Securing Members of Congress from Transparency

I commented in this article on the repeal of the transparency provisions of the STOCK Act:

Passed in 2012 after a 60 Minutes report on insider trading practices in Congress, the STOCK Act banned members of Congress and senior executive and legislative branch officials from trading based on government knowledge. To give the ban teeth, the law directed that many of these officials' financial disclosure forms be posted online and their contents placed into public databases. However, in March, a report ordered by Congress found that airing this information on the Internet could put public servants and national security at risk. The report urged that the database, and the public disclosure for everyone but members of Congress and the highest-ranking executive branch officials -- measures that had never been implemented -- be thrown out.

The government sprang into action: last week, both chambers of Congress unanimously agreed to adopt the report's recommendations. Days later, Obama signed the changes into law.

The article went on to talk to four cybersecurity experts, all of whom basically said the same thing:

Bluntest of all was Bruce Schneier, a leading security technologist and cryptographer. "They put them personally at risk by holding them accountable," Schneier said of the impact of disclosure rules on Congress members and DC staffers. "That's why they repealed it. The national security bit is bullshit you're supposed to repeat." (Three of the four experts we consulted opted for the same term of choice.)

There was a security risk, but it was not a national security risk. It was a personal Congressperson risk.

EDITED TO ADD (4/25): Jon Stewart quoted my "the national security bit is bullshit" line.

Posted on April 23, 2013 at 7:10 AM • 22 Comments

Comments

AlanApril 23, 2013 9:44 AM

Bruce, we love you for saying the emperor has no clothes. Keep on fightin' the good fight, thanks.

Ac2April 23, 2013 10:13 AM

Quis custodiet ipsos custodes... Doesn't the US constitution provide an independent govt audotor?

Joseph ScottApril 23, 2013 11:09 AM

Sounds like 60 Minutes needs to an update to their previous story. Perhaps that will bring enough attention back to this issue that they won't be able to remove it again.

dbCooperApril 23, 2013 11:19 AM

Unanimous vote in both houses of congress. Nice to see them getting along so well.

VincentApril 23, 2013 11:34 AM

What's really sickening is that the vote was unanimous.

Not one, not a single one on both chambers voted against this on principles. It's telling.

Petréa MitchellApril 23, 2013 12:45 PM

It's rather like how Eric Schmidt has gotten himself largely hidden from Google search results, while at the same time insisting that no one should be bothered about Google slurping up all their information.

VincentApril 23, 2013 3:04 PM

Another thought on the official reasoning. It's security thru obscurity.

I mean, the idea is that, if you disclose your financial stuff, you might be targeted by a blackmailer (given your position, a foreign intelligence operation). But the point is, you are vulnerable, not due to the disclosure, but due to the financial problems/scandals lurking in it. Someone will find it. And use it.

The proper position for a functional government would be, if some of it's officials are vulnerable to blackmail due to any factor, to remove these officials from position where they could do damage after being blackmailed rather than hide their vulnerabilities.

TrogdorApril 23, 2013 3:08 PM

Unanimous. The only thing both parties agree on: increasing taxes (see the internet sales tax coverage today) and decreasing voters knowing what they're up to.

It's about power. They know that knowledge is power, so they seek to keep their voters in the dark as much as they can get away with. This activity is just more proof.

And these people are in charge of education (teach enough to get a job & pay taxes, but no more) & immigration policies (more voters who're often even less knowledgeable about what our government is up to).

HowardApril 23, 2013 3:10 PM

@Joseph Scott

... sounds like 60 minutes will live under the threat of audit, or legislation, if they dare post another story like that.

AucklanderApril 23, 2013 4:12 PM

That risk stuff is more bullshit than you think. Here in New Zealand we have exactly the thing they fear - all top officials' financial disclosure is available online.

...but then, we're just a bunch of cowboys somewhere in the a$s of the world.

Jostein TveitApril 23, 2013 4:37 PM

I agree with Aucklander. The risk of financial disclosure is not that great.
In Norway all citizens income and tax payments has always been publicly available. Recent years online as well.

Congress == !ProgressApril 23, 2013 4:41 PM

People who are on my local planning commission have to publicly disclose their investments and Congress doesn't?

Dirk PraetApril 23, 2013 5:52 PM

Re-read George Orwell's Animal Farm. It's just another sign on the wall that the US Constitution - just like The Seven Commandments of Animalism - is on its way to being reduced to one single phrase: "All animals are equal, but some animals are more equal than others".

Just like in many other pseudo democracies, most of these folks have devolved from representatives of the people to strawmen for corporations and special interest groups, and with only one thing in mind: the preservation of themselves. QED.


TamaraApril 23, 2013 9:11 PM

AMEN! Thanks for saying it for all of us!
Unbelievable! And yet.

CYA is the sad rule in the land of the free.
Thanks for speaking up for all of us.
T

FigureitoutApril 23, 2013 11:46 PM

Direct democracy. Check it out, time for people to actually have a vote in their democracy. Most practical, doable solution. I'm done trying to make it work though, b/c of being labeled a terrorist; so beware.

AutolykosApril 24, 2013 6:59 AM

@Trogdor: Agreed. It's a perfect example of the Mushroom Management common in all hierarchical structures that don't change their leadership often enough.
If you want to make a career in politics, you need to join one of two parties as a kid and won't get anywhere near the top until way past forty - the only organization with even less rotation is probably the Roman Catholic church.

amanfromMarsApril 24, 2013 7:00 AM

That is just but the tip of the titanic iceberg of information and intelligence to crash into systems and exploit for personal advantage, if that be the accepted way ....... for whenever one knows of weaknesses and dependencies are they invariably programs of interest to be overwhelmed with curious enthusiasm and novel application ...... crash testing of platforms. Here be a wide open space with no doors available to stop competents doing whatever they want with impunity


amanfromMars .. has a go with IT in a comment on http://www.telegraph.co.uk/finance/markets/10013768/Bogus-AP-tweet-about-explosion-at-the-White-House-wipes-billions-off-US-markets.html

So .... the markets react to news and not events? How very interesting and vulnerable does that make reality.

Wesley ParishApril 25, 2013 3:27 AM

Just a comment on "security through obscurity" - this is something that the FOSS world has been through in their debates with Microsofties and Micro-Soft-in-the-Head and the like, and one thing I remember well from that debate is that the vulnerabilities are never hidden - from the malicious, never; only from the wishful thinkers aka blissfully stupid users.

So we have the scenario where some big-spending official whose head is swollen to a size incommeasurate with his income, will become vulnerable to "interested parties" - their identities are not important, they could be your local chapter of the North American Man-Cow Love Association for all I care - and said official's embezzlements, blackmails, etc, will not become apparent until everything he is connected with has become hopelessly compromised.

To remedy this, we will then face a "War on Corruption" - kind-of like the sort of "War on Tooth Decay" which involves blowing up children's heads with High Explosives. And Evening will come and no morning, and the Dark Lord will see it all and say it is good.

jwtodd60April 26, 2013 11:31 AM

I'm a little late to the party here, but I get the sense that no one has actually read what was passed. The change in online reporting requirements did not apply to the Pres, VP, Congress, congressional candidates, or senate-confirmed presidential appointees. In other words, it spared only lower level execs from having their disclosure forms posted online. See http://thomas.loc.gov/cgi-bin/query/D?c113:2:./temp/~c113mHNw9l::

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.