Paul M. Schwartz

(Also published in the San Francisco Chronicle, March 1, 2009.)

How can we, the people, decide if there is too much or too little telecommunications surveillance in the United States? How can we know if law enforcement is using its surveillance capacities in the most effective fashion?

Ideally, we would answer these questions by examining data about government surveillance practices and their results. Sadly, rational inquiry about telecommunications surveillance is prevented by the haphazard and incomplete information that the government collects about its own behavior. Neither the government nor outside experts know the basic facts about our surveillance practices.

A number of regulations permit government to engage in telecommunications surveillance. Yet only one statute, the Wiretap Act, requires relatively thorough data collection about government behavior. Moreover, Congress has done a miserable job of seeing that the Department of Justice supplies it with required information - and the Department of Justice has itself tended to play “hide the ball” with data. Congress has also further muddied the waters in its FISA Amendment Act of 2008, which allows broad immunity to telecommunication companies that participated in the Bush administration’s program of warrantless telecommunications surveillance. This particular issue is now before a U.S. District Court in the Northern District of California in pathbreaking litigation led by the Electronic Frontier Foundation. The Obama administration needs to redesign our system for collecting surveillance information. The twin goals are to minimize the impact of surveillance on civil liberties and to maximize its effectiveness for law enforcement. Congress should develop uniform statistical benchmarks for laws that authorize telecommunications surveillance and enact amendments to these laws.

It should also revisit its granting of telecommunications immunity. Finally, Congress should end the executive branch’s ability to use the state secrets privilege as a categorical bar to litigation. It can do so by enacting the State Secrets Protection Act, a bill before it that would appropriately restrict this privilege.

Paul M. Schwartz is Professor of Law.

Chris Jay Hoofnagle

Identity theft affects millions of Americans annually, and our research points to an increase in incidence of the crime in 2008. Despite the scope and severity of the crime, consumers have few tools to avoid it. For instance, consumers lack information to enable a comparison of banks’ relative performance in preventing identity theft and other frauds. A light touch regulatory approach could spark a revolution in the prevention of fraud if institutions were required to publicly report aggregate statistics describing the number of identity theft incidents suffered or avoided; the forms of identity theft attempted and the financial products targeted; and the amount of loss suffered or avoided. Significant benefits would accrue to consumers, banks, and regulators if basic identity theft reporting were mandated. Such an intervention would have to be made at the federal level, because preemption has reduced states’ role in ensuring consumer protection in financial services. Continue reading…