I am pleased to announce that John Mueller, a leading scholar in the fields of political science, international relations, and national security, has joined the Cato Institute as a senior fellow.

All of us at Cato are very excited to have John as a colleague. Over the last decade as a professor of political science and as the Woody Hayes Chair of National Security Studies at the Ohio State University’s Mershon Center for International Security Studies, John has taken on the conventional wisdom in the national security arena with a rare combination of accessible, breezy prose and meticulous cost-benefit analysis. In particular, he has focused on how policymakers inflate national security threats at home and abroad.

His newest book, Terror Money and Security, which he presented at a recent Cato forum, examines whether the gains in security over the past decade were worth the funds expended. For the vast majority of U.S. homeland security and counterterrorism policies, John and his co-author, Mark Stewart, resoundingly conclude “no.”

As a member of the Cato Institute, John will contribute to our multitude of programs and publications while furthering his work on the subjects of security, defense, and U.S. foreign policy. Cato is fortunate to have such a brilliant scholar join its staff.

For more Cato Institute work on foreign policy and national security, go here.

John Mueller Joins Cato is a post from Cato @ Liberty - Cato Institute Blog

A wave of violence spread across Iraq today with 70 dead and some 300 injured. Iraqi security forces are blaming al Qaida affiliates, but no group has officially claimed responsibility. The New York Times puts the events in context:

Coming a little less than two weeks after the Iraqi government said it would negotiate with the United States about keeping some of its 48,000 troops here after the end of the year, the violence raised significant questions about the capabilities of the Iraqi security forces.

This is indeed a tragic loss of life, but this level of violence actually has become less common and usually occurs when the Iraqi government is making important decisions on the future of the country and U.S. troop presence. Each time a bomb is detonated in Iraq, commentators argue that it proves we cannot leave Iraq yet; the job is not done.

If the job isn’t done, it should be. And soon. There will certainly be violence in Iraq for the foreseeable future, but a U.S. troop presence is not going to prevent these horrific incidents and often serves as a pretext for them. The continued violence shouldn’t obscure one unalterable fact: the Iraqis must solve their internal security problems. That, in turn, will likely require them to also solve their political problems, something that they have so far refused to do.

As Ted Galen Carpenter and Doug Bandow have explained those calling for an extended U.S. presence in Iraq base their arguments on faulty logic that is devoid of serious considerations about strategic U.S. interests in the region. The most committed of the stay longer/forever crowd hopes our presence in Iraq will resemble that of U.S. troops in South Korea or Germany. But this isn’t only a false analogy; it is based on false premises about vital U.S. interests: namely, that the U.S. government, and U.S. taxpayers, should be responsible for the security of other countries.

Those who worry about us leaving too soon/ever shouldn’t fret too much, however. Regardless of what happens in the negotiations over an extension of the U.S. troop presence, the United States will still maintain a staff of 17,000 employees (including contractors) based out of the world’s largest embassy.

Through it all, President Obama has been relatively silent. He has claimed that we are “winding down” the nation’s wars, but the prospect of tens of thousands of Americans remaining in Iraq hardly constitutes an end-game there. And no one knows what sort of long-term presence the president has in mind for Afghanistan.

President Obama won the presidency due in part to his opposition to the Iraq war at a time when most other politicians were either supportive or silent. This stand allowed him to build credibility with the American people, despite his relative lack of foreign policy experience. While other so-called experts were calling for war, he was concerned that the Iraq war was likely to undermine American and regional security, cost hundreds of billions of dollars, and claim many tens of thousands of lives. Tragically, he was correct.

The combat mission may have ended, but Americans are still dying in Iraq. It is time for the President and his administration to keep the promise of ending U.S. military involvement there, and hasten the day when Iraqis are fully responsible for their own affairs.

Cross-posted from the National Interest.

Iraq Violence Not an Excuse for US Troops to Stay is a post from Cato @ Liberty - Cato Institute Blog

With the Department of Homeland Security constantly spinning out new projects and programs (plus re-branded old ones) to investigate you, me, and the kitchen sink, it’s sometimes hard to keep up. But I was intrigued with a report that behvaior detection officers are getting another look from the Transportation Security Administration. Behavior detection is the unproven, and so far highly unsuccessful (Rittgers, Harper), program premised on the idea that telltale cues can reliably and cost-effectively indicate intent to do harm at airports.

But there’s a new behavior detection program already underway. Or is it interrogation?

Due to a bottleneck at the magnetometers in one concourse of the San Francisco airport (no strip-search machines!), I recently had the chance to briefly interview a Transportation Security Administration agent about a new security technique he was implementing. As each passenger reached him, he would begin to examine the traveler’s documentation and simultaneously ask the person’s last name. He confirmed to me that the purpose was to detect people who did not immediately, easily, and accurately respond. In thousands of interactions, he would quickly and naturally learn to detect obfuscation on the part of anyone carrying an ID that does not have the last name they usually use.

As a way of helping to confirm identity, it’s a straightforward and sensible technique. Almost everyone knows his or her last name, and quickly and easily repeats it. The average TSA agent with some level of experience will fluently detect people who do not quickly and easily repeat the name on the identity card they carry. The examination is done quickly. This epistemetric check (of a “something-you-know” identifier—see my book, Identity Crisis) occurs during the brief time that the documents are already getting visual examination.

Some people will not repeat their name consistent with custom, of course. The hard of hearing, speakers of foreign languages, people who are very nervous, people who have speech or other communication impediments, and another group of sufferers—recently married women—may exhibit “suspicious” failure to recite their recently changed surnames. Some of these anomalies TSA agents will quickly and easily dismiss as non-suspicious. Others they won’t, and in marginal cases they might use non-suspicious indicia like ethnicity or rudeness to adjudge someone “suspicious.”

The question whether these false positives are a problem depends on the sanction that attaches to suspicion. If a stutterer gets a gauntlet at the airport each time he or she fails to rattle off a name, the cost of the technique grows compared to the value of catching … not the small number of people who travel on false identification—the extremely small number of people who travel on false identification so as to menace air transportation.

