17 January 2017

Accountability

The ANAO report on Offshore Processing Centres in Nauru and Papua New Guinea: Contract Management of Garrison Support and Welfare Services, released today, should be of concern to policy analysts and people interested in public sector accountability.

The report notes
The Department of Immigration and Border Protection’s management of the garrison support and welfare services contracts at the offshore processing centres in Nauru and Papua New Guinea (Manus Island) has fallen well short of effective contract management practice.
The garrison support and welfare contracts were established in circumstances of great haste to give effect to government policy decisions and the department did not have a detailed view of what it wanted to purchase or the standards to apply. These are key considerations in achieving value for money. While the department took between 20 to 43 weeks (depending on the contract) to enter into final 2013 contracts, there remained significant shortcomings in the contractual framework. Many of the shortcomings persisted in the 2014 contracts, indicating that the 2014 contract consolidation process was not informed by lessons learned from the department’s management and operation of the 2013 contracts.
The department did not put in place effective mechanisms to manage the contracts. Other than the contracts, there was no documentation of the means by which the contract objectives would be achieved. In the absence of a plan, assurance processes such as the inspection and audit of services delivered, has not occurred in a systematic way and risks were not effectively managed. In addition, the department has not maintained appropriate records of decisions and actions taken in the course of its contract management. As a consequence, the department has not been well placed to assess whether its service strategies were adequate or fully met government objectives.
Some $2.3 billion in payments made between September 2012 and April 2016 were not authorised or recorded correctly. "$1.1 billion was approved by DIBP officers who did not have the required authorisation and for the remaining $1.1 billion there was no departmental record of who authorised the payments." Contract variations totalling more than $1 billion were made without a documented assessment of value for money.

The report states
In 2012 the Australian Government established offshore processing centres1 in the Republic of Nauru (Nauru) and Papua New Guinea (PNG) with the agreement of the Nauruan and PNG Governments.
Under the agreements, the Australian Government was to bear all costs associated with the construction and operation of the centres. Transfers of asylum seekers to Nauru commenced on 14 September 2012 and to PNG on Manus Island on 21 November 2012.
To underpin operations at the centres, the Department of Immigration and Border Protection (DIBP or the department) entered into contracts for the delivery of garrison support and/or welfare services with a number of providers. Garrison support includes security, cleaning and catering services. Welfare services include individualised care to maintain health and well-being such as recreational and educational activities. The total combined value of the contracts at 6 December 2016, as reported on AusTender, was $3,386 million.
For the purposes of this report the contracts are discussed in two groups: initial contracts signed in 2013 (referred to as the initial or 2013 contracts) with The Salvation Army, Save the Children, Transfield Services (Transfield) and G4S; and contracts signed in 2014 with Transfield and Save the Children to consolidate service provision (referred to as the consolidated or 2014 contracts).
In October 2015, Transfield6 became the sole provider of all garrison support and welfare services to asylum seekers at the offshore processing centres in Nauru and on Manus Island. In February 2016 these arrangements were extended through to 28 February 2017 and in August 2016 the contract with Transfield was further extended until 31 October 2017.
Audit objective, scope and criteria
The objective of the audit was to assess whether DIBP had appropriately established and managed the contracts for garrison support and welfare services at offshore processing centres in Nauru and Papua New Guinea (Manus Island); and whether the processes adopted met the requirements of the Commonwealth Procurement Rules (CPRs), including consideration and achievement of value for money.
The audit examined contracts entered into in 2012, when the arrangements were first put into place, through to the current contract which is due to expire in October 2017.
This is a companion audit to ANAO Performance Audit Report No.16 2016—17 Offshore Processing Centres in Nauru and Papua New Guinea: Procurement of Garrison Support and Welfare Services. As in the earlier audit, the ANAO’s review of departmental records was, due to shortcomings in DIBP’s record keeping system, based on the available records. DIBP was not able to provide the ANAO with assurance that it provided all departmental records relevant to the audit.
DIBP's apparent inability to properly document its operation is also evident in the report noted here.

The ANAO goes on to conclude

The Department of Immigration and Border Protection’s management of the garrison support and welfare services contracts at the offshore processing centres in Nauru and Papua New Guinea (Manus Island) has fallen well short of effective contract management practice.
The garrison support and welfare contracts were established in circumstances of great haste to give effect to government policy decisions and the department did not have a detailed view of what it wanted to purchase or the standards to apply. These are key considerations in achieving value for money. While the department took between 20 to 43 weeks (depending on the contract) to enter into final 2013 contracts, there remained significant shortcomings in the contractual framework. Many of the shortcomings persisted in the 2014 contracts, indicating that the 2014 contract consolidation process was not informed by lessons learned from the department’s management and operation of the 2013 contracts.
The department did not put in place effective mechanisms to manage the contracts. Other than the contracts, there was no documentation of the means by which the contract objectives would be achieved. In the absence of a plan, assurance processes such as the inspection and audit of services delivered, has not occurred in a systematic way and risks were not effectively managed. In addition, the department has not maintained appropriate records of decisions and actions taken in the course of its contract management. As a consequence, the department has not been well placed to assess whether its service strategies were adequate or fully met government objectives.
The department developed a comprehensive and risk based performance framework for the contracts to help it assess provider performance. However, development of the framework was delayed and in applying the framework the department was not consistent in its treatment of different providers. Performance measurement under the framework relied heavily on self-assessments by providers and the department performed limited independent checks. Delays in the department’s review of self-assessments and the provision of feedback on contractor performance eroded the link between actual performance and contract payments. Risk assessment was a key component of the performance reporting processes and while risk assessments were conducted, DIBP did not review risk ratings or determine if controls and mitigations were in place and working. Risks materialised in both the 2013 and 2014 contracts.
An appropriate framework of controls was in place for payments under the contracts, including the authorisation of actual payments by a delegate. This control was intended to provide additional assurance over payments under the contracts but did not always operate as intended. In respect to $2.3 billion in payments made between September 2012 and April 2016, delegate authorisations were not always secured or recorded: an appropriate delegate provided an authorisation for payments totalling $80 million; $1.1 billion was approved by DIBP officers who did not have the required authorisation; and for the remaining $1.1 billion there was no departmental record of who authorised the payments.
In addition, this audit highlighted further weaknesses in the department’s management of procurement. Substantial contract variations totalling over $1 billion were made without a documented assessment of value for money.
Contract management is core business for Australian Government entities, and the department has managed detention contracts since 1997. Previous ANAO audits of the department’s contract management have found that: its contracting framework had not established clear expectations of the level and quality of services to be delivered; and its ability to monitor the performance of contractors was compromised by a lack of clarity in standards and performance measures and reliance on incident reporting to determine when standards were not being met. This audit has identified a recurrence of these (and other) deficiencies, which have resulted in higher than necessary expense for taxpayers and significant reputational risks for the Australian Government and the department. The audit recommendations are intended to address the significant weaknesses observed in DIBP’s contract management practices.

