Guan

home

Scotland will not be an independent country

19 Sep 2014

The final result is in: with 55.3% of Scots voting no, Scotland will not be an independent country. As someone who supported independence, I am of course sad. Scotland will be worse off politically and worse off economically.

At this point, it is hard to judge whether the result will be interpreted as a mandate for the status quo, or whether Scottish voters relied on the promises made by the major UK parties or the more extensive promises of a written constitution made by Gordon Brown, who has been given an adjournment debate in the House of Commons on October 16. David Cameron has already promised that nothing will happen before the next UK general election in May 2015.

Even before the final result had been declared, we started to see expectations of more devolution scaled back, as we did before polls opened. My own prediction is that a few years from now, Scotland will still be left with fewer political powers than Nova Scotia and fewer fiscal powers than, say, the Danish municipality of Læsø, population 1,808. There will be no written constitution that protects the existence of the Scottish parliament.

But let’s say something like devomax or home rule and a written constitution is actually delivered. The Scottish government would be responsible for most domestic policy and would raise the revenue for that with its own taxes, which could be different from English taxes (though absurdly, Labour appears to want to allow Scotland to have higher, but not lower, tax rates. EU membership means that there are some limits to how fiscally independent Scotland can be; for example there can only be a single VAT rate for all of the UK.) The relationship would be something like Austria–Hungary from 1867 to 1914, which had joint ministers for foreign affairs, defense and defense-related aspects of finance, but nothing else.

This degree of fiscal independence means that Scotland would still have to be economically sustainable on its own. If Scottish taxes pay for Scottish public spending, England would not want to cover Scottish deficits or help Scotland in the event of an economic crisis, which is the kind of risk sharing that pro-union activists see as one of the main economic arguments for rejecting independence. (The author of that piece was against independence, by the way.)

What happens when the oil runs out? That’s something that Scotland will still have to figure out within the UK. And there would be no flexibility on currency arrangements, while even an independent Scotland in a currency union could have eventually abandoned sterling. There’s a reason that David Cameron called increased powers inconsistent with staying in the union in 2012. If the UK political elite keeps its promises, they could create a much larger economic mess than independence would ever have been.

No to independence combined with more devolution means that the West Lothian question may have to be addressed. A separate English parliament could work, but David Cameron seems to want separate votes by English MPs for England-only legislation. This could happen with an English grand committee. It would still be the same UK parliament, so UK governments would need to form majorities in it. After a close election, we could see a UK government that cannot pass legislation for England, or that can pass English laws but not UK-wide ones.

What’s next? The general election for the Scottish parliament is in May 2016. The white paper on devolution is expected in November with draft legislation in January. And I predict another referendum in 2032.

Country size

16 Sep 2014

In a post on Scottish independence, Felix writes:

In terms of economics, bigger is nearly always better. On purely economic terms, Ireland would probably be better off it was part of the UK; Canada would be better off if it were part of the US; in Europe, it would make perfect economic sense for the Netherlands to merge with Luxembourg and Flanders, while Wallonia joined up with France. But no one in any of those countries actually wants those things to happen. These days, countries don’t merge (the reunification of Germany being the main exception): they break apart, like the Soviet Union, or Czechoslovakia, or Yugoslavia. Or, quite possibly, if Scotland becomes independent, Spain.

This lead to some discussion on Twitter. I pulled data from the Penn World Table and plotted GDP per capita in 2010 (the last year for which data is available) against a country’s population.

The relationship between country size and GDP per capita is not statistically significant, with a p-value of 0.34. This correlation doesn’t tell us that much: as Evan Jenkins points out, the fact that a small country is rich may help it stay independent. The point estimate is slightly negative because of a few rich small countries, mostly in Northern Europe, and a few large poor countries in Asia.

This is not exactly Felix’s point, however: he is making claims about specific counterfactuals. Ireland is doing quite well outside the UK now, but his claim is that they would be even better off if they were part of the UK. He later brought up the fact that Hong Kong has done quite well as part of China.

There are actually two types of counterfactuals we could set up. It’s almost certain that Hong Kong would not have be richer than it is today if the city had been part of China since 1949. It is very plausible that they would have been no better off if they had not joined China in 1997. Similarly, you could either ask if Ireland should have always stayed part of the UK, or if Ireland should join the UK now, and you might get different answers. It’s clear that Ireland has done very well as an independent country, and we have a nice control group for that.

How might it help if a country is larger? At very small sizes, there are immediate economies of scale. A country needs a central government (but large countries may need larger governments at lower tiers), laws, a supreme court, a UN mission, a network of embassies, a country code top level domain, etc. The World Bank sets the threshold for a “small state” at 1.5 million people.

