Immersed in the Real World The yearlong Applied Policy Project puts MPP candidates on the front lines to grapple with issues close to home and far afield

By Mary Braswell

It’s a year’s worth of exacting work, whittled down to a 20-minute talk.

And for some, it’s over in a flash.

“We were all talking about it afterward. ‘That was 20 minutes? It felt like five minutes!’ ” Ramandeep Kaur said of her team’s Applied Policy Project presentation, a rite of passage for all Luskin School MPP candidates.

Kaur’s team was one of 13 to stand before a packed lecture hall over three evenings in May. Each succinctly presented a policy issue, reviewed their research, made a case for the wisest course of action — then fielded a barrage of questions from their peers and professors. They also produced polished reports laying out their findings in detail.

In short, they were using skills each will need as they leave UCLA Luskin and put their master’s degrees to work.

“These Applied Policy Projects are extremely beneficial to our MPP students as they are an opportunity to put all of their policy analysis skills to work in a real-world setting,” Public Policy Vice Chair Manisha Shah said.

“In their first year, students learn so many of the tools necessary to do policy analysis, and then in their second year, they get to implement these tools in the APP,” Shah said. “The final product is an important piece of policy analysis on topics ranging from health to housing to the environment to social justice issues … and the list goes on.”

This year’s APP teams conducted rigorous research on issues near and far — from the drinkability of Los Angeles tap water to human rights abuses in Europe.

Some of the teams formed a year in advance, as students with similar interests and complementary skill sets banded together. Knowing they would work on the APP during their entire second year, they chose topics close to their hearts.

“I knew I wanted to do a project I was passionate about, a project that had an advocacy lens on it,” Kaur said.

Teammate Annia Yoshizumi had worked with the UCLA Luskin-based Center for Neighborhood Knowledge (CNK) and suggested pursuing a project on housing. Allan Nguyen and Xiaoyue Zheng brought strong data analysis skills to the team, Kaur said.

Their research on the impact of drastic rent increases in unincorporated L.A. County benefited two clients, CNK and the Los Angeles Center for Community Law and Action.

“For me personally, I did grow up in L.A., and my parents did live in a rent-controlled apartment, and they were able to then save a lot of money and purchase a house,” Kaur said. “But that’s not an opportunity that many people have. So how do you tell that story so that people understand?”

Another team focused on preserving undocumented patients’ access to healthcare in a time of anti-immigrant rhetoric. Two of the team’s members are earning concurrent MPP and M.D. degrees through UCLA’s Prime Program, including Joe Torres, who was undocumented himself until he became a U.S. citizen in 2016.

Working with Venice Family Clinic, which has provided medical care to vulnerable populations in West Los Angeles for nearly 50 years, the team paired data analysis with extensive surveys in English and Spanish. Among the findings: In the wake of the 2016 presidential election, 64 percent reported more fear or anxiety about ICE raids specifically at clinics, and 39 percent felt less safe taking their U.S. citizen children to the doctor.

To maintain the trust of its patients, Venice Family Clinic should step up the security of its patient records and forge partnerships with legal advocates in the community, the team recommended.

This year’s APP clients were a diverse lot, including the Partnership for L.A. Schools, the Clean Power Alliance, the European Implementation Network, an administrative judge for the Equal Employment and Opportunity Commission and several local government entities.

One team that shared an interest in international development took on the World Bank as a client. Their focus was assessing financial incentives for hospitals in the Kyrgyz Republic to improve infant and maternal mortality rates.

Key to the project were interviews conducted with agencies on the ground, team member Tanya Honey said.

“That’s the thing I love to do — I love doing outreach,” said Honey, who spent hours on international calls with the World Health Organization, United Nations and USAID. She credits faculty advisor Wes Yin with pushing the team to use these conversations with experts to provide context to their data.

“I think that was extremely valuable to our project,” Honey said, adding, “I’ve never heard so many Russian accents!” With a bachelor’s degree in linguistics, Honey speaks Spanish, French, Italian, Chinese, Hindu and English, but “not Russian — yet.”

To prepare for their APP presentation, Honey’s team recruited students from the Luskin School’s third-floor Commons to serve as a mock audience.