We used this and closely related techniques, such as asking a person’s address or the DMV office where a license was issued, at the bar where I worked in college. It did pretty well to ferret out people carrying their older friends’ IDs. Part of the reason it worked well is because our expert doormen could quickly escalate to further inquiry, dismissing their own suspicions or denying entry to the bar very quickly. The cost of getting it wrong was to deny a person entry to the bar and sometimes possession of a license. These are relatively small costs to college students, unlike the many hours in time-costs to a traveler wrongly held up at the airport. According to my interview, suspicion generated this way at the airport requires a call to a supervisor, but I did not learn if secondary search is standard procedure, or if cases are handled some other way.

TSA agents are not doormen at bars, of course, and the subjects they are examining are not college kids out to get their drink on. These are government agents examining citizens, residents, and visitors to the United States as they travel for business and pleasure, often at high cost in dollars and time. The stakes are higher, and when the government uses a security technique like this, a layer of constitutional considerations joins the practical issues and security analysis.

I see three major legal issues with this new technique: Fourth Amendment search and seizure, the Fifth Amendment right against self-incrimination, and Due Process. When questioning joins an ID check at the airport, it’s a deepening of a search that is already constitutionally suspect. The Fifth Amendment issues are interesting because travelers are being asked to confess through their demeanor whether they are lying or telling the truth. It would seem to cross a Fifth Amendment line and the rule against forced self-incrimination. The Due Process issues are serious and fairly straightforward. When a TSA screener makes his or her judgment that a person is not responding consistent with custom and is therefore “suspicious,” these judgement calls allow the screeners to import their prejudices. Record-keeping about suspicion generated using this technique should determine whether administration of this epistemetric check violates constitutional due process in its application.

In its constant effort to ferret out terrorist attacks on air transportation, the TSA is mustering all its imagination. Its programs raise scores of risk management issues, they create constitutional problems, and they are a challenge to our tradition of constitutionally limited government. The threat that a person will use false identification to access a plane, defeating an otherwise working watch-list sytem, to execute some attack is utterly small. At what cost in dollars and American values do we attack that tiny threat?

The founding problem is the impetuous placement of federal government agents in the role of securing domestic passenger aviation. There are areas where government is integral to securing airports, airlines, and all the rest of the country—foreign intelligence and developing leads about criminal plots, for example—but the day-to-day responsibility for securing infrastructure like airports and airplanes should be the responsibility of its owners.

If the TSA were to go away, air security measures might be similar in many respects, but they would be conducted by organizations who must keep travelers happy and safe for their living. The TSA hasn’t anything like private airports’ and airlines’ incentives to balance security with convenience, privacy, cost-savings, and all other dimensions of a satisfactory travel experience. Asking people their names at airport security checkpoints is an interesting technique, and not an ineffective one, but it should probably be scrapped because it provides so little security at a relatively great cost.

Behavior Detection as Interrogation is a post from Cato @ Liberty - Cato Institute Blog

Last week, the House passed a homeland security appropriations bill slashing funding for grants to states and localities. The New York Times has now noticed and unleashed an indignant editorial:

House Republicans talk tough on terrorism. So we can find no explanation — other than irresponsibility — for their vote to slash financing for eight antiterrorist programs. Unless the Senate repairs the damage, New York City and other high-risk localities will find it far harder to protect mass transit, ports and other potential targets.

The programs received $2.5 billion last year in separate allocations. The House has cut that back to a single block grant of $752 million, an extraordinary two-thirds reduction. The results for high-risk areas would be so damaging — with port and mass transit security financing likely cut by more than half — that the chairman of the House Homeland Security Committee, Peter King of New York, voted against the bill as “an invitation to an attack.”

Only a few months ago, Times editorials accused King of trying to “hype” and “stoke” fear of homegrown Muslim terrorism. It’s sort of touching to see them get behind his fearmongering when the beneficiaries are local firefighters, police, and other local interests.

But the editorial has trouble worse than hypocrisy. For starters, it’s light on facts. Its accounting seems to omit over $320 million in funds for local firefighters that a floor amendment put in the bill. It also fails to mention that the bill eliminates a formula that ensures that homeland security funds are distributed to every state. Because it means that counterterrorism spending is highest per-capita in rural areas where the threat from terrorism is lowest, homeland security watchers have long attacked that minimum funding provision. So while this bill would indeed cut homeland security funds going to New York, it would also mean that New York gets more of the remaining funds.

More importantly, the Times evidently did not try too hard to find an explanation for the cuts once they settled on irresponsibility, given that Republican appropriators readily offered one: the funds are wasteful. Rather than explain why they think the money is well spent (my definition of responsibility), the editorial conflates spending on security with security itself. It says the cuts will be “damaging,” but it cites only damage to the budgets of recipient agencies, not their purpose.

In fact, the threat of terrorism is so low in the United States and the efficacy of the funds in mitigating it so uncertain that the right amount of homeland security spending in most parts of the United States is none. That is especially true now that we are roughly a decade removed from the September 11 attacks, which spawned a massive increase in homeland security grant-making. That splurge was meant to bolster our ability to defend against what has proved a massively inflated threat of catastrophic terrorism; it was not meant to be a permanent subsidy to state and local governments.

New York City is uniquely threatened, but that does not mean that federal taxpayers should foot the bill. The federal government should collect intelligence on terrorists and hunt them down. Local and state officials should use that information to determine the right amount of local security spending. They have to ask whether normal policing funds, school spending, or slightly lower taxes are worth sacrificing for a new camera or chemical clean-up suit. Federal grants, because they are buried in a massive budget and partially deficit-funded, dilute our ability to perceive those tradeoffs. They also heighten fear of terrorism by encouraging state and local interests to overstate their peril to win the grants, as the editorial demonstrates.

It ends by instructing the Senate to “stand up for security over politics” and restore funding to past levels. But these decisions should be made politically. We give power over security policy to politicians — rather than leaving it exclusively to unelected bureaucrats — because these decisions are important. That is a product of design, not an accident. The notion that security is too important for politics is backwards.

