Category Archives: Administrative Law

“Textual Tensions in the Vesting Thesis”

Posted on October 28, 2024 by Michael Froomkin

Looks familiar somehow

Some guy named David B. Froomkin has a nice piece up at the Regulatory Review arguing that the Constitution’s Vesting Clause is not a broad grant of presidential power. It begins:

The Vesting thesis is back in the news.

Aditya Bamzai and Saikrishna Prakash recently published an article in which they returned to their exchange with Andrea Katz and Noah Rosenblum last year in the Harvard Law Review about the President’s power to remove executive officials from office. The debate centers on the Vesting Clause in Article II of the U.S. Constitution, which states that “the executive Power shall be vested in a President of the United States of America.” The debate is primarily a historical one about which sources to rely on and how to interpret them in reconstructing Founding-era understandings of the meaning of “executive power.”

It is worth taking a step back from the historical discussion to appreciate the debate’s premises about how one ought to read the Constitution’s text.

Read the rest of Textual Tensions in the Vesting Thesis.

Posted in Administrative Law, Law: Constitutional Law | Leave a comment

Faculti Video on ‘Safety as Privacy’ Posted

Posted on November 9, 2022 by Michael Froomkin

An outfit called Faculti, which presents as a sort of (anti?-)TED talk for nerdier, more detail-oriented people, recently did an interview with me about Safety as Privacy, a paper (co-authored with Phillip Arencibia & P. Zak Colangelo-Trenner), that should be published soon in the Arizona Law Journal. There’s a near-final version of Safety as Privacy at SSRN.

Faculti published the video interview and you are invited to enjoy it. I probably won’t: I don’t much like to listen to myself, much less watch myself, and I can’t shake the idea that I have an ideal face for radio. But the questions they set me in advance were substantive, and I hope the answers were too.

Here’s the paper’s abstract:

New technologies, such as internet-connected home devices we have come to call the Internet of Things (IoT), connected cars, sensors, drones, internet-connected medical devices, and workplace monitoring of every sort, create privacy gaps that can cause danger to people. In prior work [New technologies, such as internet-connected home devices we have come to call the Internet of Things (IoT), connected cars, sensors, drones, internet-connected medical devices, and workplace monitoring of every sort, create privacy gaps that can cause danger to people. In prior work 1, two of us sought to emphasize the deep connection between privacy and safety to lay a foundation for arguing that U.S. administrative agencies with a safety mission can and should make privacy protection one of their goals. This Article builds on that foundation with a detailed look at the safety missions of several agencies. In each case, we argue that the agency has the discretion, if not necessarily the duty, to demand enhanced privacy practices from those within its jurisdiction, and that the agency should make use of that discretion.

Armed with the understanding that privacy is or causes safety, several U.S. agencies tasked with protecting safety could achieve substantial gains to personal privacy under their existing statutory authority. Examples of agencies with untapped potential include the Federal Trade Commission (“FTC”), the Consumer Product Safety Commission (“CPSC”), the Food and Drug Administration (“FDA”), the National Highway Traffic Safety Administration (“NHTSA”), the Federal Aviation Administration (“FAA”), and the Occupational Safety and Health Administration (“OSHA”). Five of these agencies have an explicit duty to protect the public against threats to safety (or against risk of injury) and thus—as we have argued previously—should protect the public’s privacy when the absence of privacy can create a danger. The FTC’s general authority to fight unfair practices in commerce enables it to regulate commercial practices threatening consumer privacy. The FAA’s duty to ensure air safety could extend beyond airworthiness to regulating spying via drones.

The CPSC’s authority to protect against unsafe products authorizes it to regulate products putting consumers’ physical and financial privacy at risk, thus sweeping in many products associated with the IoT. NHTSA’s authority to regulate dangerous practices on the road encompasses authority to require smart car manufacturers to include precautions protecting drivers from misuses of connected car data due to the carmaker’s intention and due to security lapses caused by its inattention. Lastly, OSHA’s authority to require safe work environments encompasses protecting workers from privacy risks that threaten their physical and financial safety on the job.

Arguably, an omnibus federal statute regulating data privacy would be preferable to doubling down on the United States’s notoriously sectoral approach to privacy regulation. Here, however, we say only that until the political stars align for some future omnibus proposal, there is value in exploring methods that are within our current means. It may be only second best, but it is also much easier to implement. Thus, we offer reasonable legal constructions of certain extant federal statutes that would justify more extensive privacy regulation in the name of providing enhanced safety, a regime that we argue would be a substantial improvement over the status quo yet not require any new legislation, just a better understanding of certain agencies’ current powers and authorities. Agencies with suitably capacious safety missions should take the opportunity to regulate to protect relevant aspects of personal privacy without delay.