Trust, Privacy and Contract

'Privacy's Trust Gap' by Neil M. Richards and Woodrow Hartzog in Yale Law Journal (Forthcoming) comments
 It can be easy to get depressed about the state of privacy these days. In an age of networked digital information, many of us feel disempowered by the various governments, companies, and criminals trying to peer into our lives to collect our digital data trails. When so much is in flux, the way we think about an issue matters a great deal. Yet while new technologies abound, our ideas and thinking—as well as our laws—have lagged in grappling with the new problems raised by the digital revolution. In their important new book, Obfuscation: A User’s Guide for Privacy and Protest (2016), Finn Brunton and Helen Nissenbaum offer a manifesto for the digitally weak and powerless, whether ordinary consumers or traditionally marginalized groups. They call for increased use of obfuscation, the deliberate addition of bad information to interfere with surveillance; one that can be “good enough” to do a job for individuals much or even most of the time. Obfuscation is attractive because it offers to empower individuals against the shadowy government and corporate forces of surveillance in the new information society. While this concept represents an important contribution to the privacy debates, we argue in this essay that we should be hesitant to embrace obfuscation fully.
We argue instead that as a society we can and should do better than relying on individuals to protect themselves against powerful institutions. We must think about privacy instead as involving the increasing importance of information relationships in the digital age, and our need to rely on (and share information with) other people and institutions to live our lives. Good relationships rely upon trust, and the way we have traditionally thought about privacy in terms of individual protections creates a trust gap. If we were to double down on obfuscation, this would risk deepening that trust gap. On the contrary, we believe that the best solution for problems of privacy in the digital society is to use law to create incentives to build sustainable, trust-promoting information relationships.
We offer an alternative frame for thinking about privacy problems in the digital age, and propose that a conceptual revolution based upon trust is a better path forward than one based on obfuscation. Drawing upon our prior work, as well as the growing community of scholars working at the intersection of privacy and trust, we offer a blueprint for trust in our digital society. This consists of four foundations of trust—the commitment to be honest about data practices, the importance of discretion in data usage, the need for protection of personal data against outsiders, and the overriding principle of loyalty to the people whose data is being used, so that it is data and not humans that become exploited. We argue that we must recognize the importance of information relationships in our networked, data-driven society. There exist substantial incentives already for digital intermediaries to build trust. But when incentives and markets fail, the obligation for trust-promotion must fall to law and policy. The first-best privacy future will remain one in which privacy is safeguarded by law, in addition to private ordering and self-help.
'Contracting Over Privacy: Introduction' by Omri Ben-Shahar and Lior Strahilevitz in (2016) 43(2) Journal of Legal Studies introduces
papers presented at the symposium Contracting over Privacy, which took place at the Coase-Sandor Institute for Law and Economics at the University of Chicago in fall 2015. The essay highlights a quiet legal transformation whereby the entire area of data privacy law has been subsumed by consumer contract law. It offers a research agenda for privacy law based on the contracting-over-privacy paradigm.
The authors comment
What are the legal implications of the classification of privacy notices as enforceable consumer contracts? For firms, the contractual nature of privacy notices ensures two beneficial functions. First, privacy notices are deployed to shield firms against liability for data privacy practices that, absent consumer consent, would violate privacy laws. For example, absent consent, Gmail’s practice of scanning contents of users’ e-mail messages would be a violation of the Wiretap Act, and Facebook’s practice of identifying users in uploaded photos would be a violation of state privacy laws. The contractual status of privacy notices means that users grant consent to these practices and thus provide firms a critical safe harbor.
The second function that privacy notices perform is the assurance for consumers that some uses of the data, which are otherwise permissible even without consent, would not occur. For example, firms and websites may keep logs of customers’ activity, but they can promise in their privacy notices not to do so. If privacy notices are contracts, such promises are binding, and their breach would be actionable. Moreover, the FTC can (and does) treat breaches of these promises as deceptive trade practices. Avowing such potential liability is a credible way for firms to entice hesitant consumers to engage with them. Firms dealing with sensitive content, like adult websites, indeed make explicit and clear promises to limit data sharing with third parties, and cloud-computing sites make explicit promises to follow stringent data security standards (Marotta-Wurgler 2016).
The contractual nature of privacy notices has significant implications for lawmakers working to design statutory privacy protections. The first implication is for the design of default rules. If statutory privacy rights are merely default rules, lawmakers should anticipate wholesale opt outs. Firms that develop business models that are constrained by statutory privacy rules would post privacy notices that effectively override these rules.
The powerful incentives of firms to induce their customers to give up their privacy rights also suggests that the choice between opt-in and opt-out schemes is of less importance than people usually assume. Opt-in schemes are thought to be more protective, because they require firms to get consumers’ affirmative consent to override the pro-consumer status quo. Opt-out schemes, by contrast, put the burden on consumers to initiate the exit from the pro-business status quo. Recent FCC regulations, for example, present the shift to an opt-in regime as a meaningful step toward more privacy protection, as this regime requires consumers’ explicit consent before collecting sensitive data such as geographical location or financial information. But firms are very good at getting consumers to opt in when doing so furthers the businesses interest (Willis 2013), and businesses are able to ask consumers repeatedly to change their minds if they initially resist information sharing. If indeed firms elicit such consumer consent with great ease, the opt-in framework makes little difference.
Once again, consumers may so easily agree to opt in, or fail to opt out, because of lack of information. Informed consumers might refuse to opt in or might initiate their own opt outs. These consumers would walk away from firms that refuse to provide the statutory privacy protections that they demand. Uninformed consumers, by contrast, would stick with any default rule. In such an environment of imperfect information, designing optimal default rules has to account for two separate concerns. First, it has to recognize that there are consumers who do care and who would seek to opt out of an undesirable default rule. For some, the default rule could be insufficiently protective, and they would look for more protection. For others, it would be too protective, and they would prefer to waive the protection for a price discount. These opt outs create transactions costs (the cost of becoming informed about the default rule as well as the cost of contracting around it), and a well-designed default rule has to minimize such costs. But the design of the default rule has to recognize, in addition, that many consumers would remain uninformed about the default rule and refrain from opting out, regardless of its content. For this group the default rule is sticky, and it ought to be designed with an eye to maximizing the value of the transaction. This is a general insight into the optimal design of default rules in consumer contracts: it has to meet two criteria—minimizing the cost of opt outs and maximizing the value of transactions when opt outs do not occur (Bar-Gill and Ben-Shahar 2016).
An additional implication of the contractual nature of privacy notices is the role of disclosures. Contracts over privacy—like any other consumer standard-form contract—are often long and complex. Is there a way to make such contracts simpler? Can the law require firms to present consumers pared-down versions of these privacy notices that would effectively inform consumers of the privacy risks? These questions have risen to the fore of consumer protection law in many areas, as regulators and commentators spend much effort to design simpler, smarter, and user-friendlier disclosures. In the privacy area, the proposals to utilize best practices in the presentation of privacy notices have been widely embraced, and more radical suggestions to use “nutrition facts”–type warning boxes are also intuitively advocated. But would such efforts have the desired effect on informing consumers’ choices? There is some evidence that the answer is no (Ben-Shahar and Chilton 2016) and that the use of the privacy notice to engender trust may be limited (Martin 2016).
In the end, then, the law and economics of contracting over privacy differs only in detail, but not in principle, from the law and economics of consumer contracts. Courts overwhelmingly treat them in the same way, and for good reasons. Consumers’ consent may be ill-informed, but regulatory alternatives might be worse. Consumer contract law has tools to combat overreaching by firms, and these tools—rather than superfluous notions of heightened disclosure or informed consent—ought to guide privacy protection. Such tools allow courts to strike down intolerable provisions, and in a separate article we propose to deny firms the advantages that they bury in cryptic boilerplate (Ben-Shahar and Strahilevitz 2016).
Accordingly, the papers from the symposium Contracting over Privacy collected in this issue examine general questions of contract formation, design, interpretation, and extracontractual norms and trust—all in the context of privacy. Privacy is not sui generis; it is instead a valuable laboratory to examine the evolution of contract law in the digital era.