Luckily, the attempt to divorce security policy from electoral politics is a pretense. The Times is engaging in politics by asking for funds. They aim to politically punish those that oppose their preferred policies. If the Senate restores most of the grant funds, as it likely will, it will do so for sound political reasons.

Cross-posted from The National Interest.

The NYT‘s Weak Defense of Homeland Security Grants is a post from Cato @ Liberty - Cato Institute Blog

It might be tempting to laugh at France’s ban on words like “Facebook” and Twitter” in the media. France’s Conseil Supérieur de l’Audiovisuel recently ruled that specific references to these sites (in stories not about them) would violate a 1992 law banning “secret” advertising. The council was created in 1989 to ensure fairness in French audiovisual communications, such as in allocation of television time to political candidates, and to protect children from some types of programming.

Sure, laugh at the French. But not for too long. The United States has similarly busy-bodied regulators, who, for example, have primly regulated such advertising themselves. American regulators carefully oversee non-secret advertising, too. Our government nannies equal the French in usurping parents’ decisions about children’s access to media. And the Federal Communications Commission endlessly plays footsie with speech regulation.

In the United States, banning words seems too blatant an affront to our First Amendment, but the United States has a fairly lively “English only” movement. Somehow, regulating an entire communications protocol doesn’t have the same censorious stink.

So it is that our Federal Communications Commission asserts a right to regulate the delivery of Internet service. The protocols on which the Internet runs are communications protocols, remember. Withdraw private control of them and you’ve got a more thoroughgoing and insidious form of speech control: it may look like speech rights remain with the people, but government controls the medium over which the speech travels.

The government has sought to control protocols in the past and will continue to do so in the future. The “crypto wars,” in which government tried to control secure communications protocols, merely presage struggles of the future. Perhaps the next battle will be over BitCoin, an online currency that is resistant to surveillance and confiscation. In BitCoin, communications and value transfer are melded together. To protect us from the scourge of illegal drugs and the recently manufactured crime of “money laundering,” governments will almost certainly seek to bar us from trading with one another and transferring our wealth securely and privately.

So laugh at France. But don’t laugh too hard. Leave the smugness to them.

Government Control of Language and Other Protocols is a post from Cato @ Liberty - Cato Institute Blog

The Patriot Act extension passed by Congress this week did not become the law of the land. It is void and without effect.

So may argue some future defendant whose conviction rests on evidence gotten under Patriot Act powers during the extended period Congress sought to establish in the bill it passed this week.

President Obama is at a meeting in Europe, so he had the bill signed by auto-pen. Representative Tom Graves (R-GA) has written a letter inquiring of the president whether he was presented the bill and truly intended to sign it.

Article I, Section 7 of the Constitution says:

Every Bill which shall have passed the House of Representatives and the Senate, shall, before it become a Law, be presented to the President of the United States; If he approve he shall sign it, but if not he shall return it…

Is presentment and signing a quaint formality? Something to put aside in light of modern technology and time-constraints? Or is it an important step in the law-making process, to be executed quite literally without deviation from past practice?

The answer lies mostly in consideration of what a signature is, and what it does. I looked into signatures, among many other identifiers and security techniques in my book, Identity Crisis.

Wikipedia has a definition of “signature” that’s good enough: “A signature is a handwritten (and sometimes stylized) depiction of someone’s name, nickname, or even a simple ‘X’ that a person writes on documents as a proof of identity and intent.” Key words: identity and intent.

In the world of identification and security, a signature is classed as a “behavioral biometric identifier.” That is, it’s a product of a given person’s bodily action that is distinctive enough to create strong evidence of the person’s presence.

A signature does many things, and inferences spill out from the presence of a mark on paper that is sufficiently similar to other marks made by a particular person. Because it’s left on the paper, a signature indicates that the person was in the presence of the document. This means in most cases that he or she could review it and had the opportunity, barring some exigency, to affirm its accuracy and completeness. By long-standing custom, absent duress or fraud, the signature indicates the giving of one’s assent or the placing of authority behind the content of the document. A signature supplies evidence—imperfect, to be sure—that a given person approved a given document.

Does a signature by auto-pen create the same inferences? Almost none of them. To know that President Obama indeed meant to affirm the bill, one would have to investigate how he was apprised of the bill’s content. Were there security measures in place to ensure that the communication about the document and the giving of assent were not altered or forged in transit from Washington, D.C. to Europe? One would need assurance that the controller of the auto-pen applied its mark to the exact document that the president was apprised of, and that no substitute document was inserted. All these problems are solved by bringing the person with authority into the same room with the document to manually apply the signature.

I haven’t a whiff of doubt that President Obama intended to sign the bill. The authority of the president and the gravity of bill-signing are such that I’m confident security measures were in place to control the security issues noted above.

But the question in a court case dealing with the presentment and signing requirement is not what happened with this particular bill. It is what should happen in all cases to help exclude the risks of fraud and duress in law-making—with much longer bills, for example, or some future circumstance when the president’s whereabouts or capacity might be unknown.

The authority of the president and the gravity of bill-signing actually cuts the other direction: The president should be in the same room as the actual document, applying his genuine signature to the artifact of a United States public law’s creation. It’s that important a function of the presidency.

Until biometrics and encryption are good enough that we can sign our mortgages remotely, it’s not too much to ask, having the president to sign legislation in person. If a criminal or two go free in the future because of the inadequacy of the process here, it will be worth it for the small security against fraudulent passage of legislation in a future full of uncertainties.

“If He Approve, He Shall Sign It…” is a post from Cato @ Liberty - Cato Institute Blog

Rolling Stone reporter Michael Hastings—yes, that Michael Hastings—has written another investigative article on U.S. operations in Afghanistan, centered again on a general in the theatre.  The revelations are perhaps more shocking than those that resulted in General Stanley McChrystal’s dismissal last summer.

