Privacy, Security & Government Surveillance

Today and tomorrow, the Federal Trade Commission is conducting a “town hall” meeting on privacy issues and behavioral advertising. Except for ideas being floated that might be actually harmful, this thing should be ignored.

First of all, I always find it a little bit annoying when a federal agency holds what are essentially legislative hearings. There is a Congress – it’s authorized in Article I of the U.S. Constitution. If an issue is important enough to be the subject of national policy, the Congress should look at it, not a federal agency. After all, the federal bureaucracy isn’t listed in the Constitution until . . . um . . . oh! It’s not mentioned in the Constitution at all!

But if you don’t care about government conforming to the rule of law, this issue – ‘behavioral advertising’ – is something like ten years old. Behavioral advertising is just trying to learn Web surfers’ interests and serve them advertising that meets those interests. There are privacy issues there, but they’re not new, or even terribly interesting. One can’t help but assume that the bureaucrats and lobbyists involved in this thing are churning the issue just to maintain their own relevance and budget.

The privacy issues that matter – they did ten years ago, but much more so now – are about privacy from government. Sure, data collected by the private sector can be taken by the government, but that is not a reason to retard the private sector. It demands controls on the government.

Then there are the affirmatively bad ideas. A group of the usual suspects have submitted a proposal for a “Do Not Track” list to the Federal Trade Commission, modeled on the popular “Do Not Call” list that was implemented a few years ago.

The analogy between this two is . . . well, there’s no analogy. “Do Not Call” actually promotes seclusion more than true privacy (which, in its strongest sense, is control of information). The concern with Web tracking is control.

Because of the disanalogy, this kind of thing would not get uptake like Do Not Call did. Tracking is not annoying, so lots of consumers don’t know about it – and therefore aren’t annoyed by it.

Reducing tracking would mean reducing the value of advertising, which would impede Web publishing and the provision of Web services. Shrinking the utility of the Internet does not seem like a good idea.

Then there’s the stuff from the unintended consequences file. A “Do Not Track” infrastructure would easily be converted to censorship, a colleague of mine suggested to me today. And Congress has never seen an Internet censorship law that it wouldn’t pass.

This whole thing is more dumb than dangerous, but I think we’re due a tax refund, and a number of Internet companies could probably downsize their government relations staffs and spending.

Update: Writing earlier, I declined to deride having a “town hall” meeting at a federal agency conference room in Washington, D.C., but just now they began a “roundtable” discussion with panelists seated at a row of square tables facing the audience. What’s the next fiction? That the attendees are “the American people”?

I’m a little slow on this, but I’ve finally had a chance to read through Rush Holt’s alternative to the House leadership’s (now shelved) FISA bill, and it’s a real breath of fresh air. It increases executive power in two relatively modest ways: by allowing domestic interception of foreign-to-foreign communications without a warrant and extending the deadline for getting after-the-fact “emergency” warrants from 3 to 7 days. The rest of the legislation is focused where this debate should have been focused from the outset: on ensuring that the executive and judicial branch actually have the resources required to do their job without sacrificing anyone’s civil liberties. It increases the number of judges on the FISA court, authorizes the DNI and the attorney general to hire more lawyers to fill out warrant requests, and requires that the FISA court decide on warrant requests within 24 hours.

Notably, unlike the House Democrats’ RESTORE Act, the Holt bill does not require the executive branch to file a blizzard of quarterly reports on all aspects of its surveillance activities. (It does require the president to immediately disclose to Congress what programs are already being undertaken) It doesn’t require them because they aren’t needed: individualized warrant applications are a much more reliable check on executive branch abuses. The RESTORE Act, in contrast, gave the executive branch much broader discretion to engage in warrantless wiretaps when one end of a call was overseas, and the reporting process was essentially a stopgap to paper over that deficiency.

In a sane world, the Holt bill would be the reasonable compromise between a White House that wanted more authority and liberal Democrats who are wary of a White House with a dismal civil liberties record. Instead, we live in a bizarro world in which the Democrats’ initial offer is significantly more permissive, and the White House is complaining that even that doesn’t give them nearly enough power.

I imagine New York Governor Eliot Spitzer wishes he never stepped in the driver’s license issue. His original decision to use the New York driver’s license as a driver’s license rather than an immigration enforcement tool was correct. But it was met with caterwauls of derision by the virulent anti-immigrant crowd. He backed down and committed his state to the federal REAL ID Act, a national ID scheme that is basically in collapse.

In an interview on CNN this morning, I think he revealed how he intends to split the difference. Describing the two kinds of licenses he intends to have in the state beyond the passport card (for “Buffalo and along the Canadian border”), he said:

A Real ID license that people will get if they want to have perhaps an easier time at an airport. Another one if you already have a passport. You will not need to pay the extra fees, et cetera. So, two separate licenses. Both valid, both legitimate.

