Monthly Archives: February 2014

California

California AG Takes Lead In Cybersecurity

Kamala HarrisData breaches at major retailers Target and Neiman Marcus during last year’s holiday shopping season affected more than 100 million people and focused new attention on the need to protect person information stored online.

While it’s clear that tough data breach legislation must be enacted, California Attorney General Kamala Harris is taking action to improve cybersecurity in the state before new laws are passed.  Today she released recommendations to California businesses to help protect against and respond to the increasing threat of malware, data breaches and other cyber risks.

In addition Harris is leading an investigation by state attorneys general into the Target and Neiman Marcus breaches, Don Thompson of The Associated Press reported:

Harris’ office also disclosed that California is leading a multistate investigation into the massive holiday season consumer data theft at discount retailer Target Corp. and luxury retailer Neiman Marcus, breaches that left tens of millions of customers at risk. More than 7 million Californians were affected by the Target breach alone, Special Assistant Attorney General for Law and Technology Jeff Rabkin said.

The U.S. Justice Department is taking the lead in trying to identify the culprits, who are suspected to be based overseas, while the multistate investigation focuses on whether the retailers share blame because they lacked the necessary precautions to prevent the thefts. The state investigation also will explore whether Target and Neiman Marcus acted properly as soon as they learned of the problem, Rabkin said in a telephone interview.

The guide, Cybersecurity in the Golden State, offers suggestions focused on small to mid-sized businesses, which are particularly vulnerable to cybercrime and often lack the resources to hire cybersecurity personnel. In 2012, 50 percent of all cyber attacks were aimed at businesses with fewer than 2,500 employees and 31 percent were aimed at those with less than 250 employees, Harris said.

Key recommendations for small business owners include:

  • Assume you are a target and develop an incident response plan now.
  • Review the data your business stores and shares with third parties including backup storage and cloud computing. Once you know what data you have and where it is, get rid of what is not necessary.
  • Encrypt the data you need to keep. Strong encryption technology is now commonly available for free, and it is easy to use.
  • Follow safe online practices such as regularly updating firewall and antivirus software on all devices, using strong passwords, avoiding downloading software from unknown sources and practicing safe online banking by only using a secure browser connection.

In 2003 California was the first state to pass a data breach notification.  In 2012 the law was amended to require any breach that involved more than 500 Californians be reported to the attorney general.

>The 170 breaches reported to the attorney general’s office in 2013 represent a 30 percent increase over the 131 identified the year before,  according to figures provided to The Associated Press. Among entities reporting breaches in 2012 were American Express Travel Related Services Co., Kaiser Permanente and several state government agencies, including the departments of Public Health and Social Services.

Given the current data breach laws Harris is taking meaningful action.  But, what’s ultimately needed is a law that would make her best practice recommendations legal mandates.  We need a California Financial Information Privacy Act that would:

  • Change breach notification standards to be immediate.
  • Set limits on the time data can be retained. And limits on what information can be collected and retained.
  • Write minimum-security standards into the law so that they are no longer voluntary.
  • Most importantly: create a private right of action. Put a price tag on retailers’ mistreatment of our private financial information.

John Simpson

Until there is a real price to pay, Target, Neiman Marcus and other retailers will continue to make us targets.

Posted by John M. Simpson, Consumer Watchdog’s Privacy Project Director.

Uncategorized

#TBT Video: How We Handled the Drought in the 1970s

1 Comment

Half hour film describes how Californians coped, circa 1977

by Brian Leubitz

UPDATE: The Legislature just passed the drought relief package:

In a concerted effort to aid California’s drought-stricken communities, the Legislature on Thursday sped a $687 million relief package to Gov. Jerry Brown.

One week after Brown and legislative leaders unveiled the emergency legislation, both houses of the Legislature approved the bill with little resistance. The Assembly passed the bill 65-0, and the Senate sent it to Brown’s desk with only three dissenting votes.(Fresno Bee / Jeremy White)

Now back to your regularly scheduled #TBT.

We’ve been through it all before, and we’ll go through it all again. This is especially true with California’s water. Check out this video, complete with classic fashion:

Jerry Brown

Gov. Brown Talks Drought and Bay Bridge

Governor looks to maintain cautious approach

by Brian Leubitz

Carla Marinucci of the San Francisco Chronicle has a way with a video camera like few else. She readily acknowledges the less than high tech camera work, even going so far as to name her video series “Shaky Hand Productions.” But she has a way of being in the right place at the right time to ask some very pertinent questions.

