an identity system into a cradle-to-grave biometric tracking system. Almost no way exists to do national EEV that is not a step down that road.

Perhaps Senator Obama would implement an EEV system with a federally issued national ID card rather than the driver licensing system. (That’s not a good option either.) Perhaps he’s devised a credentialing system that allows people to prove eligibility to work under current immigration law without a national ID. (Such things are possible.) Most likely, the senator has expressed two pretty much irreconcilable positions.

The Supreme Court has long held that laws of nature, physical phenomena, and abstract ideas are not eligible for patent protection. Because these things are discovered rather than invented, they are “free to all men and reserved exclusively to none.” In recent years, however, the United States Court of Appeals for the Federal Circuit, which hears most patent appeals, has begun to relax the restriction on such patents. I’ve written before about the problems created by software patents. Software is is ultimately just a sequence of mathematical formulas, and in their pure form they’re not patentable. But in a series of decisions in the 1990s, the Federal Circuit opened the door to patents that cover software when it’s loaded onto a computer, which of course is the only useful thing to do with software. Since then, we’ve seen an avalanche of patents on software, which have started creating serious problems for innovators in the software industry.

The latest example of the problems on patenting abstract concepts comes via Mike Masnick of Techdirt: a company had some problems with a satellite launch, and wanted to use a maneuver called a Lunar flyby to correct it. Unfortunately, Boeing holds a patent covering the maneuver they wanted to use, and they have been unable to negotiate a license of that patent. So they’re planning to let the satellite go down in flames and try to collect the insurance money on it.

Now, as Mike points out, the maneuver in question is just an application of basic physics to spaceflight. The basic principles have been understood since Newton, and NASA has been computing these kinds of orbital trajectories since the 1960s. The patent office should have rejected the patent for trying to patent a straightforward application of basic physics. Unfortunately, thanks to the Federal Circuit’s increasingly permissive standards for patentable subject matter, Boeing was granted the patent, and this company now faces the unappetizing choice of leaving the satellite in the wrong orbit or getting embroiled in litigation with Boeing.

Crucially, the Supreme Court has never endorsed the Federal Circuit’s experiment with allowing patents on abstract ideas, and several justices have voiced concerns about the direction the Federal Circuit has taken the rules for patentability. Apparently, the widespread outrage over the abuse of such patents has gotten the Federal Circuit’s attention, as it has decided to re-hear a case called In Re Bilski that could give it an opportunity to tighten up the rules for patenting abstract concepts. Several public interest groups have filed briefs in the case urging the court to do just that.

The Federal Circuit will be hearing the case en banc next month, and it has already become one of the most closely-watched cases on the Federal Circuit’s docket. Given the Supreme Court’s heightened interest in patent issues in recent years, it’s not hard to imagine the Supreme Court deciding to review the decision as well. Given that Congress has so far ducked the issue of reining in patents on abstract concepts in its pending patent reform legislation, In Re Bilski may be our best chance of reform.

. . . strips away privacy before it goes to work.

Here’s a nice, discrete example: S. 2485, introduced in the U.S. Senate last week, would require asset verification of participants in State Medicaid programs, exposing the personal information held by financial institutions to government access.

This privacy loss is a natural outgrowth of entitlement programs. It’s nearly mandated by the simple and warranted effort to reduce waste, fraud, and abuse.

My 2004 Policy Analysis, “Understanding Privacy - and the Real Threats To It,” explored how entitlement programs almost always carry with them a significant privacy-cost:

To provide benefits and entitlements—and, of course, to tax—governments take personal information from citizens by the bushel. Nearly every new policy or program justifies new or expanded databases of information—and a shrunken sphere of personal privacy.

The Universal Right to Vote by Mail Act of 2007 (H.R. 281) recently passed the House Committee on House Administration. It would amend the Help America Vote Act of 2002 to require states to allow eligible voters to request a mail-in ballot for all federal elections without having to provide a reason.

In a TechKnowledge piece called “Voter ID: A Tempest in a Teapot that Could Burn Us All,” I shared some thoughts that are relevant to this bill:

Increasing voter participation has been a policy fetish for the last decade or two-never mind whether more voting for its own sake makes a better democracy. . . . The growth in absentee balloting has undone some of the protections against voter impersonation and multiple voting that previously existed. People are much more reticent to commit fraud in person - it’s riskier - so in-person voting was a natural security against impersonation fraud. Voting in multiple jurisdictions is simply too time-consuming to do on any scale when it has to be done in person.

The bill would require states to verify signatures on absentee ballots by cross-checking them with voters’ signatures on the official list of registered voters, but this only begins to shore up the security hole opened by mass absentee balloting.