  1. A. Michael Froomkin & Zak Colangelo, Privacy as Safety, 95 Wash. L. Rev. 141 (2020).[]
Posted in Administrative Law, Law: Privacy, Talks & Conferences | Comments Off on Faculti Video on ‘Safety as Privacy’ Posted

Just Uploaded–Big Data: Destroyer of Informed Consent (Final Text)

Posted on November 4, 2019 by Michael Froomkin

I’ve just uploaded the final text of Big Data: Destroyer of Informed Consent which is due to appear Real Soon Now in a special joint issue of the Yale Journal of Health Policy, Law, and Ethics and the Yale Journal of Law and Technology. This pre-publication version has everything the final version will have except the correct page numbers. Here’s the abstract:

The ‘Revised Common Rule’ took effect on January 21, 2019, marking the first change since 2005 to the federal regulation that governs human subjects research conducted with federal support or in federally supported institutions. The Common Rule had required informed consent before researchers could collect and use identifiable personal health information. While informed consent is far from perfect, it is and was the gold standard for data collection and use policies; the standard in the old Common Rule served an important function as the exemplar for data collection in other contexts.

Unfortunately, true informed consent seems incompatible with modern analytics and ‘Big Data’. Modern analytics hold out the promise of finding unexpected correlations in data; it follows that neither the researcher nor the subject may know what the data collected will be used to discover. In such cases, traditional informed consent in which the researcher fully and carefully explains study goals to subjects is inherently impossible. In response, the Revised Common Rule introduces a new, and less onerous, form of “broad consent” in which human subjects agree to as varied forms of data use and re-use as researchers’ lawyers can squeeze into a consent form. Broad consent paves the way for using identifiable personal health information in modern analytics. But these gains for users of modern analytics come with side-effects, not least a substantial lowering of the aspirational ceiling for other types of information collection, such as in commercial genomic testing.

Continuing improvements in data science also cause a related problem, in that data thought by experimenters to have been de-identified (and thus subject to more relaxed rules about use and re-use) sometimes proves to be re-identifiable after all. The Revised Common Rule fails to take due account of real re-identification risks, especially when DNA is collected. In particular, the Revised Common Rule contemplates storage and re-use of so-called de-identified biospecimens even though these contain DNA that might be re-identifiable with current or foreseeable technology.

Defenders of these aspects of the Revised Common Rule argue that ‘data saves lives.’ But even if that claim is as applicable as its proponents assert, the effects of the Revised Common Rule will not be limited to publicly funded health sciences, and its effects will be harmful elsewhere.

An earlier version, presented at the Yale symposium which the conference volume memorializes, engendered significant controversy — the polite form of howls of rage in a few cases — from medical professionals looking forward to working with Big Data. Since even the longer final version is shorter, and if only for that reason clearer, than much of what I write I wouldn’t be surprised if the final version causes some fuss too.

Posted in Administrative Law, AI, Science/Medicine, Writings | Comments Off on Just Uploaded–Big Data: Destroyer of Informed Consent (Final Text)

Your AG Scorecard

Posted on January 30, 2017 by Michael Froomkin

Trump fired Acting Attorney General Sally Yates this evening–as the President has the right to do–and issued a statement:

The acting Attorney General, Sally Yates, has betrayed the Department of Justice by refusing to enforce a legal order designed to protect the citizens of the United States. This order was approved as to form and legality by the Department of Justice Office of Legal Counsel.

Ms. Yates is an Obama Administration appointee who is weak on borders and very weak on illegal immigration.

It is time to get serious about protecting our country. Calling for tougher vetting for individuals travelling from seven dangerous places is not extreme. It is reasonable and necessary to protect our country.

Tonight, President Trump relieved Ms. Yates of her duties and subsequently named Dana Boente, U.S. Attorney for the Eastern District of Virginia, to serve as Acting Attorney General until Senator Jeff Sessions is finally confirmed by the Senate, where he is being wrongly held up by Democrat senators for strictly political reasons.

“I am honored to serve President Trump in this role until Senator Sessions is confirmed. I will defend and enforce the laws of our country to ensure that our people and our nation are protected,” said Dana Boente, Acting Attorney General.