Yesterday she posted another such video, this time a dimly lit interview of Gov. Brown. He covered the drought and the frustrating Bay Bridge situation. On mandatory water restrictions he hewed his refrain of letting local governments ride lead:

I like to focus attention and responsibility on local government, local school districts, whenever possible. So I certainly encourage every local community to do exactly what they need … and when it becomes necessary for the state to take over and actually order (rationing) … I’ll certainly do that. “

Cruise on over to her blog post to get the full transcript. Looks like he’ll officially kick his campaign off soon.

Uncategorized

Anti-transgender referendum of AB 1266 Fails to Qualify

Referendum fell below required total in manual count

by Brian Leubitz

The good news has been quickly spreading: the referendum to overturn AB 1266, a bill to guarantee equal opportunity for transgender students, has failed to gather enough valid signatures. From the Transgender Law Center’s email just now:

Today, the effort to repeal the School Success and Opportunity Act – California’s new law ensuring that all children have a fair opportunity to succeed in school – failed to qualify for the ballot.

California’s School Success and Opportunity Act – also known as AB 1266 – went into effect on January 1st ensuring that schools have the guidance they need to make sure all students, including those who are transgender, have the opportunity to do well in school and graduate. The law is modeled on policies and practices that are already working well in schools across the state, and gives important guidance to educators so they can work with students and families on a case-by-case basis.(Transgender Law Center)

The latest county by county count is available here (PDF). At the time of that document, supporters of the referendum were about 17,000 valid signatures short of the required total.

The proponents have indicated that they will investigate the invalid signatures, but the invalidity rate of 21.3% wasn’t that much higher than the typical 19-20% invalidity rate. They may try to challenge something or other in the courts, but it looks like there will be no fight on this particular issue in November.

In the end, the failure avoids what could have been a harsh battle for the transgender community. Asm. Tom Ammiano, who authored the bill, is always one to find a silver lining:

The good thing that comes out of this misguided referendum effort is that we were able to continue to educate people. It’s important that we begin to understand what transgender students are going through. I wish it was just a matter of ignorance. The forces putting this referendum together included the people that make money off promoting hate and professional fear mongers, who took advantage of what other people didn’t understand. Although it’s clear that California is moving in the direction of equality and respect, this does not mean the struggle is over. For every child like Pat Cordova – accepted on her Azusa High school’s softball team last week – there is another child living with a secret because of bullying. The people who belittle the rights of transgender students should know their efforts encourage the bullies. It is their intolerance that allows the violence to continue, and that violence affects every child, not just transgender students. They should be ashamed.

Arnold Schwarzenegger

Schwarzenegger Brags on Government Reforms

Arnold SchwarzeneggerFormer Governor speaks out on redistricting and top two reforms

by Brian Leubitz

Governor Arnold Schwarzenegger had his ups and downs as governor. He peaked That’s not all that abnormal, but with him it was entirely predictable. When he went toward the middle/leftish, he was up. When he veered hard right, he went down. 2005 hard-right special election? Down. AB 32? Up. And, more relevant here, redistricting measures? Up. You can check his approval rating history here.

And so he’s trying to craft his legacy around the government reforms that have largely been quite popular. He’ll be speaking at USC this morning about redistricting and Top-2. Yesterday, he published an op-ed that lets us know which victory lap he’ll be taking.

Many of us believed, and voters agreed, that the two reforms in combination would put California on a path toward breaking up gridlock and hyper-partisanship, and making government work better for our citizens.

We were basing our efforts on common sense and a commitment to putting people over politics. And now, the early results are starting to come in, and they show that these reforms are working.

In 2012, the top-two primary yielded 28 elections that, for the first time, pitted members of the same party against one another. Also, legislative districts that previously had been gerrymandered to protect politicians were no longer “safe” for one party or the other. … This year’s races could shake things up even more, as candidates for office are forced to appeal to all voters, not just the party bosses.(Arnold Shwarzenegger in SF Chronicle)

Now, I think he has a few fair points in the op-ed. I was a strong opponent of the redistricting system when it was on the ballot, both times actually. But I’m big enough to admit that I was wrong. The system was far more responsive to the needs and desires of the voters, rather than the legislators. The process was transparent as any we have seen, and the results were fair. Sure, there were some who were disappointed by the results, but a fair system was always likely to upset some of the entrenched apple carts.

But, as for top two, the system clearly has some big flaws. First, despite his claims that somehow the primary system allowed “party bosses” to choose, the primary system was made up of voters. There is no better example of this than the Tea Party, an insurgent force within the Republican party. How many times have we now seen the wishes of party bosses completely ignored at the ballot box? And let’s face it, the “party bosses” are bosses in name only these days. The bosses are really the big independent expenditure funding campaigns. Where they go, eventually our politics follows.