His newest bombshell alleges that the U.S Army illegally engaged in “psychological operations” with the aim of manipulating various high-level U.S. government officials into believing that the war was progressing in order to gain their continued support.  The list of targets includes members of Congress, diplomats, think tank analysts, and even Adm. Mike Mullen, Chairman of the Join Chiefs of Staff.  Over at The Skeptics, I attempt to put this in context:

While American soldiers and Afghan civilians continue to kill and be killed in Afghanistan, the Pentagon seeks to provide the illusion of progress, systematically misrepresenting realities on the ground to bide more time, gain more troops, and acquire more funding. It’s bad enough that the American media uncritically relays statements from U.S. officials portraying “success” on the ground. Now the Pentagon is using its massive propaganda budget to blur the line between informing the public and spinning it to death. In fact, several years ago the Associated Press found that the Pentagon had spent $4.7 billion on public relations in 2009 alone, and employs 27,000 people for recruitment, advertising and public relations, nearly as many as the 30,000-person State Department. Essentially the Pentagon is trying to influence public policy and lobby civilian officials to shift policies toward their own ends while dispersing the costs onto the American taxpayer.

Luckily, it appears that Americans have come to learn that despite the media’s frequent adulation of their uniformed military, the Pentagon operates just like every other bureaucracy in the federal government. According to a poll released earlier this month by Gallup, 72 percent of Americans want Congress to speed up troop withdrawals from Afghanistan. Much like the McChrystal flap from last summer, there is a very fine line between military officials offering their honest opinion and threatening civilian control of the war.

Click here for the full post.

The Pentagon Propaganda Machine Rears Its Head is a post from Cato @ Liberty - Cato Institute Blog

A few developments from a business meeting of the Senate Judiciary Committee held this morning. As I noted last month the new House Intelligence Chair, Rep. Mike Rogers (R-Mich.) has already introduced another one-year straight renewal without modification. Since then, Sen. Pat Leahy (D-Vt.) has introduced a bill that would renew the expiring Patriot Act surveillance provisions through 2013, but with some very basic additional safeguards and oversight requirements—many of which the Justice Department has already agreed to implement voluntarily—including most crucially added constraints and a new sunset for expanded National Security Letter powers, which have already been held at least partly unconstitutional in their current form by federal courts, and which the government’s own watchdogs have already found to be subject to widespread abuse.

Enter Sen. Dianne Feinstein (D-Calif.), chair of the Senate Intelligence Committee, who played a key role in killing the same mild reforms last year. She’s already introduced legislation of her own, which would provide for an extension through the end of 2013, without any modifications, of not only the provisions set to expire this year, but also the highly troubling FISA Amendments Act, which in effect legalized the Bush administration’s illicit programmatic wiretapping with an added sliver of judicial oversight. Even this was not quite enough for Sen. Chuck Grassley (R-Iowa), who announced he would introduce a bill making the expiring provisions permanent—effectively removing an important impetus to continuing oversight.

Feinstein, interestingly, purported to be theoretically supportive of Leahy’s reformist impulses, but argued that the “time crunch” created by the end-of-February sunset deadline makes this the wrong time to consider reforms. (In order to hurry things up, a Hill contact tells me, Feinstein’s bill will be fast-tracked to the floor under Senate Rule 14, circumventing the committee process.) This really makes very little sense. Leahy’s bill is essentially the same proposal reported out favorably by a bipartisan Judiciary Committee majority; the point of doing a one-year reauthorization in 2010 was supposedly to allow Congress to consider reform alternatives in the interim. Moreover, the Justice Department has already effectively agreed to accept the reforms that bill contains. If there’s nevertheless a need for further deliberation, Congress can do exactly what it did last time around and extend the sunset by a few weeks or months to allow for additional debate.

The time constraints here are wholly of Congress’ own making. And while the Leahy bill doesn’t go far enough by any means, there is just no good excuse to delay at least the beginning of needed reforms any further.

A Patriot Update is a post from Cato @ Liberty - Cato Institute Blog

Shortly after unveiling a new uranium enrichment facility, North Korea has shelled a disputed island held by the Republic of Korea.  A score of South Koreans reportedly were killed or wounded.

These two steps underscore the North’s reputation for recklessness.  Unfortunately, there is no easy solution: serious military retaliation risks full-scale war, while intensified sanctions will have no impact without China’s support.

Instead, the U.S. should join with the ROK in an intensive diplomatic offensive in Beijing.  So far China has assumed that the Korean status quo is to its advantage.  However, Washington and Seoul should point out that Beijing has much to lose if things go badly in North Korea.

The North is about to embark on a potentially uncertain leadership transition.  North Koreans remain impoverished; indeed, malnutrition reportedly is spreading.  With the regime apparently determined to press ahead with its nuclear program while committing regular acts of war against the South, the entire peninsula could go up in flames.  China would be burned, along with the rest of North Korea’s neighbors.

The U.S. also should inform Beijing that Washington might choose not to remain in the middle if the North continues its nuclear program.  Given the choice of forever guaranteeing South Korean and Japanese security against an irresponsible North Korea, or allowing those nations to decide on their own defense, including possible acquisition of nuclear weapons, the U.S. would seriously consider the latter.  Then China would have to deal with the consequences.

Beijing’s best option would be to join with the U.S. and South Korea in offering a package deal for denuclearization, backed by effective sanctions, meaning the cut-off of Chinese food and energy assistance.  Otherwise, Beijing might find itself sharing in a future North Korean nightmare.

Beijing Key in Controlling North Korea’s Recklessness is a post from Cato @ Liberty - Cato Institute Blog

A new post on the TSA blog gets the logic behind the strip/grope combination correct.

[I]f you’re selected for AIT and choose to opt-out, we still need to check you for non-metallic threats. That’s why a pat-down is required. If you refuse both, you can’t fly.

Any alternative allows someone concealing something to decline the strip-search machine, decline the intimate pat-down, and leave the airport, returning another day in hopes of not being selected for the strip-search machine. The TSA reserves the right to fine you $11,000 for declining these searches.

So the question is joined: Should the TSA be able to condition air travel on you permitting someone to look at or touch your genitals?

I’ve argued that the strip/grope is security excess not validated by risk management. It’s akin to a regulation that fails the “arbitrary and capricious” standard in adminstrative law. But the TSA is not so constrained.

The Security Logic Clarifies the Question is a post from Cato @ Liberty - Cato Institute Blog

The Washington Post has a poorly thought through editorial today on the Justice Department’s “CALEA for the Cloud” initiative. That’s the formative proposal to require all Internet services to open back doors to their systems for court-ordered government surveillance.