Beyond that viability threshold, a large country can benefit from larger markets, a single language or at least a lingua franca, and tighter integration through both labor mobility and fiscal transfers which can help with shocks: if one region is experiencing a negative economic shock, for example an agricultural region experiencing a drought or a regional natural disaster, then the other regions will help. Workers can also move from poor regions to rich regions.

Larger countries may be better able to help its less fortunate citizens or regions, but they may also be less willing to due to lower political cohesion and dimished solidarity. If transfers to a particular region continue indefinitely, for whatever reason, that can in itself create new political tensions or make existing ones worse. That is particularly true for political tensions created by the fact that the state is an amalgamation of existing countries. You may be willing to indefinitely subsidize an area that feels like part of the same country—all countries do that—but will you be willing to subsidize an area that feels like a different country?

Indefinite transfers to a region can also reduce the pressure for structural reforms when they are necessary. Since a region of a country will usually not have its own currency, you cannot make adjustments through the exchange rate.

Large countries also tend to have hard to resolve tensions between the central government and the regions. You can let regional governments have a great deal of autonomy, and taxing and borrowing power (tiny Denmark lets its 98 municipalities tax income and borrow), but then you need to keep them in check and you could end up with the same difficulties with debt and potential bailouts that a currency union brings. If you centralize everything, like in Britain and particularly England, you get other problems.

Some, but not all, of the economic benefits of large countries can be realized through trade agreements and tighter regional cooperation such as NAFTA and the European Union.

My quick takes on some plausible reconfigurations of countries:

  1. Would Ireland be better off in the UK? No.
  2. Is the Mezzogiorno better off in Italy? It’s poorer than Greece! Probably not.
  3. Is Hong Kong better off in China? Yes.
  4. Would the Nordic countries be better off as a single country? No, it’s a wash. They’re rich and integrated enough.
  5. Would the Baltic countries be better off as a single country? Yes.
  6. Would Portugal be better off in Spain? Yes.
  7. Would Singapore be better off in Malaysia? No.

Should Scotland be an independent country?

06 Sep 2014

“Between 7am and 10pm on the 18th of September,” SNP politician Jim Sillars told Scots, “we are totally sovereign. We have power in our hands for the first time in our history. Whether at one minute past 10 we remain sovereign and powerful or whether at one minute past 10 we’ve given it all away once again and we’re powerless, that’s the key question.”

It is a question I have been obsessing over for months, though I know next to nothing about Scotland. With the latest polls it seems the rest of the Internet has caught up. The referendum has been set up through a law passed by the Scottish parliament in 2013, following what is known as a Schedule 5 order. In addition to creating 28 new crimes, the law commits the further crime of suggesting that ballots be set in Arial. (If I were a Scottish voter who lives in an area with such a ballot, I would probably vote no.)

If a majority of Scots—and EU/Commonwealth citizens resident in Scotland—vote yes, then on 19th of September… well, officially, nothing happens. There is no immediate legal effect. There is only the symbolic effect is that a “yes” vote will be seen as the Scottish people expressing their clear desire for self-determination.

The supreme court of Canada ruled in 1998 that there is no right of unilateral secession in that country. The same is likely for Great Britain. The court also found that if the people of a province clearly expresses their desire to separate, then the government of Canada has to negotiate the terms in good faith. The British government will have to do the same.

In 2000 Canada asserted the right to decide whether a referendum question is sufficiently clear to express the desire to separate from Canada (something that can’t be said for the 1995 one), and to decide after the vote whether the majority was sufficiently large, suggesting that more than just 50% may be required. The UK did not do that for the Scottish referendum. It sure looks like a majority of one is all that is required.

This means that none of the details are settled today and everything you hear from either side is a campaigning and negotiating stance. It’s not great to have to vote on something without knowing exactly what you are voting for. The alternative, to pre-negotiate all the terms, is unworkable, because the British government has already demonstrated a willingness to be excessively inflexible in the hopes that Scots will vote no. In fact they would not be willing to negotiate at all.

Scots overwhelmingly elected the SNP to govern them and to negotiate independence on their behalf, and they will have to trust them to do it well. It’s not that the details of the terms of independence are not important and would be nice to know in advance, but barring exceptionally punitive terms, most of the effects can be changed by a sovereign Scotland in the long run. The binary question of independence is still most important. The whole point of independence is that you get to do whatever you want.