But the bigger issue of Top 2 is the troubling results it can sometimes yield to triumphs of game theory over the desires of constituents. There is no better example of this than California’s 31st district in 2012. In that election, two well-known Republicans ran against four less well known Democrats in a district with a 15+% Democratic registration advantage. In a relatively low turnout June primary, Democrats received 33,402 votes, and Republicans received 32,265 votes. Yet there was no Democrat on the ballot. This is a brilliant play for Republicans, they picked up a seat they wouldn’t have had otherwise. But, in the end, a plurality of voters in the district did not have an option from their own party. How does that make sense?

Add in the very troubling impacts of Top 2 on third parties, and you have a muddled, confusing, and anti-democratic system that favors parties that game the system with tight party boss control. If your party boss can’t impose discipline, you may end up with no candidates on the general election ballot.

Finally, with all of this, Schwarzenegger’s stated purpose was to create a more “moderate” legislature. In California, that really meant a less progressive, more pro-corporate body. It is hard to deny that Schwarzenegger was at least somewhat successful on that front. Despite the 2/3 Democratic control, many of these Democrats moved the caucus to the right. Now, whether you value the goal of making the legislature more moderate could lead you to differing judgments on Gov. Schwarzenegger. One would hope that a chief goal of structural government reform is to create a legislature that fairly and accurately represents the constituents, but that was never Schwarzengger’s thing. Sure, he had a flair for populist rhetoric, but drifted in other directions when in office.

Schwarzenegger will be talking to the hosts of MSNBC’s Morning Joe, so you will likely be able to see snippets of the conversation on TV. But, from a Governor who finished with an approval rating around 20% in 2010, there is a lot of work left to fully rehabilitate his legacy that a flawed government reform like Top 2 can’t address.

Environment

About that “Carbon Tax”

darrell steinbergSteinberg proposal would throw monkey wrench into cap and trade

by Brian Leubitz

Cap and trade is far from perfect. And if you ask many economists, you’d find a carbon tax as a solid alternative. However, a muddy mix of the two? Well, that raises more questions than it answers.

And, so we have Sen. Steinberg’s proposal:

Next year for the first time, transportation fuels will come under the program: oil companies will have to account for the emissions from Californians’ cars and trucks. The cost of buying additional pollution permits is one that companies are almost certain to pass along to consumers.

Steinberg’s plan would make it more direct, as a tax that we pay at the pump. His reasoning is that while drivers will pay more for gas either way, with a tax the increase is more predictable and transparent.

“What people in California also need is pollution cuts,” said Tim O’Connor, director of the Environmental Defense Fund’s California Climate Initiative. He said that while he supports some of the ideas behind Steinberg’s proposal, he’s concerned it could undermine California’s efforts to charge for the right to pollute, and to reduce greenhouse emissions overall. (KQED / Molly Samuel)

The bill seems far from complete, and will likely get a lot of revisions. But, today is the deadline for bills to be filed, and so here we have something. Now, generally when the Western States Petroleum Association is happy, as they have said they are eager to listen to these changes, it should draw attention.

Whether these changes would go anywhere involves a lot of questions for a system that was just about to start in earnest next year. This will surely change, but environmentalists will want to keep a keen eye on this bill.

San Francisco

Field: Californians Support Further Regulation of Sugar Beverages

Added sugar leads to profound health risks

by Brian Leubitz

Last year, under a flood of beverage industry money, two proposed sugary beverage taxes were easily defeated in Richmond and El Monte. However, Californians are still wary of the health risks that they present. To wit:

California voters endorse a proposal to require beverage companies to post a health-warning label on sodas and sugary drinks to alert consumers that their daily consumption contributes to diabetes, obesity and tooth decay. Statewide 74% of voters back this requirement, of whom 52% do so strongly. Support is bipartisan, with large majorities of Democrats (80%), Republicans (64%) and non-partisans (75%) endorsing the idea.

The poll also finds continuing support among the statewide voting public to tax the sale of sodas and other sugary drinks and use its proceeds for school nutrition and physical activity programs for kids. Two in three voters (67%) favor this proposal. The results are similar to a Field Poll completed in late 2012, which found 68% of voters statewide supporting such a tax. (Field (PDF))

Unfortunately, the beverage industry isn’t keen on leaving anything to chance. And now San Francisco, led by Supervisors Scott Wiener, Eric Mar and Malia Cohen, are looking to put exactly such a measure on the ballot for November. The statewide poll found that within the San Francisco Bay Area, 78% of residents favor a soda tax to fund school nutrition and physical activity programs to reduce diabetes. San Francisco voters support it, but will all that Coke and Pepsi money be enough to confuse the issue.