Internships

The UK All Party Parliamentary Group on Social Mobility The class ceiling: Increasing access to the leading professions report calls for a ban on unpaid internships in the professions and changes to recruitment in higher education.

The Group comments
it is clear that there is more to be done to widen access to the top professions in our country. Research shows that the UK’s top professions remain disproportionally occupied by alumni of private schools and Oxbridge.
While some positive steps have been taken, the overarching evidence from the inquiry and available statistics still show that students from disadvantaged backgrounds are less successful than their more advantaged counterparts in getting in to the top professions. In business, nearly a third of the FSTE 100 chief executives educated in the UK were independently educated, and in law, nearly three quarters of the top judiciary were educated at independent schools. Yet across the country, only 7% of students attend private schools.
This pattern is mirrored, to varying degrees, in a number of different professions such as medicine, journalism and politics and the civil service. One of the most striking findings from the evidence sessions held by the inquiry was that despite the vast range of professions we spoke to, the challenges they faced in widening access were extremely similar. Many spoke of needing to tackle unconscious bias, the lack of contextual recruitment practices, and the fact that for some employers, they just did not receive applications from highly able applicants from disadvantaged backgrounds.
The last point exemplifies how it is not only a formal education which makes a difference to those from disadvantaged backgrounds, but also an informal education such as the learning of soft skills, along with having aspirations and role models to admire and emulate. Employers look for confidence, resilience, social skills and self-motivation in their employees, but for those who have had little to no exposure to extracurricular activities, work experience or mentoring, these skills can be difficult to acquire. A clear message from our evidence sessions was that we need to become better at inspiring our youngsters to reach their full potential, especially for those who start out at a disadvantage. Our professions should reflect our communities and our country, and employers themselves would ultimately benefit from harnessing the broader experience and potential of the country as a whole and not just established groups.
This business case for diversity was put forward by many who responded to this inquiry. By widening access to the professions, organisations benefit from an increased pool of skills and experience. Having a diverse workforce which encompasses many different talents, backgrounds and experiences can help create a dynamic organisation ready to face the challenges of the 21st Century. Businesses need to be measuring and monitoring the social background of their employees in the same way in which they monitor protected characteristics, and held accountable for how well they are doing in widening access.
The report states
Leading People 2016 found that almost a third of MPs in the 2015 intake were independently educated, as are nearly a third of those FTSE 100 chief executives that were educated in the UK. Of all High Court and Appeals Court judges, nearly three quarters attended private schools, as did over half of the top 100 news journalists and over two-thirds of British Oscar winners. This pattern is repeated, to varying degrees, across a host of other professions.
It is not only the very top jobs where an advantage to the privately educated exists. Research by the Bridge Group recently noted that “73% of those who came from the most advantaged backgrounds before Higher Education were in the most advantaged occupation groups six months after graduating in 2012/13. 67% of those from less advantaged backgrounds were in the most advantaged occupation groups”, a gap of 6 percentage points.
This is reinforced by research the Sutton Trust published in partnership with upReach in 2015, which found that, three and a half years after graduation, private school graduates in top jobs earn £4,500 more than their state school counterparts. While half of this pay difference can be explained by the type of higher education institution attended or prior academic achievement, the other half cannot be explained by educational factors.
Over recent years, we have seen a greater focus on diversity in the professions, with an improvement in the number of women appointed to boards at FTSE 100 companies, for example. The Coalition Government set up a Social Mobility Business Compact to encourage employers to be more open to people from disadvantaged backgrounds. Recently the Civil Service announced it was reforming its recruitment process to encourage diversity, while many major companies have changed their admissions process and have set up programmes aiming to widen access.
The Group offers  Recommendations to improve access to the professions
A strategic approach to social mobility should be developed
The issues preventing fair access to the leading professions require cross-sector leadership and real collaboration to solve. The government should develop a national social mobility strategy, linking the work of schools, universities and employers to build a real business case and practical plan for improving social mobility. In doing so, the government should identify champions and model initiatives in each of the most selective professions that can collaborate and share cross sector best practices, setting goals for each sector to meet.
Employers in ‘elite’ professions should take part in the Social Mobility Employer Index, being launched next year by the Social Mobility Foundation and the Social Mobility Commission.
Organisations should be required to report on all measures of the index to highlight how well they are doing in widening access. Once piloted, this should be rolled out to all organisations over a certain size and the index should be considered by companies as akin to diversity tracking and other protected characteristics. Employers should learn from what works in their own profession and from other sectors.
Financial barriers to accessing the professions should be minimised
There are significant barriers to accessing professions, particularly the most competitive and those that are mostly concentrated in London. The government should ban unpaid internships.
Employers need to review their work experience policies to ensure access is fair and transparent, ensuring that all posts are publicly advertised to allow a more diverse range of candidates to apply. After at most one month, interns should be paid the National (or London) Living Wage.
Employers should increase efforts to reduce the London-centric focus of recruitment, either by increasing regional recruitment or outreach, and at least fully cover travel reimbursement for any interviews or work experience placements. The Social Mobility Commission should continue to focus on social mobility by geography – to encourage the government and employers to create and support routes for social mobility in those areas that need it most.