Should Scots vote yes? Yes. The reasons I, as an outsider, think so can be easily discounted. If you are interested, you could do worse than read two outsiders, Jon Worth and Matt Yglesias, on this issue. The key question is the one Jon states: Will Scotland be better governed from Edinburgh or London? Catherine Butler takes that question at face value and proposes moving the union capital to Glasgow to save the United Kingdom. Which is so crazy it just might work, but is unlikely at this stage.

Britain is weird. Every background article on Scottish independence will mention the bribes of 1706-7, empire (though Scots were complicit in that and worse), the perfidy of 1979, Maggie Thatcher and the poll tax. Even apart from how Scotland has been treated, Great Britain is financially one of the most centralized governments in Europe. Maybe the union could have been saved with more devolution and even federalism, much sooner, but it may be too late for that now. Britain has nuclear weapons and thinks of itself as a superpower. Britain is undemocratic: Alex Salmond likes to complain that for most of his life his country has been ruled by people he didn’t vote for; Brits can say the same thing. Britain is horrible.

Jon Worth quotes Paul Henri Spaak saying, “in Europe there are only small countries left. Those that know they are small, and those that do not know it yet.” (Is France an exception?) As Adam Ramsay argues, if Scotland becomes an independent country, it will be free to be a normal, small, northern european country. Being from such a country, one which even has insane, self-destructive currency arrangements, as an independent Scotland is likely to have initially, I know that such an entity can be viable and successful. SNP has a neoliberal streak, so it will fit right in with other dominant parties in the nordic countries, another one of which also has abysmal monetary policy. The party wants to increase public spending and preserve the post-war British welfare state. Its tuition-free universities exist alongside great inequality and gated communities in Aberdeen.

Alex Salmond says he wants a currency union with the rest of the UK. I’ve argued in the past that that was just a ploy to get out of its share of the UK’s debt; I was at least one-third kidding, but it seems that James Mirrlees takes that idea seriously. 18 other European countries, including one in the British Isles, have joined a currency union, with varying degrees of success. It was a bad idea, but with few exceptions, those countries still exist and should still be considered some of most successful in human history. None of them would prefer to be part of Great Britain. Having a stupid currency regime will simply put Scotland in the shoes of a majority of the EU it wants to remain part of.

Scotland has a huge banking sector compared to the size of its economy. If there is another financial crisis, the Scottish government may not be able to bail it out. A lot of banks will move to London before independence, which would be good. If they don’t, well, Iceland was in a very similar situation, and that was disastrous, but they’re still around and annoying us with their volcanoes, and GDP per capita similar to Scotland’s. Also, read this by Simon Nixon. He has nothing but contempt for the Scots, but his conclusion seems to be that in the event of a true disaster the UK may have to bail out Scotland anyway, just as they contributed to the Irish bailout in 2010.

When analyzing the British fiscal union, we also have to look at the likely alternatives to independence. It seems almost certain that some sort of devomax will be on the table. If Scotland has control over most taxes and spending, how inclined will the British government be to bail out Scotland—or subsidize it in any way—without extremely punitive measures? With devomax, the fiscal union is hollowed out too. (Or maybe devomax is an empty promise. That really makes you trust the English. “The core of Britain is England,” Churchill said in 1943. “There is the source of the recurring pestilence.” (I may have doctored that quotation.))

If Salmond does manage to negotiate a currency union, there will be strings attached. There is a weird tendency to suggest that the fiscal restrictions imposed would negate independence completely. If Westminster decides to allow a currency union on terms that are unacceptable, he may yet reject them; this is part of the negotiating process. I have no idea if Salmond is a master negotiator, but he has been freely chosen for the job.

Scotland in a sterling zone would certainly be less than fully independent. That is also true of Scotland in the European Union, and the EU is one of the most important reasons why an “independent” country the size of Scotland would even be viable in this day and age. Every EU country is subject to similar fiscal restrictions. None of those countries would give up their independence. And currency arrangements can be changed (easier in the sterling zone than the eurozone).

There’s some suggestion that EU membership on independence day is impossible. Again, that’s a negotiating stance. It’s inconceivable that 5 million EU citizens would be involuntarily stripped of their rights as union citizens; countries have left the EU before, always voluntarily. They will have to negotiate a sui generis solution. My own take is that Scotland will be an EU member on independence day, but there’s no way that happens by March 2016.

Some critics also argue that there will be no negotiation at all, that the rump of the UK can just dictate whatever terms it wants. The implication is that maybe Scotland will get zero North Sea oil revenues, and that Alex Salmond will not be able to get any of his demands met. These people are nuts. Mute, unfollow, block and report as spam.