The people who want this bill undoubtedly believe it will improve both the political discourse and their electoral prospects. Folks on the other side - the proponents of identification requirements for voting - will only be energized by these efforts, which lower the bar for both legitimate voting and for voter fraud.

Both sides should just drop this food-fight-to-the-death and work on substantive policies that they believe will win voters to their sides. Hopefully, those policies are centered on limited government, free markets, and peace.

A friend and supporter of my work on REAL ID sent me a link to this WebMemo from the Heritage Foundation, entitled “All Aboard: Fifty States Now Compliant with Real ID.” I’m using the subject line of his email as the title of this post.

There certainly seems to be confusion in some quarters about REAL ID’s current status. Let’s take a brief look at how states stand in terms of compliance.

Because not a single state will comply with REAL ID on the statutory deadline, May 11th, the Department of Homeland Security has been giving out deadline extensions willy-nilly the last few months. It gave extensions just for the asking to states that have statutorily barred themselves from complying, for example.

Some states refused to even ask for extensions. When this happened, DHS quickly switched to issuing states extensions if the states were independently changing their driver’s licensing processes in ways that would meet any of the requirements of REAL ID. States like Montana and New Hampshire wrote to DHS expressing no intention to comply with the law, but stating what they had done on their own. These DHS interpreted as requests for extensions, and granted them.

When the governor of Maine last week finally sent DHS a letter stating his intention to submit legislation relating to REAL ID compliance, the DHS took that as a request for an extension and granted it. The Maine legislature will have to consider any such bills, of course. Maine’s is the legislature that was the first in the country to reject REAL ID.

Getting deadline extensions by hook and by crook out to all 50 states is a pretty long way from getting all 50 states to comply. The actual state of things is reflected well on this map, maintained at the ACLU-run Web site RealNightmare.org. It shows seven states still self-barred from complying, and many others protesting the law. An eighth - Idaho - recently saw legislation barring compliance with REAL ID move through the Senate and to the governor’s desk.

In my paper, “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration,” I analyzed a number of different factors that would frustrate a national employment eligibility verification system. Most of them had to do with responses that undermine the functioning of the verification system itself. But I also talked about avoidance. Under a national electronic employment eligibility system, I wrote, “[w]ork ‘under the table’ would increase, and, along with it, other forms of illegality.”

Strong validation of that notion came from an interesting source last week: the Congressional Budget Office. CBO and the Joint Committee on Taxation estimate that the SAVE Act (the “Secure America Through Verification and Enforcement Act”), a bill to take E-Verify national, would result in lost federal revenue of $17 billion over 10 years. That is because more undocumented workers would be paid outside the tax system. That’s a lot of work under the table.

Those who have fixated on immigration law enforcement often cite the rule of law, which is certainly an important thing. But the rule of law thrives when the law is at peace with the people, not when it’s a cudgel. As I also wrote:

Proponents of internal enforcement and electronic employment verification surely stand on a sound principle—the rule-of-law ideal that people should enter the country legally. But current immigration law is a greater threat to the rule of law than any of the people crossing the border to come here and work. Our immigration policies have fostered the illegality so common in the employment area.

After DHS Secretary Chertoff’s testimony to the Senate Judiciary Committee this week (at which he was apparently rebuked for “bullying” states on REAL ID compliance) he sat down with a group of bloggers to discuss things.

Congratulations are due the Secretary for making himself available in an open forum like this, especially because it allows us some insight into his thinking. It makes more clear why he and his colleague Stewart Baker feel a need to engage in so much REAL ID “myth-busting.” Though I have assumed their comprehension of the problems with REAL ID, perhaps I have been mistaken, as Secretary Chertoff does not exhibit a good sense of information technology or the information economy.

Here’s the myth that Secretary Chertoff purports to bust:

I had someone say to me today, “Well, when you have these REAL ID licenses with a machine-readable zone . . . it’s gonna be used to track people. People can skim it. And they can steal it. And then they can use it to follow you around.” Now this is a fantasy. This is just not true.

The Secretary overstates the argument and so shades into attacking a straw man, but the context is conversational. So let’s look at what the real argument is, and then at the Secretary’s responses. I touched on the question of tracking in my testimony to the Senate Homeland Security and Governmental Affairs Committee:

There are machine-readable components like magnetic strips and bar codes on many licenses today. Their types, locations, designs, and the information they carry differs from state to state. For this reason, they are not used very often. If all identification cards and licenses were the same, there would be economies of scale in producing card readers, software, and databases to capture and use this information. Americans would inevitably be asked more and more often to produce a REAL ID card, and share the data from it, when they engaged in various governmental and commercial transactions.