“Some privacy advocates and technology experts have sounded alarms,” says the Post, “arguing that such changes would make programs more vulnerable to hackers.”

Those advocates—of privacy and security both—are right. Julian Sanchez recently described here how unknown hackers exploited surveillance software to eavesdrop on high government officials in Greece.

“Some argue that because the vast majority of users are law-abiding citizens, the government must accept the risk that a few criminals or terrorists may rely on the same secure networks.”

That view is also correct. The many benefits of giving the vast majority of law-abiding people secure communications outstrips the cost of allowing law-breakers also to have secure communications.

But the Post editorial goes on, sounding in certainty but exhibiting befuddlement.

The policy question is not difficult: The FBI should be able to quickly obtain court-approved information, particularly data related to a national security probe. Companies should work with the FBI to determine whether there are safe ways to provide access without inviting unwanted intrusions. In the end, there may not be a way to perfectly protect both interests — and the current state of technology may prove an impenetrable obstacle.

The policy question, which the Post piece begs, is actually very difficult. Would we be better off overall if most or all of the information that traverses the Internet were partially insecure so that the FBI could obtain court-approved information? What about protocols and communications that aren’t owned or controlled by the business sector—indeed, not controlled by anyone?

The Tahoe-LAFS secure online storage project, for example—an open-source project, not controlled by anyone—recently announced its intention not to compromise the security of the system by opening back doors.

The government could require the signatories to the statement to change the code they’re working on, but thousands of others would continue to work with versions of the code that are secure. As long as people are free to write their own code—and that will not change—there is no way to achieve selective government access that is also secure.

The current state of technology, thankfully, is an impenetrable obstacle to compromised security in the interest of government surveillance. The only conclusion here, which happily increases our security and liberty overall, is that everyone should have access to fully secure communications.

Unclear on Internet Security and Surveillance is a post from Cato @ Liberty - Cato Institute Blog

Bloggers have already noted the most glaring problems with Arthur Brooks, Edwin Feulner and Bill Kristol’s Monday Wall Street Journal op-ed, “Peace Doesn’t Keep Itself,” which worries that conservatives are figuring out that trying to run the world is not conservative.

The op-ed pretends that the fact that defense spending isn’t the largest cause of the deficit means it isn’t a cause of the deficit. It obscures the fact that we spend more on defense than we did in the Cold War by counting the defense budget as a portion of the economy without noting the latter has grown faster than the former.

So I can limit myself to less obvious angles. The first is that neoconservatives like Kristol are for increasing the defense budget no matter what. For them the military is basically an expression of national awesomeness (to use an academic term). Enemies and other details, like what we spend already, come up mainly in the justification phase.

In 2000, when U.S. defense spending was nearly $180 billion lower than today—excluding the wars and adjusting for inflation—Bill Kristol and Robert Kagan wanted to increase defense spending by $60 to $100 billion a year. After September 11, they called for a “large” and “substantial” increase. Having got that and then some, Kristol, at least, wants even more. The neoconservative appetite for military spending is insatiable because their militarism is.

Second, I want to pick on one point the op-ed makes because it is both wrong and widely believed: “Global prosperity requires commerce and trade, and this requires peace. But the peace does not keep itself.”

There are really two theories there. First, commerce requires general peace in supplier nations and military protection of supply lines. Second, only the United States can provide both. There is some evidence for these claims in a long-running correlation. Since World War II, U.S. military hegemony has coincided with explosive growth in global trade. So it’s easy to see how people assume causation. But as Chris Preble and I argue in the Policy Analysis that we just released, “Budgetary Savings from Military Restraint,” the causal logic here is weak. It overstates the U.S. military’s contribution to global stability and trade and the trouble that instability causes us.

The first theory is right in the sense that nations devastated by war ultimately lose purchasing power, which is bad for their trade partners. But in the meantime, warring countries typically need a lot of imports. They also generate capital for armies by selling goods abroad. For that reason, the Iranians and Iraqis kept pumping oil during their war. Wars do not simply shut down trade.

The argument for policing peacetime shipments is even worse, as I explain in a guest post I did yesterday for the Stimson Center’s revamped defense budget blog. As I note there, we do not really protect shipments now. A tiny minority get naval protection. Thus primacists tend to argue that what matters is not defending trade but the ability to do so, which deters malfeasants from harassing it or building capability to do so. But that argument gives the game away. You don’t need to do it in good times to do it in bad times.

What happens the day after we tell our Navy to stop sailing around in the name of protecting commerce? Who interrupts shipments? Would Iran start charging tolls at the Strait of Hormuz or China in the South China Sea? I say no because they know that we can force access and because there are plenty of ways to retaliate, including blockading those countries.

A more plausible claim is that some states would increase naval spending to police their own shipping. That seems like a good thing. Sometimes people say that such burden-sharing could set off a naval arms race that causes a war, say between India and China. I suppose that is possible, but naval arms races have caused few, if any, wars.

Let’s say our ability to buy some good from some area is cut off, either by instability at the source or en route. The likely outcome is supply adjustment, not supply failure. Generally another supplier takes the orders and prices adjust. That is particularly true as globalization links markets and increases supply options. It is when you have only one potential supplier that you really need to police delivery.

If you believe that military hegemony protects peacetime shipments, you could argue that it distorts price signals by shifting a portion of the good’s cost to federal taxes. Because I don’t believe that we are propping up prices in most cases, I say that what primacists are really selling is an attempted but failed subsidy to consumption of goods, including oil.

Oil is a special case because price shocks caused by supply disruption have in the past caused recessions. However, economists argue that the conditions that allowed for this problem have changed. One change is the reduced burden energy costs now impose on U.S. household income. Others disagree, but if they are right, that is why we have public and private reserves.

You can read more of what we think of about the idea that only we can keep the peace among states in the Policy Analysis or in the stuff Cato scholars have been pumping out for years. I will just say here that primacists ignore all the history contradicting the idea that only hegemons create a stable balance of power and the many rivals that formed stable balances of power without an hegemon taking a side.