Recruitment practices should be fair and transparent

Employers should ensure that they are doing more to encourage best practice with regards to widening access and are helping to break down the barriers graduates face when transitioning from higher education into employment.
Employers should adopt contextual recruitment practices that place attainment and successes achieved in the context of disadvantage, including underperforming schools and less advantaged neighbourhoods.
Employers should ensure that all internships are advertised publicly, and recruited based on merit and not on networks. They should also ensure that any work experience opportunities are advertised publicly, following best practice. Employers should be conscious of the impact of recruiting from a narrow pool of universities in the graduate ‘milk round’, and the social mix of institutions, building on the work already being done in some elite professions. Unconscious bias training for recruiters should also be considered.
UCAS and universities should consider how to modify the application system to allow for more post-qualification applications than are allowed by the current clearing system.
Careers advice for young people needs to be significantly improved
Good careers advice can be transformative for young people. It should be based on “what works”, so that young people know all the options available to them and what they would need to do to achieve them. Schools should learn from best practice on how to support pupils’ choices, and use their own destinations data to help inform their support. Employers should commit to offering careers support and partnerships that genuinely enhance social mobility. This could be by providing mentors and creating opportunities to raise awareness and aspirations of their professions.
Universities should ensure careers services are a core part of the university support system and, in particular, target proven interventions at disadvantaged students to improve their awareness of career opportunities.
The Government should do more to encourage education in later life and lifelong learning so that people of all ages have access to education throughout their lives. They can do this through encouraging more people to take up postgraduate/ part time study loans and by advocating the benefits of education in later life.
Aspirations, soft skills and extra-curricular activities
Schools should encourage pupils to develop skills beyond their core curriculum that are keenly sought after by employers, such as resilience, confidence, social skills and self-motivation. Employers should pro-actively work with schools and universities to help teach the skills that are most sought after in the workplace.
Schools should actively identify young people who could most benefit from mentoring support from charities and employers.
Schools should also raise aspirations by encouraging reading for pleasure, provide educational trips and ensure that they are offering out-of-school studying opportunities, sport and arts provision for disadvantaged students at all stages of education.
Schools should also encourage pupils to take up volunteering or get involved in social action to help build the skills that universities and employers identify as attractive.
It goes on to make Sector-specific recommendations
Throughout this enquiry, evidence was received from several professional sectors. Some specific recommendations for these sectors are below but should be considered in all sectors, where applicable.
Politics and the civil service
Political parties should actively use contextual information when recruiting employees and always pay interns the living wage. This could set an example to other professions and encourage people from non-traditional backgrounds to get more involved in politics. The socio-economic background information of staff should be monitored and reviewed on an anonymous basis.
MPs and Lords should support the Speakers Parliamentary Scheme to expand wherever possible. MPs should look to draw up shortlists for applications where 50% of candidates are from the local area. This would help to combat issues around networking and would allow the makeup of the MPs staff to reflect that of the local population. The Civil Service should ensure that all departments collaborate to ensure that the image of working in the Civil Service is more open and not intimidating. The Civil Service should look specifically at progression, performance, and pay, to lead by example for other professions. The same rigour on social mobility should be applied to the rest of the civil service recruitment as is currently applied to the Fast Stream.
Medicine
Universities should contextualise admissions to study medicine, recognising that academic ability is just one crucial part of being a successful doctor. This should build on innovative schemes, such as the ‘foundation year’ schemes already underway at some medical schools.
Work experience opportunities for school students should be coordinated to ensure all students, regardless of where they live and their personal networks, can get that crucial experience. An effort should be made to encourage pupils to take an interest in medicine earlier on in their academic lives. This could be done in part, by schools and medical colleges working together in order to expose pupils to the possibilities of studying medicine.
Law, finance and professional services
Established professional bodies should drivehe social mobility agenda in law, finance and accountancy. Where possible, initiatives to improve social mobility should be coordinated to ensure they can have significant impact, where it is most needed. Employers should ban all unpaid internships and need to review their work experience policies to ensure access is fair and transparent.
All firms should undertake awareness-raising activities to ensure that young people, particularly those from disadvantaged backgrounds, are aware of the opportunities to join their profession and the requirements.
Arts and media
Building on the success of the BRIT School in London, other schools and colleges should encourage young people to develop their skills in creative pursuits, regardless of background. The business case for having more diverse groups of people, in this case particularly those from different socio-economic backgrounds, needs to be developed in both the arts and the media.