My read of that is that he will not encourage New Yorkers to get REAL ID-compliant licenses. Those will cost more and be more difficult to get, so perhaps the majority of New Yorkers won’t have them. They will use passports for those rare “U.S. government purposes.”

Though he blew it when he caved to the anti-immigrant groups, Governor Spitzer is right to suggest that New Yorkers wanting a REAL ID-compliant license should pay the full cost of getting one.

Especially when a significant number of New Yorkers decline to go the REAL ID route, the cost per card will be enormous and, ultimately, I doubt that New York will actually implement REAL ID. When the governor and state legislature discover the cost of what he’s committed them to, they’ll get together on declining to participate in the national ID system.

Update: Here’s an article roughly confirming my thesis about Spitzer’s strategy.

Wow. A brief 36 days is all it took New York Governor Eliot Spitzer (D) to abandon his stance on driver licensing and New Yorkers’ public safety. As I wrote at the time, Spitzer got it right when he announced that he would de-link driver licensing and immigration status because of the safety benefits to the state’s drivers.

But shrill attacks from anti-immigrant groups came fast and furious. A small group of 9/11 victims’ family members, grief curdled into hatred of immigrants, regularly bandy fear and their loved ones’ memories for political purposes. And they did so with relish when Spitzer announced his plan. It’s crassness that one would expect a New York pol to stare down.

But Spitzer, unable to withstand the heat, seems to have gone scrambling for an out. The New York Times reports that Spitzer will team up with DHS officials today to announce New York’s planned compliance with the REAL ID Act. It requires proof of legal presence to get a compliant license.

This a flat out reversal of the position Spitzer took just over a month ago. The justification he gave – correctly – for de-linking licensing and immigration status was New Yorkers’ safety. With driver licensing treated as an immigration enforcement tool, illegals don’t get licensed, don’t learn the rules of the road or basic driving skills, and don’t carry insurance. When they cause accidents, they flee the scene, leaving injured and dead New Yorkers and causing higher auto insurance rates. As I noted a few weeks ago during his brief flirtation with principle and fortitude, “Spitzer is not willing to shed the blood of New Yorkers to ‘take a stand’ on immigration, which is not a problem state governments are supposed to solve anyway.”

He may try, but Spitzer can’t honestly claim that he’s being consistent. New York’s compliance with REAL ID, were it actually to materialize, would put REAL ID compliant cards in the hands of citizens and make New York driver data available to the federal government. Thus, possession of a non-REAL-ID-compliant license would be tantamount to a confession of illegal status. Thanks to Spitzer’s flip-flop, illegal aliens will now recognize that getting a license merely provides federal authorities the address at which to later round them up for deportation.

Needless to say, they’re not going to get licenses, and the safety benefits Spitzer correctly sought for New Yorkers just 36 days ago will not materialize. The result is what’s known in regulatory circles as risk transfer. There will be more injuries on New York’s roadways so that the U.S. can have a national ID system. Alas, the security benefits of that system, as I showed in testimony to the Senate Judiciary Committee, are negative.

I was impressed and surprised by how right Spitzer had gotten it when he delinked driver licensing and immigration status in New York. I’m once again impressed, but in a much different way, by how quickly he went scampering away from this good policy. The reactionary critics of his policy obviously really got to him.

Update: The ACLU has issued a release slamming Spitzer’s decision.

Update II: The ACLU has blogged it up too.

Over at Ars, I have a new article pointing out that there’s probably an inverse relationship between the number of people on the government’s various terrorist-suspect lists (the GAO just reported that there are now 750,000 people on the largest “watch” list) and the effectiveness of those lists. There can’t be anywhere close to three-quarters of a million terrorists in the world, so all a list that size accomplishes is to dilute law enforcement and intelligence resources and ensure that the real terrorists won’t get the required scrutiny.

I also argue that while there’s a pretty good argument for an international watch list, it’s awfully hard to justify using such a list domestically:

If government officials have concrete evidence that an American person is engaged in terrorist-related activities, then the government should be doing a lot more than putting that individual on a no-fly list. They should be actively investigating the individual, tapping his phone, reading his email, monitoring his financial transactions, and generally gathering the evidence required to either clear his name, deport him, or arrest him. If, on the other hand, the government doesn’t have enough evidence of terrorist ties to justify starting an investigation against an individual, then it’s unreasonable, not to mention a waste of law enforcement resources, to ban him from flying on airplanes or subject him to heightened scrutiny every time he goes to an airport. The sheer number of people on the selectee list and the high rate of false positives may be one reason that screeners do a legendarily bad job finding simulated weapons in security tests. The resources now spent on screening tens of thousands of selectees—most of whom turn out to be false positives—would be far better spent on additional FBI agents to do in-depth investigations of people with actual terrorist ties.