International stability and world trade would be OK without our nation trying to use our military to provide them. If you don’t believe me, you might read one of these three papers by Eugene Gholz and Daryl Press. I took a lot of this from them.

Actually We Aren’t Running the World is a post from Cato @ Liberty - Cato Institute Blog

Bruce Schneier has a typically good essay on the use of “worst-cases” as a substitute for real analysis. I noticed conspicuous use of “worst-case” in early reporting on the oil spill in the Gulf. It conveniently gins up attention for media outlets keen on getting audience.

There’s a certain blindness that comes from worst-case thinking. An extension of the precautionary principle, it involves imagining the worst possible outcome and then acting as if it were a certainty. It substitutes imagination for thinking, speculation for risk analysis and fear for reason. It fosters powerlessness and vulnerability and magnifies social paralysis. And it makes us more vulnerable to the effects of terrorism.

Worst-case thinking—the failure to manage risk through analysis of costs and benefits—is what makes airline security such an expensive nightmare, for example. Schneier concludes:

When someone is proposing a change, the onus should be on them to justify it over the status quo. But worst case thinking is a way of looking at the world that exaggerates the rare and unusual and gives the rare much more credence than it deserves. It isn’t really a principle; it’s a cheap trick to justify what you already believe. It lets lazy or biased people make what seem to be cogent arguments without understanding the whole issue.

It’s not too long for you to read the whole thing.

Are You Substituting Worst-Case Thinking for Reason? is a post from Cato @ Liberty - Cato Institute Blog

CEI’s Alex Nowrasteh has a commentary on Townhall.com illustrating how restrictive immigration policies confound security. Twenty-three Somalis with suspected ties to an Islamist group were mistakenly released from a Mexican prison last January, and their whereabouts now are unknown. He continues:

Forcing immigrants underground creates an enormous black market where terrorist activities and serious crimes can continue undetected. If legal immigration were much easier, the American government would know who was entering the country and do a better job in screening out criminals and suspected terrorists.

I’m leery of touting terror threats for any reason beyond alerting the public to information they can use for national and self-protection. A small group of possible terrorists in Mexico is far from doing any significant harm and not particularly worrisome.

But this story illustrates how the border security that matters gets harder—and how much tax money gets wasted—when our policies make legal immigration difficult or impossible. The government is preoccupies with workers made minor criminals by their extraordinary efforts to improve their and their families’ circumstances.

Restrictive Immigration Policies Confound Security is a post from Cato @ Liberty - Cato Institute Blog

I wrote some posts a few months ago (1, 2, 3) about the difficulty of discovering and preventing essentially random events like the Fort Hood shooting. I was pleased by the compliment security guru Bruce Schneier paid them in his recent post, “Small Planes and Lone Terrorist Nutcases.” (Such happy subject matter we get to write about!)

Now comes Radley Balko with a great column illustrating what you get when authorities try to “get ahead” of this problem. “Pre-Crime Policing” tells the story of a gun buyer who had been tagged with the adjective “disgruntled.” A SWAT team appeared on his property, police tricked him into surrendering for a mental evaluation, they illegally entered his home, and they seized his guns.

Says the victim of these invasions, “South Oregon is big gun country. If something like this can happen here, where just about everyone owns a gun, it can happen anywhere.”

Especially if we ask law enforcement to prevent random violence.

How to Prevent a Fort Hood Shooting is a post from Cato @ Liberty - Cato Institute Blog

The state of Nevada is one of few that is tripping over itself to comply with the REAL ID Act, the U.S. national ID law.

It’s worth taking a look at the sample license displayed in this news report, especially the gold star used on the license to indicate that it is federally approved.

The reasons for “improving” drivers’ licenses this way are complex. The nominal reason for REAL ID was to secure the country against terrorism. The presence of a gold star signals that this the card bears a correct identity and that watch-list checking has ensured the person is not a threat.

Don’t be too thrilled, though. The weakness of watch-listing was demonstrated again by the Christmas-day attempt on a Northwest airlines flight. The underpants bomber wasn’t listed, so checking his name against a watch-list didn’t do anything.

The real reason for REAL ID, though, was anti-immigrant fervor. If the driver licensing system distinguished between citizens and non-citizens, the theory goes, possession of a driver’s license can be used to regulate access not just to driving, but to working, financial services, health care, and anything else the government wants. Illegal presence in the country could be made unpleasant enough that illegal immigrants would leave.

Alas, human behavior isn’t that simple. If ‘driven’ to it—(I had to…)—people will get behind the wheel without licenses—and without the training that comes with licensing. Then they’ll crash. When the governor of New York briefly de-linked driver licensing and immigration status in 2007, he cited public safety and the likelihood that insurance rates would fall, to the benefit of New Yorkers. (When the state of New Mexico de-linked driver licensing and immigration status, uninsured vehicle rates in the state dropped from 33 percent to 17 percent.) But the governor suffered withering criticism from anti-immigrant groups and quickly reversed course.

Like linking immigration status and driving, linking immigration status and work through an ID system imposes costs on the law-abiding citizen. Complications and counterattacks raise costs on workers and employers while reducing the already small benefits of such programs. I articulated those in my paper on employment eligibility verification.

REAL ID transfers well-being and wealth from individuals to the state.

But let’s return to this gold star…

The article says that the Nevada ID is becoming one of the hardest in the country to forge. But it’s hard to be sure. The gold star may undermine the anti-forgery goal.

Forgery is the making or altering of a document with the intent to defraud or deceive. The question is not whether the whole document can be made—I’m sure the new Nevada license is bristling with security doodads—it’s whether a document can be made to deceive.

Watch for the people who check licenses to fall into the habit of checking the gold star and taking that as evidence that the document is “good.” By a small but relevant margin, ID checkers will forget to compare the picture on the license to the face of the person presenting it. (Gold star? Go.) Putting a gold star on the license may make forgery easier. It’s not about the technical feasibility of creating the card; it’s how to fool people.