The Government should ban all unpaid internships, as previously stated, and employers need to review their work experience policies to ensure access is fair and transparent, ensuring that all posts are publicly advertised to allow a more diverse range of candidates to apply.
The government should provide proper support and funding for local arts projects, some of which could be done as part of the pupil premium scheme, through which lower income families could purchase additional educational support for pupils, such as theatre visits and other cultural activities
In discussing internships the Group comments
Recruiters often favour experience as much as aptitude, which the disadvantaged have least opportunity to gain
A Highfliers analysis identified that nearly 30% of accounting and professional services vacancies, over 30% of consulting vacancies, over 55% of law vacancies and over 50% of banking and finance vacancies, are filled by graduates who have already worked for the employer. Highfliers found that nearly 80% of vacancies specifically in investment banking were filled by those who had already worked there, compared with less than 10% of roles in the public sector. This suggests that work experience is both crucial for entry into the most elite professions and implies that recruiters are favouring those who have already had experience with their organisation.  The prevalence of unpaid internships has been a widely acknowledged social mobility issue. In 2014, the Sutton Trust found that 31% of university graduates working as interns were doing so for no pay. The Social Mobility Commission found that 63% of cultural and creative, 56% of media-related, and 42% of financial and professional services internships advertised on the Graduate Talent Pool website were unpaid. The Sutton Trust said that the cost of a six month internship in Manchester could set back an intern a minimum of £4,728 (£788 a month), excluding transport costs which are usually paid by the employer.
This inquiry found this trend as being particularly acute in the media. The National Council for the Training of Journalists (NCJT) said that the extensive use of internships, the majority unpaid, as a recruitment mechanism adds to the difficulty of entry into journalism for those who cannot rely on family support. In its written submission, the National Union of Journalists (NUJ) went further and said that ‘unpaid internships have become almost institutionalised in the media’ and inevitably disadvantaged those who are unable to work for free.
In relation to  Qualification bias the Group notes
Top professions favour Russell Group degrees and/ or post-graduate degrees and so are dominated by most affluent groups One of the most common issues the inquiry heard was the practice of leading professions recruiting from a narrow range of elite universities, mostly in the Russell Group, in which people from disadvantaged backgrounds are underrepresented in (see section 2). The Social Mobility Commission has identified that top employers are far more likely to visit universities with a low proportion of students from disadvantaged backgrounds to recruit.  For instance, in 2015, the Law Society found that ‘the type of university attended is one of the most important elements to factor into a person’s chance to receive a job offer from top law firms’.
On top of this, prohibitively expensive post-graduate degrees or professional qualifications are also required to enter many leading professions. This is true in medicine, where costs can continue after graduation for further study. The British Medical Journal has estimated that in England, a doctor can graduate with between £64,000 and £82,000 debt. David Morley from Allen and Overy told the inquiry non-law graduates require two years of law school and his firm provides considerable financial assistance to trainee recruits (eg paying law school fees) including a relatively small number of bursaries to support some students from less advantaged backgrounds with the costs of going to university.
The Law Society estimates that it costs £25,000-£50,000 to qualify as a solicitor,  while the President of the Bar Council said that qualifying as a Barrister may cost up to £127,000. 51 In the media, the NCTJ said there is a requirement for many new journalists to have postgraduate degrees, which are often self-financed, meaning young people frequently need financial support to enter. This is supported by a report by the Reuters Institute for the Study of Journalism, which found that of those journalists who began their careers in 2013, 2014 and 2015, 98% had a bachelor’s degree and 36% a master’s.
Leadership and confidence traits
Employers want recruits to show leadership qualities, yet people from disadvantaged backgrounds lack leaders in their lives as examples to emulate.
There is an entire literature on ‘leadership in  business’ and there is a widely held assumption that leading employers are looking for ‘natural leaders’ and their assumed associated attributes. The Social Mobility Commission has noted how many firms use ‘competency or strengths based frameworks to seek evidence for skills such as leadership and team work’, or to identify ‘aptitudes such as resilience, drive, enthusiasm and adaptability’.  The inquiry heard how leadership characteristics are often associated with confidence. In its submission, Brightside said that the issue of access into leading professions is linked to confidence as well as the educational attainment gap. Dan Jarvis MP, champion of the Speaker’s Parliamentary Placement Scheme that offers paid internships in Parliament to people from disadvantaged backgrounds, provides its beneficiaries with confidence to interact with senior parliamentarians and policymakers, which is important for their later career.  Archie Brixton said the support he received from upReach built his confidence to commence a career in finance.  The link between confidence and career progress has been quantified by the Sutton Trust in a report that analysed the BBC’s ‘Big Personality Test’ to identify the links between personality traits and career earnings. The report found that highly extroverted people – those who were more confident, sociable or assertive – had a 25% higher chance of being in a high-earning job (over £40,000 per year), with the odds being higher for men than women. The report also found that personality and aspirations were found to be strongly affected by social background, showing that people from more advantaged backgrounds (those whose parents had professional jobs) had significantly higher levels of extroversion and very substantially higher economic aspirations.