In appointing Dana Boente, Trump exercised authority under the Federal Vacancies Act Reform Act of 1998, 5 U.S.C. 3345. In so doing, he (quite legally) bypassed the default line of succession otherwise provided for in Executive Order 13762 (Jan. 13, 2017) signed by President Obama, which had the next three people eligible to be acting AG as (a) United States Attorney for the District of Columbia; (b) United States Attorney for the Northern District of Illinois; and (c) United States Attorney for the Central District of California.

Yates had angered Trump by instructing Justice Department lawyers not to defend his executive order banning travel for people from seven Muslim-majority countries. Various parts of the order have already been enjoined by district courts around the country. Presumably the Trump people shopped for someone willing to overturn Sally Yates’s order, and found one: New acting attorney general says he will enforce order.

Dana Boene was sworn in this evening in order to ensure that there would be someone with legal authority to sign foreign surveillance warrants.

[edited shortly after publication for clarity]

Update1: Spencer Ackerman says it is unclear if the new acting attorney general can sign national security surveillance requests.

Update2: Josh Blackman makes two interesting points. First, one might theoretically question whether firing is a qualifying reason under the Vacancies Act that the incumbent is “otherwise unable to perform the functions and duties of the office” and, more significantly, (2) this action might have precedential value if and when Trump fires and replaces Richard Cordray.

Posted in Administrative Law, Immigration, Trump | Comments Off on Your AG Scorecard

Incompetence

Posted on January 30, 2017 by Michael Froomkin

Today’s Presidential Executive Order on Reducing Regulation and Controlling Regulatory Costs is the sort of dumb thing we law profs write up for final exams.

Here are key bits:

[Sec 2.] (a) Unless prohibited by law, whenever an executive department or agency (agency) publicly proposes for notice and comment or otherwise promulgates a new regulation, it shall identify at least two existing regulations to be repealed.

(b) For fiscal year 2017, which is in progress, the heads of all agencies are directed that the total incremental cost of all new regulations, including repealed regulations, to be finalized this year shall be no greater than zero, unless otherwise required by law or consistent with advice provided in writing by the Director of the Office of Management and Budget (Director).

(c) In furtherance of the requirement of subsection (a) of this section, any new incremental costs associated with new regulations shall, to the extent permitted by law, be offset by the elimination of existing costs associated with at least two prior regulations. Any agency eliminating existing costs associated with prior regulations under this subsection shall do so in accordance with the Administrative Procedure Act and other applicable law.

[Sec. 3] (c) Unless otherwise required by law, no regulation shall be issued by an agency if it was not included on the most recent version or update of the published Unified Regulatory Agenda as required under Executive Order 12866, as amended, or any successor order, unless the issuance of such regulation was approved in advance in writing by the Director.

Sec. 4. Definition. For purposes of this order the term “regulation” or “rule” means an agency statement of general or particular applicability and future effect designed to implement, interpret, or prescribe law or policy or to describe the procedure or practice requirements of an agency, but does not include:

(a) regulations issued with respect to a military, national security, or foreign affairs function of the United States;

(b) regulations related to agency organization, management, or personnel; or

(c) any other category of regulations exempted by the Director.

Spot the issues. (Hints: “Unless prohibited by law” “Unless otherwise required by law”, “Regulation’)

Posted in Administrative Law, Trump | Comments Off on Incompetence

A ‘Reform’ Much Worse than the Problem

Posted on November 7, 2011 by Michael Froomkin

I’ve signed a law professors’ letter opposing HR 3010, the so-called “Regulatory Accountability Act of 2011.” Even by DC standards, this bill is unusually bad. The following summary, from Regulatory reform good for multinationals, yet bad for you, isn’t actually as alarmist as it sounds:

However, a thorough reading of the RAA leads to three conclusions. First, the bill will likely to dramatically drive up the cost of almost every rule-making process and budget of a federal agency. Second, federally elected officials will be stripped of their ability to responsibly lead our country. And third, the RAA is a highway to never-ending lawsuits by special interests against the federal government.

The RAA is designed to micromanage every federal agency in its efforts to create rules necessary to carry out legislation passed by Congress.

By doing so, it turns over 60 years of effective regulation promulgation under the Administration Procedures Act into a protracted process that will stretch the time needed for rule-making into decades. Federal agency budgets will need to be expanded by hundreds of billions of dollars to comply with the RAA and perform their usual functions of protecting the public and small businesses from unsafe products and practices.

… the legislation is a corporate lobbyist dream. It appears to have been written by corporate attorneys for corporate attorneys

Posted in Administrative Law | Comments Off on A ‘Reform’ Much Worse than the Problem