Archive for the ‘Accountability’ Category.

Protecting Public Employees From Accountability

Mark Tapscott writes:

Legislators in the California Assembly have approved on a 68-0 vote a bill that would exempt multiple categories of state and local government employees from having their names disclosed in public property records, according to Steven Greenhut....

Greenhut, who is vice president of the Franklin Center for Government Public Integrity points out that such a measure has implications far beyond public safety concerns: "Public officials and their family members will be able to hide their identities, which will undermine the reliability of property transactions. Dirty officials will pull off real estate scams without scrutiny," he said.

As it turns out, Arizona has a prohibition from publishing the home addresses of government officials over the Internet.  Which Sheriff Joe Arpaio (who else) has used to try to thwart investigations of his real estate dealings

In 2004, during an election cycle, reporter John Dougherty found that Arpaio had over a million dollars of investments in commercial real estate parcels.  Dougherty asked the question, how does a lifetime public official making $78,000 a year have so much real estate?  Arpaio could have replied that his family was independently wealthy or that he had parlayed his real estate investment from rags to riches.  Instead, Arpaio used an obscure law aimed at protecting the home addresses of government officials to remove access to any public records of his commercial real estate transactions at the same time he removed his home address from these data bases.  Instead of explaining where the money came from, he used his power to cover his tracks.

If passed, this means that California officials can take bribes with impunity, as long as they take these bribes in the form of real estate.

A Paypal Security Hole and Poor Customer Service Judgement that Made it Worse

I have been having problems for a while receiving Paypal payments to my business account.  Today, I received an account notification for someone else's paypal account.  I have received phishing and spoof emails before, but I was pretty sure this one was legit.  I contacted the other person whose account notification I had received (they were horrified at that security breech, by the way), and sure enough, they were honest enough to admit they had been receiving some mystery payments they could not account for, which we quickly determined were mine.  I asked them to check their email addresses on their account, and sure enough, for some reason neither of us could fathom, my email address was listed as a secondary address on their account.  This is the same email that is the primary on my Paypal account, something Paypal claims is impossible.

I asked the other user to not touch it for a minute, and said I wanted to try an experiment.  I called Paypal and got a real person (a slog in and of itself) and described the situation:  I had solid reason to suspect that my email address on my account was on someone else's account as well.  They said that was impossible.  I insisted it might be possible.  Eventually, the customer service agent relented and said they would run a search (I presume they search their data base for my email address and check for multiple hits, an assumption later confirmed by the supervisor).

Well, the customer service agent returned and said "I am happy to tell you your account is fine and no one else has your email address."  She actually said the "happy" thing in a chirpy voice.  I said that now I was REALLY worried, as I had definitive evidence my email is on another account, and if their search programs are not finding the issue, I have no confidence that it is not on more accounts.  After getting nowhere with this, I asked for a supervisor.

I explained all of the above, and the supervisor admitted the first agent did not tell me the whole truth.  She said, "yes, in fact we did find your email on one other account and eliminated it.  The problem was on just that one other account.  We have had this problem a few times and are still trying to figure out why it happens because it should be impossible."  Fine.  But why did the customer service agent feel the need to lie?  I guess technically it was correct for her to report that my email was not on any other account, as they had eliminated the duplications before they took me off hold.  It just seems to be in the institutional nature of organizations to cover their errors and not admit them.

I guess this sort of thing might work with the average computer user who is unsure of his skills and can be convinced that he misunderstands the problem.  And to be fair, all of computer and software customer service seems to work this way, trying to convince users it was their error rather than a bug.  But in my case, knowing for an absolute fact that there was an error, this approach only panicked me more, as I became worried not only with the security hole in their payments system, but with the fact that the company was apparently unaware of the hole and unable to detect it.

The other issue is that I actually think I know how this happened, but neither the agent nor their supervisor took the time to try to get any background information on me that might help them diagnose what is obviously a bug in their system they have been chasing unsuccesfully.  It is a bit like having a mystery epidemic where a disease is spreading via an unknown vector but no one is doing any research into the patients' histories.  Yeah, I know they can't put a priority on every bug fix, but I would assume that for a payments processor a bug that allows money to flow to the wrong person might be of some priority.