Look, there are clearly some issues with the regressiveness of the sugar beverage tax. I don’t have the exact figures on this, but one would expect to see that under the proposed measure, low to middle income San Franciscans would pay a far larger share of the tax than for other taxes. However, that is also the case with tobacco taxes, yet we tolerate those. The fact is that while sugary beverages have not yet been proved to be as dangerous as tobacco, they carry very severe health risks. The Boston Public Health Commission has some startling statistics.

  • One, 20-oz bottle of regular soda has about 16 teaspoons of sugar.
  • Teens consume twice as much soda as they do milk.
  • On an average day, 80% of youth consume a sugary drink.
  • A single, 20-ounce bottle of regular soda has about 16 teaspoons of sugar.
  • The average person consumes almost 100 pounds of sugar a year, with the single biggest source being sodas.
  • The American Heart Association recommends that the maximum daily intake of added sugars be no more than 4.5 teaspoons for teens aged 12-19.
  • Did you know, health costs of obesity in the United States are $147 billion annually? That’s like buying everyone in the U.S. an iPad.

    • Economists call such taxes a case of “internalizing externalities.” In other words, the government has been subsidizing these beverages, in the form of health care, for years. It is now time to include those costs in the price of the beverage.

    Uncategorized

    The Drought and Fracking

    1 Comment

    Fracking and waterFracking requires vast amounts of water, where it will come from in a parched state

    by Brian Leubitz

    I’ve been writing a lot about the drought, more than I’ve wanted to recently. But the hits just keep on coming. In recent news, there is word that up to two million acres may be apportioned no water at all, thereby made to lie fallow. Of course, some of this is simply mandated by mathematics. To give enough water to the best farmland, you must let some lie fallow. The Republicans argue that we can simply take from the water we release to the rivers and the Bay, but that simply pits other interests against each other, most notably fishermen, of both the sporting and commercial varieties. George Skelton has a good take on this:

    Don’t blame the little fish. And don’t call it the Central Valley.

    Both comments, repeated incessantly, were irritants during President Obama’s visit to parched California farm country last week.

    The president was there-in the San Joaquin Valley-to cuddle with water hogs. The hogs are large growers who use lots of water, have just about run out and are angry because they’re being denied other people’s. And they keep complaining that the government is favoring a little “bait fish” over farmers.

    *** **** ***

    So water deliveries have been restricted not just for smelt, but also to protect salmon and the coastal fishing industry. It’s not about farmers vs. fish. It’s about farmers vs. fishermen. Or almonds vs. salmon. (LA Times / George Skelton)

    Read the whole Skelton piece, it is a refreshingly honest take on the various interests that you don’t often see these days. Water interests are varied, and can’t simply be boiled down to farmers vs smelt. Skelton rephrases that debate as “almonds vs. salmon”, a far more apt analogy. But, there is another huge water hog wating to join the queue for our very limited trough: the fracking industry.

    Of course, water usage isn’t probably the first concern of most environmentalists, myself included, with respect to fracking. The issues are deep and pervasive, there are many questions that remain unanswered. Issues of safety, water quality, and seismic stability are far from fully researched and should give the state pause. This is especially true in the days after a major fracking accident in Pennsylvania. (But don’t worry, they’ll give you a free pizza)

    In places like Pennsylvania, where there is plenty of water for the moment, this isn’t that big of an issue. But, the Times looks to Greeley, Colorado, itself in the midst of a drought. While it is not as severe as our own right now, water is always precious in the West. It takes a lot of water to operate hydraulic fracturing (thus the hydraulic part of that phrase):

    Last fall the Environment America Research and Policy Center estimated that at least 250 billion gallons of water had been used since 2005 in the estimated 80,000 wells in 17 states. Drought-prone Texas led the way with at least 110 billion gallons.(LA Times / Jenny Deam)

    As we move forward with hydraulic fracturing in what is expected to be a large reserve of natural gas in our Monterey shale, perhaps Alex Prud’homme asks the right question, will it be a boom or a boondoggle. It is imperative that we consider all the costs, both internal and external, before we move forward with any plan to aggressively tap our shale.