15 January 2017

Biometrics and US Policing

'Biometric Cyberintelligence and the Posse Comitatus Act' (Washington and Lee Legal Studies Paper No. 2016-14) by Margaret Hu is described as addressing 
the rapid growth of what the military and intelligence community refer to as “biometric-enabled intelligence.” This newly emerging intelligence system is reliant upon biometric databases — for example, digitalized collections of scanned fingerprints and irises, digital photographs for facial recognition technology, and DNA. This Article introduces the term “biometric cyberintelligence” to describe more accurately the manner in which this new tool is dependent upon cybersurveillance and big data’s mass-integrative systems.
To better understand the legal implications of biometric cyberintelligence, this Article advances three primary claims. First, it argues that the technological and programmatic architecture of biometric cyberintelligence can be embedded within the data collection and data analysis protocols of civilian governance and domestic law enforcement activities. Next, to demonstrate the potential lethality of this emerging technological and policy development, this Article illustrates how biometric data may be increasingly integrated into drone weaponry, including targeted killing and drone strike technologies. Finally, this Article argues that the Posse Comitatus Act of 1878, designed to limit the deployment of federal military resources in the service of domestic policies, may be impotent in light of the growth of cybersurveillance.
Maintaining strict separation of data between military and intelligence operations on the one hand, and civilian, homeland security, and domestic law enforcement agencies on the other hand, is increasingly difficult as cooperative data sharing increases. The Posse Comitatus Act and constitutional protections such as the Fourth Amendment’s privacy jurisprudence, therefore, must be reinforced in the digital age in order to appropriately protect citizens from militarized cyberpolicing, i.e., the blending of military/foreign intelligence tools and operations and homeland security/domestic law enforcement tools and operations. The Article concludes that, as of yet, neither statutory nor constitutional protections have evolved sufficiently to cover the unprecedented surveillance harms posed by the migration of biometric cyberintelligence from foreign to domestic use.

The Perpetual Line-Up: Unregulated Police Face Recognition in America comments 

There is a knock on your door. It’s the police. There was a robbery in your neighborhood. They have a suspect in custody and an eyewitness. But they need your help: Will you come down to the station to stand in the line-up? 

Most people would probably answer “no.” This summer, the Government Accountability Office revealed that close to 64 million Americans do not have a say in the matter: 16 states let the FBI use face recognition technology to compare the faces of suspected criminals to their driver’s license and ID photos, creating a virtual line-up of their state residents. In this line-up, it’s not a human that points to the suspect—it’s an algorithm. 

But the FBI is only part of the story. Across the country, state and local police departments are building their own face recognition systems, many of them more advanced than the FBI’s. We know very little about these systems. We don’t know how they impact privacy and civil liberties. We don’t know how they address accuracy problems. And we don’t know how any of these systems—local, state, or federal—affect racial and ethnic minorities. 

This report closes these gaps. The result of a year- long investigation and over 100 records requests to police departments around the country, it is the most comprehensive survey to date of law enforcement face recognition and the risks that it poses to privacy, civil liberties, and civil rights. Combining FBI data with new information we obtained about state and local systems, we find that law enforcement face recognition affects over 117 million American adults. It is also unregulated. A few agencies have instituted meaningful protections to prevent the misuse of the technology. In many more cases, it is out of control. 

One in two American adults is in a law enforcement face recognition network. 

The benefits of face recognition are real. It has been used to catch violent criminals and fugitives. The law enforcement officers who use the technology are men and women of good faith. They do not want to invade our privacy or create a police state. They are simply using every tool available to protect the people that they are sworn to serve. Police use of face recognition is inevitable. This report does not aim to stop it. Rather, this report offers a framework to reason through the very real risks that face recognition creates. It urges Congress and state legislatures to address these risks through commonsense regulation comparable to the Wiretap Act. These reforms must be accompanied by key actions by law enforcement, the National Institute of Standards and Technology (NIST), face recognition companies, and community leaders.