This argument is, of course, cribbed from my colleague Jim Harper’s excellent book on ID cards and privacy.

I’m a little slow on the draw, but I did a Cato Daily Podcast [MP3] on the wiretapping debate on Monday. Incidentally, as you can see here, Cato’s Daily Podcast is an excellent source for in-depth commentary on a wide range of public policy issues. I listen to it on my way to work and find it invaluable for keeping up with public policy debates outside of tech policy.

Nine U.S. Senators wrote to the Chairman and Ranking Member of the Senate Appropriations Committee this week asking them to protect $50 million allocated to the REAL ID Act in the Department of Homeland Security appropritations bill. This is a clear indication of their support for requiring Americans to carry a national ID card.

Here are the Senators’ names, with links to their home and contact pages:

Robert Casey (D-PA) (contact) John Cornyn (R-TX) (contact) Dianne Feinstein (D-CA) (contact) Chuck Grassley (R-IA) (contact) John Kyl (R-AZ) (contact) Pat Roberts (R-KS) (contact) Charles Schumer (D-NY) (contact) George Voinovich (R-OH) (contact) John Warner (R-VA) (contact)

I’ve written a book, and yesterday testified in Michigan, about why having a national ID would be a bad idea.

I’m not much of a Democratic activist, but I’ll take a swing at Kevin Drum’s question regarding the Democrats’ spinelessness with regard to civil liberties:

When we blogosphere types complain about this weak-kneed attitude, are we complaining because (a) we think the centrists are wrong; they could keep their seats in marginal districts even if they toed the progressive line on national security issues. Or (b) because we don’t care; they should do the right thing even if it means losing next November?

I’m not sure about “the progressive line on national security” in general, but with regard to FISA, I find it awfully hard to believe that telecom immunity is a losing issue for the Democrats. I find it awfully hard to imagine somebody’s Republican challenger running attack ads on the telco immunity issue. I mean, between this, FEMA, Haliburton, and the Blackwater fiasco, the Democrats will have a potent narrative about how the President has put cronyism above the interests of the country. If a Democratic politician can’t at least spin the telco immunity issue to a draw, it’s a miracle he got elected to Congress in the first place.

Now, of course the Republican candidate can still run generic “Rep. Smith hates the troops and loves the terrorists” ads. But as Max Cleland discovered in 2002, Republicans call Democrats soft on terrorism pretty much regardless of how they vote. So I think it’s better to have a clear, easily-explained position on the issue (and “telecom companies should obey the law” seems like a pretty clear position to me) than to curl up into a fetal position and vote with the president on everything related to terrorism in the hope that it will save them.

Spending your life in a defensive crouch simply ensures that the other team gets to define the terms of the debate. The way you win an argument like this is by going on offense. The DCCC should start running ads in swing districts touting the courage of Democratic incumbents in standing up to Pres. Bush and his cronies in the telecom industry. Tie this issue to Haliburton, Blackwater, and “Heck-of-a-job” Brownie’s handling of Katrina. Like those folks, AT&T have sold out your rights in exchange for lucrative government contracts. I guess you’d have to run an ad like that by a focus group before you’d know how effective it was, but surely something like that would work better than the current “cave in and hope they’re nice to us” strategy.

Threat Level offers some safety tips for laptop users accessing public hotspots:

“The most dangerous places to connect are airports, hotels, convention centers,” say Richard Rushing, Chief Security Officer for AirDefense, which does wireless security. “And most people use credit cards there.” Oops. I am hooking up to the San Diego Convention Center’s wireless and paying for with a credit card as he says this. Apparently lots of other people are too because a snicker rings through the workshop here at ToorCon9. By their nature, WiFi hotspots are insecure, he says, though they can be made more secure by using client isolation, which makes it harder to slide up and down the communications links from the server to the client and web. “Client isolation should be turned on but we can still spoof the address or take the address backwards,” he says, noting that Macs are easily spoofed. “Hot spots are really set up for the bad guys,” he says. When Rushing looked at hotspot users, he found 30 percent have no firewalls and 3 percent have active malware they’re inadvertantly introducing to the servers.

This is probably an issue I should have mentioned in my Times piece. It’s true that the risks of sharing your wireless connection are not zero: it does make it the possible for other users on the network to scan your machine for vulnerabilities. However, the tips about public hotspots helps to put that risk in perspective; your laptop is far more likely to encounter someone malicious in an an airport or coffee shop, which is teeming with strangers, than in your home. So if you’re worried about the security risks of sharing your home wireless connection, you should be a lot more reticent about using public access points. The nature of the security risks involved are identical, and the number of potential adversaries is much higher on a public hotspot.