In turn, others will capitalize on the information collected in state databases and harvested using REAL ID cards. Speaking to the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee last week, Anne Collins, the Registrar of Motor Vehicles for the Commonwealth of Massachusetts said, “If you build it they will come.” Massed personal information will be an irresistible attraction to the Department of Homeland Security and many other governmental entities, who will dip into data about us for an endless variety of purposes.

This is not an argument that the currently proposed REAL ID license would be read surreptitiously, as might happen with an RFID-chipped card. (The Secretary says that REAL ID currently does not require RFID, but neglects to mention that the “Enhanced Driver’s License,” which satisfies REAL ID, has one.) The argument is that a great deal more data about us will be collected.

This will include “meta-data” - information about the collection of information, such as time, place, purpose, collecting entity, and so on. Combined identity data and meta-data form footprints about our comings and goings. These footprints, collected in interoperable databases, combine to form tracks.

Perhaps it’s a complicated argument, but it’s a coherent one: REAL ID would lead to tracking of law-abiding Americans.

Nothing the Secretary says conveys that he’s aware of meta-data or actual data collection processes. He says that the machine-readable zone (or MRZ) is “nothing more than the information on the face of the license. I already have a reader for the license - it’s called my eye - and I can read what’s on your license. So therefore there’s nothing I’m going to get out of the MRZ that I can’t get from the face of the license.”

Alas, even this isn’t quite true. The regulation prescribes certain minimum data elements for the MRZ, but doesn’t restrict the use of others, and it doesn’t require states to restrict the content of the MRZ to only what is on the face of the license. The MRZ could lead to tracking of people and their activities based on their race, for example, a data element many states currently include in their MRZs. Despite receiving comments concerned with this during the rulemaking process - oh, and in congressional testimony - DHS declined to prohibit including race in the MRZ of REAL IDs.

Card readers are not just little electric eyeballs. They record information in digital form. This means that identical copies of these records are easy to store, easy to compile, easy to transfer, and easy to reuse. Collecting information in digital form is materially different from collecting information in analog form. Most people who work with technology know that implicitly. To be credible on identification technology issues, one must know this and acknowledge its significance.

Finally, the Secretary says that the DHS is not going to create a lot of databases using REAL ID. That may be his intention, but he’s in office for about ten more months. And whether DHS creates them or not, databases of information harvested using REAL ID would likely be available to DHS.

It is very hard to design information technology systems that do not collect and retain information. The current secretary’s personal opinion about databases just isn’t good evidence of whether or not there will be databases of information about the comings and goings of law-abiding Americans. Chances are very good if REAL ID is implemented that there will be.

The Orange County Register has an editorial on the REAL ID Act this morning that captures the issues magnificently. Among other gems:

The big trouble is that there’s no evidence that this Draconian act, even if fully implemented, would be more than a minor inconvenience for a determined terrorist. But having all that information – including copies of birth certificates and Social Security cards – available in one database would make an irresistible target for identity thieves. And it would be a major inconvenience for millions of innocent Americans and a major expense for state governments – meaning taxpayers.

The Register’s conclusion? Congress should “bite the bullet and repeal this useless, intrusive, money-wasting law.”

Today finds another post on the DHS Leadership blog attempting to defend the REAL ID Act. Despite never having made the affirmative case for REAL ID, Assistant Secretary for Policy Stewart Baker is attempting to defeat the arguments against it.

The “myth” he purports to dispell this time is that REAL ID creates a national ID:

REAL ID is simple. The regulation requires that states meet minimum security standards when they issue driver’s licenses and identification cards necessary for “official purposes,” like getting on a plane or entering federal buildings. That’s it. The federal government’s role is to make sure that states meet minimum standards of security, so that banks and airports in one state can count on the quality of licenses issued in another.

Once again, I believe savvy Stewart Baker is playing at the role of ingenue. He’s pretending to lack the common knowledge that government programs grow in size and power.

It’s true that REAL ID allows states to issue driver’s licenses and identification cards that don’t meet the federal standards. They won’t be acceptable for “official purposes,” which are defined as follows in the statute:

The term “official purpose” includes but is not limited to accessing Federal facilities, boarding federally regulated commercial aircraft, entering nuclear power plants, and any other purposes that the Secretary shall determine.

(emphasis added)

(more…)

So reports Wired’s “Threat Level” blog as the Department of Homeland Security capitulates in the face of New Hampshire’s rejection of REAL ID. The same thing happened with Montana.

The key? The renegade states send a nice letter that is not a request for an extension of a looming deadline but touts the security of their driver’s licenses, which the Department of Homeland Security accepts as an official extension request. That lets DHS save face, even as it backs down from repeated threats to punish the citizens of rogue states.

New Hampshire wins.