The Report's key findings are as follows, with specific findings for 25 local and state law enforcement agencies in City and State Backgrounders (p. 121). A Face Recognition Scorecard (p. 24) evaluates these agencies’ impact on privacy, civil liberties, civil rights, transparency and accountability. The records underlying all of our conclusions are available online. 

1. Law enforcement face recognition networks include over 117 million American adults—and may soon include many more. Face recognition is neither new nor rare. FBI face recognition searches are more common than federal court-ordered wiretaps. At least one out of four state or local police departments has the option to run face recognition searches through their or another agency’s system. At least 26 states (and potentially as many as 30) allow law enforcement to run or request searches against their databases of driver’s license and ID photos. Roughly one in two American adults has their photos searched this way. 

2. Different uses of face recognition create different risks. This report offers a framework to tell them apart. A face recognition search conducted in the field to verify the identity of someone who has been legally stopped or arrested is different, in principle and effect, than an investigatory search of an ATM photo against a driver’s license database, or continuous, real-time scans of people walking by a surveillance camera. The former is targeted and public. The latter are generalized and invisible. While some agencies, like the San Diego Association of Governments, limit themselves to more targeted use of the technology, others are embracing high and very high risk deployments. 

3. By tapping into driver’s license databases, the FBI is using biometrics in a way it’s never done before. Historically, FBI fingerprint and DNA databases have been primarily or exclusively made up of information from criminal arrests or investigations. By running face recognition searches against 16 states’ driver’s license photo databases, the FBI has built a biometric network that primarily includes law-abiding Americans. This is unprecedented and highly problematic. 

4. Major police departments are exploring real-time face recognition on live surveillance camera video. Real-time face recognition lets police continuously scan the faces of pedestrians walking by a street surveillance camera. It may seem like science fiction. It is real. Contract documents and agency statements show that at least five major police departments—including agencies in Chicago, Dallas, and Los Angeles—either claimed to run real-time face recognition off of street cameras, bought technology that can do so, or expressed an interest in buying it. Nearly all major face recognition companies offer real-time software. 

5. Law enforcement face recognition is unregulated and in many instances out of control. No state has passed a law comprehensively regulating police face recognition. We are not aware of any agency that requires warrants for searches or limits them to serious crimes. This has consequences. The Maricopa County Sheriff ’s Office enrolled all of Honduras’ driver’s licenses and mug shots into its database. The Pinellas County Sheriff ’s Office system runs 8,000 monthly searches on the faces of seven million Florida drivers—without requiring that officers have even a reasonable suspicion before running a search. The county public defender reports that the Sheriff ’s Office has never disclosed the use of face recognition in Brady evidence. 

6. Most law enforcement agencies are not taking adequate steps to protect free speech. There is a real risk that police face recognition will be used to stifle free speech. There is also a history of FBI and police surveillance of civil rights protests. Of the 52 agencies that we found to use (or have used) face recognition, we found only one, the Ohio Bureau of Criminal Investigation, whose face recognition use policy expressly prohibits its officers from using face recognition to track individuals engaging in political, religious, or other protected free speech. 

7. Most law enforcement agencies do little to ensure that their systems are accurate. Face recognition is less accurate than fingerprinting, particularly when used in real-time or on large databases. Yet we found only two agencies, the San Francisco Police Department and the Seattle region’s South Sound 911, that conditioned purchase of the technology on accuracy tests or thresholds. There is a need for testing. One major face recognition company, FaceFirst, publicly advertises a 95% accuracy rate but disclaims liability for failing to meet that threshold in contracts with the San Diego Association of Governments. Unfortunately, independent accuracy tests are voluntary and infrequent. 

8. The human backstop to accuracy is non- standardized and overstated. Companies and police departments largely rely on police officers to decide whether a candidate photo is in fact a match. Yet a recent study showed that, without specialized training, human users make the wrong decision about a match half the time. We found only eight face recognition systems where specialized personnel reviewed and narrowed down potential matches.The training regime for examiners remains a work in progress. 

9. Police face recognition will disproportionately affect African Americans. Many police departments do not realize that. In a Frequently Asked Questions document, the Seattle Police Department says that its face recognition system “does not see race.” Yet an FBI co- authored study suggests that face recognition may be less accurate on black people. Also, due to disproportionately high arrest rates, systems that rely on mug shot databases likely include a disproportionate number of African Americans. Despite these findings, there is no independent testing regime for racially biased error rates. In interviews, two major face recognition companies admitted that they did not run these tests internally, either. Face recognition may be least accurate for those it is most likely to affect: African Americans 

10. Agencies are keeping critical information from the public. Ohio’s face recognition system remained almost entirely unknown to the public for five years. The New York Police Department acknowledges using face recognition; press reports suggest it has an advanced system. Yet NYPD denied our records request entirely.The Los Angeles Police Department has repeatedly announced new face recognition initiatives—including a “smart car” equipped with face recognition and real-time face recognition cameras—yet the agency claimed to have “no records responsive” to our document request. Of 52 agencies, only four (less than 10%) have a publicly available use policy. And only one agency, the San Diego Association of Governments, received legislative approval for its policy. 