Finally, there is the offensive notion that the people of England should get to vote on Scottish independence too before it goes forward, and that the referendum is illegitimate because David Cameron felt politically pressured to allow it because of Scottish nationalism. No Englishman should ever get to vote in a referendum on any question, no matter how important: he should lie in the bed he has made. Such a referendum would also render completely impossible the possibility of peaceful exercise of the right to self-determination.

Among the truly important unresolved questions are the national anthem of an independent Scotland. The consensus on Twitter seems to be that it has to be either this, this, this or this. I don’t see how anyone could vote without a resolution to this issue. We also need to know the name of the rump UK. My suggestion is simply “The United Kingdom.”

Yo SCYOTLAND to get a yo when Scotland votes for independence.

Scotland’s draft interim constitution. Robert Kuttner on Scotland. How many states will Europe split into? More on Scottish independence after the financial crisis; Scotland attempted a federal union with England in 1705-7. This is a detailed take on Scotland’s EU membership, but it loses credibility when it suggests Brexit is a remote possibility. BBC snowfalls the referendum. An even nuttier proposal for Scotland’s currency. John Swinney is calm. Gordon Brown says independent Scotland will have “neo-colonial” ties with UK. Scotland’s main export. War? Could Scotland join the Nordic Council? A monetary history lesson. What happens to the national lottery? Tactical kilt.

Scotland will probably miss the Rio Olympics because they will not be able to get their national olympic committee set up in time. Athletes who qualify may be able to compete as independent Olympic athletes, as happened after South Sudan was established and the Netherlands Antilles dissolved. The next Winter Olympics are in 2018, and the Scottish curling team should be able to participate then.

Should Scotland be an independent kintra? Result nae yet kent.

iCloud security

01 Sep 2014

There are rumors that the recent leak of nude photos of Jennifer Lawrence was due to either iCloud accounts or the iCloud service itself being compromised. We don’t have many details yet, let alone hard-ish evidence of what actually happened. We can speculate, though, and we can also think about how better to protect ourselves.

It’s possible that the attackers somehow obtained her password, or obtained access to her iCloud account. If she used iCloud Backup, that would then allow the attacker to restore all the contents of her phone onto one of their devices. An iCloud Backup includes app data, text messages and iMessage data (which is otherwise much better protected). The photos may have been attached to iMessages, which would be restored, or they might have been in her Photo Stream if they were among the last 1,000 photos she took.

Securing an iCloud account itself is easy these days: you should set up two-step verification. This requires either a code sent through text message or an existing iOS device to log in to your iCloud account.

But what if someone hacked into Apple’s systems, or compromised an Apple employee, or forced Apple to cooperate with them through legal process? What data could Apple reveal, willingly or unwillingly, without your iCloud password? (In the following, I’ll assume that Apple’s systems all work as designed. In reality they may well have unknown security holes.)

The two key documents to read to understand this are the iOS Security document from February 2014 and Apple’s Legal Process Guidelines for law enforcement. The latter is interesting because if Apple can provide something as a result of legal process, they can also provide it in response to extra-legal process, so to speak. (The converse is not necessarily true.)

End-to-end encryption

End-to-end encryption refers to a security model where data is protected all the way from the end producer to the end consumer.

For example, Dropbox data is not end-to-end encrypted: it’s encrypted between you and Dropbox, and it’s encrypted as it’s stored on Dropbox, but Dropbox has access to the data. (The encryption applied by Dropbox protects against scenarios where someone steals a hard drive from Dropbox, but receives no further cooperation from them.)

A lot of email these days is encrypted in transit and when you access it through webmail or encrypted IMAP, but the email provider still has access to the contents.

iMessage

iMessages are protected in transit with end-to-end encryption. This means that nobody, not even Apple, can intercept them. Only your devices can ever read them.

There is a potential vulnerability: how does iMessage decide which are “your devices”? That happens through a Public Key Infrastructure, which is a database at Apple that keeps track of the encryption keys associated with your devices. If an attacker can maliciously add a new key to that database, then any future messages you send may be read by the attacker.

As the system is currently designed, you will receive a warning on your devices when this happens. Apple’s documents imply that they will not add a key to their iMessage PKI in response to legal process, or modify their systems to remove that warning.

Your iMessage data is also part of each device’s backups, either a backup through iTunes or as part of iCloud Backup.

iCloud Backup

Don’t use iCloud Backup if you are worried about security. Instead, get enough disk space to do iTunes backups that you control yourself:

[iTunes backup]

Each file is encrypted with a key, that is encrypted with an asymmetric (Curve25519) key for each data protection class (page 23). Those keys are placed in the iCloud Backup keybag. The keybag is then protected with a random key, which is also stored with the backup set in the iCloud account.