    Uncategorized

    Tom Steyer Plans on Spending Big on Climate Change Advocacy

    Former Hedge Fund Manager turned climate activist looks to make climate change big 2016 issue

    by Brian Leubitz

    Tom Steyer is no stranger to opening up his pocket book for causes in which he believes. He pretty much funded the Yes on Prop 39 by himself, contributing over $30m to the measure. He’s now looking to spread his message to a wider audience, hoping to put the issue of climate change back on the radar.

    California billionaire Tom Steyer turned heads in Washington with the news that he plans to spend $100 million to help make climate change a defining issue in this year’s elections.

    But it gets even bigger: The hedge fund executive turned green activist might be willing to lay out even more than that eye-popping number, and he’s looking to spend it in places that are also important for 2016.(Politico)

    His NextGen Climate Action SuperPAC is looking at going into a slew of important Senate and gubernatorial races, especially races that feature a climate change “denier.”

    Some are calling Steyer a sort of anti-Koch, but it is easy to overestimate the operation as well as misstating motives. First, Steyer does not have anywhere near the operation that the Kochs have. The Kochs have been building infrastructure for years, and have fostered a broad network of self-interested donors. Steyer has none of that infrastructure, but also none of the aversion to the media. He’s friendly and media savvy, eager to explain why he focuses his time on climate change. Oh, and he seems not to have the duties to legacy environmental organizations and their donors that can occasionally unsettle coalitions.

    Whether Steyer has plans, as rumored, of a race for Governor here in 2018 is still an open question. But he’s certainly going to make a name for himself in the next two years if he does spend that $100 million.

    California

    Target Needs to Pay for Targeting Our Privacy

    3 Comments

    Target ShirtTarget is targeting our privacy. There’s a big red bullseye, a target – like the one on the shirt I’m wearing today – that Target and Neiman Marcus, who chose not to show up to answer questions today, have put on us because they haven’t done enough to protect our private financial data. And the reason is that there’s no financial incentive to do so.

    110 million Americans had their personal financial information breached. That ‘s one out of two adult Americans. I was in Sacramento today to testify in front of a joint California Assembly committee hearing investigating the breach. And yet Target did not send a single representative to Sacramento today to answer questions about the largest data breach in American history?

    The fact that Target didn’t show up today tells us all we need to know about how sorry Target is and how committed it is to our privacy.

    If you are as offended by this as I am, I have a t-shirt for you to wear too.

    The reason Target won’t face legislative questions today is the same reason that our personal financial information and data is at such grave risk: there is no price to pay. There are few financial penalties to companies like Target when our personal data is taken.  

    Beyond public embarrassment, Target has little financial incentive to care.

    We, the consumers, pay the consequences but we have no remedies.

    According to the Committees’ own staff research, 1 in 4 consumers whose personal information that is taken becomes a victim of identity theft. 1 in 4 victims of a data breach is also a victim of identity theft. If these numbers apply to Target, that would potentially create more than 25 million identity theft victims.  

    There’s a harm. The retailers had a role in creating that harm. And yet they have no liability under California law for what they have or have not done to safeguard the sanctity of our personal information.

    The problem with privacy violations is that unlike thefts of money or property the law does not recognize a harm and does not provide a remedy.

    As the Committees’ staff research states: consumers have no remedy under the law for the loss of financial privacy suffered through these data breaches, and the 1 in 4 risk of id theft they face.  Zero remedies.

    Jamie CourtSo why would retailers invest in greater security, or meet voluntary industry standards, or move away from risky magnetic strip technology?  

    If they don’t have to pay a price they don’t have an incentive to change.  And that leaves our private financial information with a big bullseye on it.

    What can we do?

    We need a California financial information act that mirrors our Medical Information Privacy Act.    

    When there is a data breach of our medical information, the drug company, hospital or medical center is liable to the consumer for $1,000 per violation.  

    Guess what?  Medical data breaches are fewer and farther between. When they occur companies pay a big price.

    The same should be true for our financial data. We need a California Financial Information Privacy Act

    It would:

    • Change notification standards to be immediate.
    • Write minimum-security standards into the law so that they are no longer voluntary.
    • Set limits on the time data can be retained. And limits on what information can be collected and retained
    • Most importantly: create a private right of action. Put a price tag on retailers’ mistreatment of our private financial information.

    Until there is a price to pay, Target and other retailers will continue to make us targets.

    If you are as offended as I am by Target’s absence today in Sacramento, please share our Target design online to show your displeasure.

    When a company as big as Target won’t provide a single representative to answer questions about the largest data breach in American history, it is time for California to step up and deliver on the promise in Article 1 Section 1 of our state constitution: Privacy is an inalienable right.

    Posted by Jamie Court, President of Consumer Watchdog.