11. Major face recognition systems are not audited for misuse. Maryland’s system, which includes the license photos of over two million residents, was launched in 2011. It has never been audited. The Pinellas County Sheriff ’s Office system is almost 15 years old and may be the most frequently used system in the country. When asked if his office audits searches for misuse, Sheriff Bob Gualtieri replied, “No, not really.” Despite assurances to Congress, the FBI has not audited use of its face recognition system, either. Only nine of 52 agencies (17%) indicated that they log and audit their officers’ face recognition searches for improper use. Of those, only one agency, the Michigan State Police, provided documentation showing that their audit regime was actually functional.

The Recommendations are 

1. Congress and state legislatures should pass commonsense laws to regulate law enforcement face recognition. Such laws should require the FBI or the police to have a reasonable suspicion of criminal conduct prior to a face recognition search. After-the-fact investigative searches—which are invisible to the public—should be limited to felonies. Mug shots, not driver’s license and ID photos, should be the default photo databases for face recognition, and they should be periodically scrubbed to eliminate the innocent. Except for identity theft and fraud cases, searches of license and ID photos should require a court order issued upon a showing of probable cause, and should be restricted to serious crimes. If these searches are allowed, the public should be notified at their department of motor vehicles. If deployed pervasively on surveillance video or police-worn body cameras, real-time face recognition will redefine the nature of public spaces. At the moment, it is also inaccurate. Communities should carefully weigh whether to allow real-time face recognition. If they do, it should be used as a last resort to intervene in only life-threatening emergencies. Orders allowing it should require probable cause, specify where continuous scanning will occur, and cap the length of time it may be used. Real-time face recognition will redefine the nature of public spaces. It should be strictly limited. Use of face recognition to track people on the basis of their political or religious beliefs or their race or ethnicity should be banned. All face recognition use should be subject to public reporting and internal audits. To lay the groundwork for future improvements in face recognition, Congress should provide funding to NIST to increase the frequency of accuracy tests, create standardized, independent testing for racially biased error rates, and create photo databases that facilitate such tests. State and federal financial assistance for police face recognition systems should be contingent on public reporting, accuracy and bias tests, legislative approval—and public posting— of a face recognition use policy, and other standards in line with these recommendations. A Model Face Recognition Act (p. 102), for Congress or a state legislature, is included at the end of the report. 

2. The FBI and Department of Justice (DOJ) should make significant reforms to the FBI’s face recognition system. The FBI should refrain from searching driver’s license and ID photos in the absence of express approval for those searches from a state legislature. If it proceeds with those searches, the FBI should restrict them to investigations of serious crimes where FBI officials have probable cause to implicate the search subject. The FBI should periodically scrub its mug shot database to eliminate the innocent, require reasonable suspicion for state searches of that database, and restrict those searches to investigations of felonies. Overall access to the database should be contingent on legislative approval of an agency’s use policy. The FBI should audit all searches for misuse, and test its own face recognition system, and the state systems that the FBI accesses, for accuracy and racially biased error rates. The DOJ Civil Rights Division should evaluate the disparate impact of police face recognition, first in jurisdictions where it has open investigations and then in state and local law enforcement more broadly. DOJ should also develop procurement guidance for state and local agencies purchasing face recognition programs with federal funding The FBI should be transparent about its use of face recognition. It should reverse its current proposal to exempt its face recognition system from key Privacy Act requirements. It should also publicly and annually identify the photo databases it searches and release statistics on the number and nature of searches, arrests, the convictions stemming from those searches, and the crimes that those searches were used to investigate. 

3. Police should not run face recognition searches of license photos without clear legislative approval. Many police departments have run searches of driver’s license and ID photos without express legislative approval. Police should observe a moratorium on those searches until legislatures vote on whether or not to allow them. Police should develop use policies for face recognition, publicly post those policies, and seek approval for them from city councils or other local legislative bodies. City councils should involve their communities in deliberations regarding support for this technology, and consult with privacy, civil rights, and civil liberties organizations in reviewing proposed use policies. When buying software and hardware, police departments should condition purchase on accuracy and bias tests and periodic tests of the systems in operational conditions over the contract period. They should avoid sole source contracts and contracts that disclaim vendor responsibility for accuracy. All agencies should implement audits to prevent and identify misuse and a system of trained face examiners to maximize accuracy. Regardless of their approach to contracting, all agencies should regularly test their systems for accuracy and bias. A Model Police Face Recognition Use Policy (p.116) is included at the end of this report. 

4. The National Institute of Standards and Technology (NIST) should expand the scope and frequency of accuracy tests. NIST should create regular tests for algorithmic bias on the basis of race, gender, and age, increase the frequency of existing accuracy tests, develop tests that mirror law enforcement workflows, and deepen its focus on tests for real-time face recognition. To help empower others to conduct testing, NIST should develop a set of best practices for accuracy tests and develop and distribute new photo datasets to train and evaluate algorithms. To help efforts to diminish racially biased error rates, NIST should ensure that these datasets reflect the diversity of the American population. 

5. Face recognition companies should test their systems for algorithmic bias on the basis of race, gender, and age. Companies should also voluntarily publish performance results for modern, publicly available benchmarks—giving police departments and city councils more bases upon which to draw comparisons. 

6. Community leaders should press for policies and legislation that protect privacy, civil liberties, and civil rights. Citizens are paying for police and FBI face recognition systems. They have a right to know how those systems are being used. If those agencies refuse, advocates should take them to court. Citizens should also press legislators and law enforcement agencies for laws and use policies that protect privacy, civil liberties, and civil rights, and prevent misuse and abuse. Law enforcement and legislatures will not act without concerted community action. This report provides the resources that citizens will need to effect this change. In addition to the City and State Backgrounders and the Face Recognition Scorecard, a list of questions that citizens can ask their elected representative or law enforcement agency is in the Recommendations (p. 70).