But this gold star. It will be taken as a shorthand for “citizen.” There are examples from the past in which governments used symbols to assign status to populations. It’s easy to go overboard with such comparisons, but the Nevada license, with this gold star, takes a dramatic step toward carving the population into groups—groups that can be divided. Maybe soon two stars will be for military veterans, or people licensed to own firearms. Three stars could be for elected officials.

With this gold star system, a Nevada license-holder is a little less of a free, independent person with rights and privileges based on individual merit. A Nevadan becomes an undifferentiated status-holding subject. We’re a long way from the day when the “gold star” people are assigned to better rail cars, but the idea is that it should never happen. We should reject entirely the tools that could allow the government to do that.

Symbols, Security, and Collectivism is a post from Cato @ Liberty - Cato Institute Blog

The story that images of a film star produced by whole-body imaging were copied and circulated among airport personnel in London are a little too good to be true for critics of the technology. It may yet be proven a joke or hoax, and airport officials are denying that it happened, saying that it “simply could not be true.”

But if Bollywood star Shah Rukh Khan was exposed by the technology, it validates more quickly than I expected the concern that controls on body scanning images would ultimately fail.

Here’s how I wrote about the fate of domestic U.S. proscriptions on copying images from whole-body imaging machines in an earlier post:

Rules, of course, were made to be broken, and it’s only a matter of time — federal law or not — before TSA agents without proper supervision find a way to capture images contrary to policy. (Agent in secure area guides Hollywood starlet to strip search machine, sends SMS message to image reviewer, who takes camera-phone snap. TMZ devotes a week to the story, and the ensuing investigation reveals that this has been happening at airports throughout the country to hundreds of women travelers.)

I have my doubts that this incident actually happened as reported, but it is not impossible, and over time misuse of the technology is likely. That’s a cost of whole-body imaging that should be balanced against its security benefits.

I Told You So? is a post from Cato @ Liberty - Cato Institute Blog

Yesterday’s bombshell announcement that Google is prepared to pull out of China rather than continuing to cooperate with government Web censorship was precipitated by a series of attacks on Google servers seeking information about the accounts of Chinese dissidents.  One thing that leaped out at me from the announcement was the claim that the breach “was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.” That piqued my interest because it’s precisely the kind of information that law enforcement is able to obtain via court order, and I was hard-pressed to think of other reasons they’d have segregated access to user account and header information.  And as Macworld reports, that’s precisely where the attackers got in:

That’s because they apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press.

This is hardly the first time telecom surveillance architecture designed for law enforcement use has been exploited by hackers. In 2005, it was discovered that Greece’s largest cellular network had been compromised by an outside adversary. Software intended to facilitate legal wiretaps had been switched on and hijacked by an unknown attacker, who used it to spy on the conversations of over 100 Greek VIPs, including the prime minister.

As an eminent group of security experts argued in 2008, the trend toward building surveillance capability into telecommunications architecture amounts to a breach-by-design, and a serious security risk. As the volume of requests from law enforcement at all levels grows, the compliance burdens on telcoms grow also—making it increasingly tempting to create automated portals to permit access to user information with minimal human intervention.

The problem of volume is front and center in a leaked recording released last month, in which Sprint’s head of legal compliance revealed that their automated system had processed 8 million requests for GPS location data in the span of a year, noting that it would have been impossible to manually serve that level of law enforcement traffic.  Less remarked on, though, was Taylor’s speculation that someone who downloaded a phony warrant form and submitted it to a random telecom would have a good chance of getting a response—and one assumes he’d know if anyone would.

The irony here is that, while we’re accustomed to talking about the tension between privacy and security—to the point where it sometimes seems like people think greater invasion of privacy ipso facto yields greater security—one of the most serious and least discussed problems with built-in surveillance is the security risk it creates.

Surveillance, Security, and the Google Breach is a post from Cato @ Liberty - Cato Institute Blog

• Nat Hentoff reports on racism in Cuba.

• Federal judge dismisses charges against Blackwater guards over the killing of 17 in Baghdad. David Isenberg: “The fact that the Blackwater contractors are not getting a trial will only serve to further increase suspicion of and hostility towards security contractors. It is going to be even more difficult for them to gain the trust of local populations or government officials in the countries they work in.”

• New report shows state and local government workers have higher average compensation levels than private workers.

• Podcast: “Televising and Subsidizing the Big Game” featuring Neal McCluskey. “Everybody should watch the National College Football Championship because whether you’re interested or not, you are paying for it,” he says.

Wednesday Links is a post from Cato @ Liberty - Cato Institute Blog

Terrorism presents a complex set of security problems. That’s easy to see in the welter of discussion about the recent attempted bombing on a plane flying from Amsterdam into Detroit. The media and blogs are poring over the many different security systems implicated by this story. Unfortunately, many are reviewing them all at once, which is very confusing.

Each security system aimed to protect against terror attacks and other threats involves difficult and complex balancing among many different interests and values. Each system deserves separate consideration, along with analysis of how they interact with one another.

A helpful way to unpack security is by thinking in terms of “layers.” Calling it security “layering” is a way of describing the many different practices and technologies that limit threats to the things we prize. (It’s another lens on security, compatible with the risk management framework I laid out shortly after the Fort Hood shooting.)

Let’s think about some of the security layers deployed to protect people on airplanes against someone like the individual who sought to bomb this flight into Detroit. There are many different security layers. Examining how they worked or failed positions us to tune our security systems better for the future.

It would make sense to start with the security measure that ultimately ceased the attack—human intervention—and move out layer-by-layer from there. But we should actually start by pondering what course events might have followed if the attack hadn’t been thwarted when it was.

The design of airplanes is a security layer that this event did not implicate. Few people are aware that planes are designed to survive damage—even significant damage—and still remain aloft. The seat assignment of this would-be bomber comes into play here, of course. Did he seek out a seat along the wing intending to damage fuel tanks, or was it just a chance assignment? We don’t know yet.

Depending on how events might have unfolded in the event of an actual blast, various other layers may have come into play: pilot training, other design elements of the plane like redundant controls, availability of first aid equipment, flight crew training, and so on.

The good news—worth stating again because much commentary overlooks it—is that this plot failed.