Postscript: Not that it matters to any of you, but here is my hypothesis.  I actually had done a transaction with this other user years ago.  This user did not have a paypal account at that time, but one can actually send money via credit card to someone with a Paypal account even if the person sending money does not have an account.  The other user sent me the money with her Visa card from a public terminal, but called me because she could not complete the form because she did not have an email address.  I told her just to plug mine in, and if I got any emails on the transaction I would mail them to her.  Years later, she was more sophisticated and opened up her own Paypal account.  My hypothesis  (really, the only explanation that works) is that at the time she signed up, the Paypal computer went back into its records, found her name from this old transaction, and automatically attached the old email address (mine) from that transaction to the new account as an additional email.  Since this email was not entered via the data entry screen, it bypassed the duplicate email name check which presumably happens at data entry.  It is a back door that allows duplicates in.  I strikes me someone intheir development group might be interested in this hypothesis, since this is one of those bugs it is hard to track down, but no one asked.

Accountability to Forecasts of Doom

Activists are always making exaggerated statements on current problems and extrapolate these into forecasts of doom.  One thing activists really, really hate is when people come back later and hold them accountable for these forecasts.  You can see it as NASA officials squirm and fire off condescension at skeptics who have the temerity to actually check their global warming forecasts against actual temperatures.

If I had a newspaper, I'd have a special regular feature where I dig back 10-20 years in my archives to find such forecasts of doom and check them against reality  (actually, if I had a paper, I would not allow activist's press releases to show up virtually unedited as "news" stories, but that is another matter).  Heck, I could have a regular feature just reality-checking old Paul Ehrlich forecasts.

Well, I don't have a newspaper, but I do have a blog, and this is a new feature I am working on.  I am still trying to play with various search engines and news libraries (such as the NY Times) to see if I can come up with some kind of query format that efficiently digs up such predictions that are at least 10 years old.  I am still a little stumped on this, but I am working on it.

But, as a sort of beta-test of the feature, one such comparison fell into my lap today.  I remember my feminist wife reading a book published in 1994 called "Failing at Fairness."  This work was a big, big deal at the time.  Media such as the NY Times fawned on it.  I will let a 1994 review on the Society for Women Engineers' site summarize the book:

Failing at Fairness: How American Schools Cheat Girls eloquently describes the results of years of research into sexism in schools. The study began as an examination of gender bias in textbooks, and evolved into a decade of painstaking classroom observation uncovering a "hidden curriculum" in classroom interaction.   Authors Myra and David Sadker present a compelling tale of gender bias in education at all levels.

Taken at face value, the book more than proves the point of the subtitle: our schools cheat girls out of an education equal to that received by boys. The authors do an excellent job of pointing out some of the more subtle ways of favoring boys over girls. However, so many descriptions of incidents of sexism -- blatant, subtle, by old teachers, young teachers, male teachers, female teachers, and even by one of the Sadkers' own "trained" researchers -- are included that it can seem like overkill at
times. In addition, the wealth of statistics can be overwhelming, and yes, even slightly depressing.

One of the more horrifying aspects of Failing at Fairness is the discussion about standardized tests, their historical deliberate design as culturally biased for exclusionary purposes, and the dive in the scores received by girls as they progress through their education.

Current standardized test administrators claim to be more sensitive to cultural prejudices in today's tests, although minority students still score less than white students (at least on the SAT). Also, the book states quite plainly, "Regardless of ethnic or racial background, all American girls share a common bond: a gender gap in test performance that leaves them behind the boys." The prevailing opinion of the discussion group is that the tests are still exclusionary; they are not measuring achievement, but are rather reflecting the way students are taught.

I don't doubt that they found their share of anecdotal issues.  I am sure I could find them today.  But their overall premise that girls were getting hosed by primary education and that standardized tests were structured to exclude girls from college education made no sense even at the time the book was published:


The chart is from Mark Perry, and he shows a similar picture for bachelor's degrees, where women blew past men in 1981, and in PHDs, where women passed men in 2006.  People would laugh at this book today, as most discussion is about under-performance of boys.

I don't know the authors, but I would interpret this as the classic inability of activists to declare victory.  I am fairly certain that their hypothesis was far more correct in 1969 than in 1994.  But society really went through a step-change in the 1970s vis a vis attitudes about females.  The previous generation of women's activists did great work to make these issues plain and help lead change in societal attitudes.

But activists have a really hard time declaring victory.  From a quite personal standpoint, declaring victory as an activist is exactly the same as walking into your boss and telling him that the company really doesn't need your job position.  Money, prestige, academic advancement, and attention, and (self-esteem, for certain types of people) are all tied to there being a major problem.  If there is no longer a big problem, then all this stuff goes away.