All this means that Apple, or someone who has compromised Apple through legal or extra-legal process, can always access the contents of your iCloud Backup. Unless, of course, those contents are further protected.

(If you decide to use iTunes backups, make sure that the hard drive of the Mac or PC where you store those backups is itself encrypted. On a Mac, use FileVault 2. If your iOS device contains something important that you don’t want to lose, then make sure you have a backup of the backup, in case you lose both the iOS device and your Mac. In this day and age, you are the jerk if you don’t have a backup and lose important things.)

iCloud Keychain

iCloud Keychain is useful. I use it. Changes to iCloud Keychain are synced among your iOS and OS X devices. This syncing, which happens within what Apple calls a “circle of trust,” is end-to-end encrypted, and when a new device wants to join the circle, an existing device has to approve it.

There is a separate mechanism called keychain recovery for situations where you lose all your devices. This is on if you have enabled “Allow approving with security code”. If you do that, you should use a random security code:

[iCloud security code]

Apple also goes to great lengths to ensure that not just anyone can get the encrypted version of your keychain (page 25). The keychain is not part of the regular iCloud Backup.

Data on the device

What if the attacker has physical access to your device? What can they do?

Assuming your device is passcode locked (and it should be, with a strong password and not a 4-digit one), it depends on the data. Text messages, photos, videos and contacts can be recovered, because Apple will do that in response to legal process. The Mail app implements Complete Protection, which means that emails and attachments are not accessible as soon as you lock the device.

Some files are protected when the device is locked, unless they are open when you lock it.

Some files are only protected until first user authentication, which means that they cannot be recovered from a device that has been powered off. They can be recovered if you have entered your passcode once after powering on. Most app data is in this category. This still provides a lot of protection if your device is locked because the attacker may need to reboot your device.

Finally, some files are not strongly protected at all. Apps themselves would be in this category.

Page 12 of the iOS Security document has a list of how various keychain items are protected. Only Safari passwords and your home sharing password are in the category that is protected when locked.

If you have a weak passcode, or even a 4-digit one, Apple can always decrypt everything on your device because they can circumvent the feature that limits you to 10 incorrect password attempts.

Compromising your Apple ID

What can an attacker use to gain access to your iCloud account, if they don’t know the password and can’t use two-step verification? The biggest risk is that Apple has a phone number, 1-800-275-2273. (Please don’t tell anyone.) Whatever Apple’s procedures are or may be in the future, there is a human on that line, and that human has the power to give anyone access to your account.

The solution is to ban phone calls. Phone calls are a dangerous vector for social engineering and will compromise almost any security system. Don’t allow them in your organization, don’t call anyone, and don’t accept incoming phone calls.

I would require users who have lost their Apple ID password to go to an Apple store physically and present identification.

Capital shares

15 Jul 2014

Squarely Rooted wrote too much about “Capital in the Twenty-First Century”. I wrote the following comment to a section on how returns on capital is likely to decrease as you have more capital:

I like to think about what very low returns imply about the capital income share. Piketty hints that in the years before the French Revolution, capital’s share may have approached half of national income, and implies that this was an important economic cause of the revolution. I think that a very low capital share isn’t politically sustainable either: capitalists will revolt (Go Galt?).

In most countries, labor’s share of national income is between 60% and 70%. I think it’s widely understood, though rarely explicitly stated, that a labor share too far below 60% is politically unsustainable. Piketty cites Robert Allen for a British capital share of around 45–50% of national income in the middle of the nineteenth century, when Karl Marx wrote The Communist Manifesto.

My point in the comment is that whatever mechanism keeps the labor share over 50% can also work in the opposite direction. That is especially true in a world where the wealthy hold a lot of political power, which Piketty thinks is true with higher wealth/income ratios.

The capital share of income, which Piketty calls α, is equal to the rate of return times the wealth-to-income ratio. In an economy where wealth amounts to 6 years of national income, a return to capital of 3% means that capital only receives 18% of national income. That may be what you get from a neoclassical model, but it is politically unsustainable. When you have the political power that comes with possessing 6 years of national income, you will not be satisfied with only 18% of national income. You’ll want more.

At least that’s how I understand Piketty and Brad DeLong’s interpretation of Piketty, and particularly his Belle Époque equilibrium, with 4.2% return, wealth of 11 years of national income, and a capital share of 47%.