The security layer we credit most for its failure is the direct intervention of other passengers. People who discuss only government programs or policies overlook an important, forceful, and highly adaptive security layer: empowered individuals. We should not prefer to rely on this kind of human intervention, of course—it kicks in far too late for comfort. But it is there, and in this case it worked.

Next, there is weapons detection. The consensus is strong that this layer failed, but this layer did some work, which also shouldn’t be overlooked.

To get it past anticipated security checks, the “bomb” had to be modified in a way that ultimately reduced it to a far less dangerous incendiary device. It wasn’t human intervention alone, but the combination of the weapons detection layer and the human layer that foiled the plot.

Nonetheless, given the consensus that weapons detection failed outright, it is likely that millimeter wave scanning (aka “strip-search machines”) will see broader adoption in air security, trumping privacy concerns that had dealt it some setbacks.

Another layer—more clearly a failure—was the watch list/no-fly list system (or systems). Watch-lists are porous when they’re at their best: They can only catch people already known to be threats, and then only those who are accurately identified at the airport.

Secretary Napolitano originally said that there wasn’t specific derogatory information to justify placing this person on a no-fly list, but unfolding reporting suggests that this was not the case. I agree that watch-listing failed, but I struggle to imagine how it could actually succeed. What general rule, administered on the scale required, could properly deny boarding to genuine attackers without unacceptably denying travel to thousands and thousands of non-attackers every year? Making sense of watch-listing is difficult, and it’s no surprise to me that this security layer failed.

A sibling layer is visa management. Unlike the last-minute decision whether or not to allow a person onto a plane, visa applications can be examined with some leisure, using not only lists of derogatory information but also information gathered from applicants and other sources.

Foreign nationals have no right to enter the United States, and the decision to exclude people seems well placed at this layer compared to last-minute use of watch-lists or no-fly lists.  By comparison to authorities in the UK, who evidently excluded him, it appears to have been error to allow the Detroit bomb plotter to have kept his U.S. visa. This is yet another security issue deserving investigation.

Other security layers, of course, include whatever intelligence  might have been picked up in Yemen and whatever actions might have been taken in light of it.

Are there more layers of security to examine? Undoubtedly there are.

One of interest to me might be called the “strategic layer”—steps to deny terrorists the strategic gains they seek. It is unclear what goal, if any, the Detroit bomb plotter had, but  U.S. National War College professor of strategy Audrey Kurth Cronin identifies a number of “strategies of leverage” terrorism seeks to exploit.

Terrorists are weak actors, unable to muster conventional forces that threaten a state directly. So they try to use the power of the states they attack to achieve their aims. Provocation is an example—getting a state to overreact and undercut its own legitimacy. Polarization is another: Most often in domestic contexts, terror attacks can drive wedges among different ethnic, religious, or cultural groups, destabilizing the state and society.

Mobilization is the strategy of leverage most likely at play here—seeking to recruit and rally the masses to a cause. There’s no argument that this alienated loner is an articulate strategist, of course, but his attack could signal the importance of terrorism to a worldwide audience, making terrorism more attractive to opponents of U.S. power.

Even a failed attack could send such a signal if U.S. government authorities allow it. I wrote in an earlier post how their reactions will dictate the “success” or “failure” of this attack as terrorism.

As to the strategic layer, I believe that, amid programmatic and policy failures, President Obama is due credit for his handling of communications. It was very pleasing to see a Washington Post story Monday headlined: “Obama Addresses Airline Security in Low-Key Fashion.” He is obligated to respond to domestic demands for communication, of course, but declining to exalt terrorism and this incident should not earn him demerits. It should earn him applause.

The alternative—hustling the president of the United States in front of cameras to make incautious statements—would send an unfortunate signal to the world: Any young man, from anywhere across the globe, can poke the president of the United States in the eye, even if his attack on a U.S. target fails. Such a message would invite more terrorist acts.

Attacks not mounted aren’t measured, of course, but attacks would likely increase if it appeared that attacking the U.S. and its interests could visibly fluster the U.S. president. The discipline shown by the White House during this event is an important contribution to our security from the next attack. Politicians beneath President Obama’s grade should take a lesson and control their reactions as well.

Next, I hope to see communications that subtly and appropriately portray the underwear bomb plotter as the loser that he is. I have declined to use his name, because this wretch should go namelessly to oblivion. And I am pleased to see that U.S. authorities have released an image of his underwear, half-suspecting that this was done to help make his legacy the indignity of being beaten by Americans and having his underwear displayed to the world. 

I am also pleased to see him called the “underwear bomber” in some news reports. I would call him the “underwear bomb plotter” because he only managed to light a fire. This is not to trivialize the attack, but to diminish the standing of the person who committed it. People around the world who might consider terrorism are watching how we react to this event, and I want no one to believe that following in the footsteps of the underwear bomb plotter is a good idea.

Let’s also observe that the plane he would have brought down bore innocent women and children. Among them likely were many good Muslim people. Had he succeeded, he would have added to the count of orphaned children in the world. This is not someone to emulate, and official communications should be sounding these themes if they aren’t already.

Given how difficult it is to physically foreclose all vectors of attack while maintaining our society as open and free, strategic communications like this—to deny terrorists the rhetorical gains they seek from us—are very important. Portraying this person as a wrongheaded failure is part of the strategic layer in our security, far preferable to treating him as a diabolical anti-hero.

This incomplete discussion is intended only to illustrate the many different security layers at issue in the underwear bomb plot. Thoughtful readers will undoubtedly find gaps and misstatements in this discussion based on more precise facts and better technical or programmatic knowledge than I have.

Thankfully, we have an opportunity to learn about our security from this failed attack. Had it succeeded, it appears that our society remains ill-equipped to maintain an even keel. The intensity of commentary and analysis on this event shows that a successful terrorist would likely knock us off our game. The impulse to do something—anything—would overwhelm us, and we would likely overreact by retaliating imprecisely, by pouring our energy into security measures that don’t actually work, and so on. Such missteps are congenial to terrorism, and we should try to avoid them.

Terrorism and Security Systems is a post from Cato @ Liberty - Cato Institute Blog