“We were definitely a little bit nervous,” she said, but fortunately her team had substantial experience in public speaking. Teammate Parshan Khosravi is an officer and advocate with the Graduate Students Association, and others have taught classes as teacher’s aides or presented papers at symposiums.

Another APP tradition also helped calm nerves: dressing like you mean business. “I actually feel more confident when I dress up,” Honey said.

Following each APP presentation is a question and answer period that can be daunting. While everyone in the audience is supportive of the presenters, many are also experts in their fields and can readily spot holes in data, assumptions and methodology.

Kaur’s team knew that its main policy recommendation — a rent stabilization ordinance — was controversial.

“A lot of economists do not like RSOs, so we knew we were going to be hit with a lot of questions about that,” she said.

But her team was confident in their analysis and ready for any challenge they might face.

“We did a mock presentation in front of both of our clients, and had them ask us really hard questions that they get in the field when they talk about any sort of tenant protection policy,” she said. “So that really prepped us.”

Also important to Kaur’s team was putting a human face on their policy analysis. They included tenants’ voices because “we really wanted to frame it in a way that people understood who this policy was going to impact.”

Faculty advisors for this year’s APP teams were Shah, Yin, Meredith Phillips and John Villasenor. “What’s great about the experience is that, while it is a real-world experience, it is also a guided experience in that each group is assigned to a Public Policy professor who advises them through the entire process,” Shah said.

This year, three APP projects were singled out for special recognition:

  • Highest honors: Reducing Delay to Promote Civil Rights: How Administrative Judges at the EEOC Can Resolve Employment Discrimination Complaints in a Fair Yet Efficient Manner (Delvin Turner, Elizabeth Joun, David Lyons)
  • Honors: Social Determinants of Health Literacy: Optimizing Public Health Outreach and Education Strategies in Long Beach, California (Stephanie Berger, Marisa Conner, Alexander Fung, Taylor Wyatt)
  • Honors: LA TAP (Tap Water Action Plan): Evaluating the Customer Experience of Tap Water in Los Angeles (Virdiana Auger-Velez, Rachel Lacoe, Caleb Rabinowitz, Bei Zhao)

Find more photos from the 2018 Applied Policy Project presentations on Flickr

Applied Policy Project presentations 2018

Views Among College Students Regarding the First Amendment

In a new podcast episode for the Brookings Institution, UCLA Luskin Public Policy Professor John Villasenor discusses college students’ views on the First Amendment, based on a recent survey of 1,500 current undergraduate students. Villasenor finds that a concerning number of students lack essential knowledge regarding what the First Amendment does and does not protect.

Regulating the Unmanned Skies UCLA Luskin public policy expert John Villasenor testifies before a U.S. Senate committee about drones, privacy and legislation

By Stan Paul

John Villasenor

John Villasenor, professor of public policy at the UCLA Luskin School of Public Affairs, told a U.S. Senate committee that Congress might want to consider a deliberate approach to any attempts to legislate the use of unmanned aircraft.

He testified on March 15, 2017, before the full U.S. Senate Committee on Commerce, Science & Transportation chaired by U.S. Senator John Thune (R-SD), on issues related to unmanned aircraft in the national airspace system.

Villasenor, who also holds UCLA faculty appointments in engineering, management and law, was among a group of witnesses who were representing government and industry interests. The witnesses included the director of the Federal Aviation Administration’s Office of Unmanned Aircraft Systems.

Members of the Senate committee were briefed on a wide range of issues that will affect the emerging technology as legislation catches up with innovations to and applications for the hundreds of thousands of unmanned aircraft systems — commonly known as drones — already in in the hands of individuals, commercial interests and government agencies.

Focusing on privacy aspects of drones, Villasenor cautioned the committee that while unmanned aircraft can potentially be used to gather information in ways that violate privacy, this does not mean that new federal unmanned aircraft privacy legislation is immediately needed or should quickly be put in place.

“Rather, the key question is: Do unmanned aircraft put privacy at risk in ways that fall outside the scope of existing constitutional, statutory and common law privacy protections?” asked Villasenor. “There are good reasons to believe that the answer to that question is ‘no.’ As a result, I think it is premature to enact broad new federal legislation specifically directed to unmanned aircraft privacy.”

He further explained that while limiting unmanned aircraft in obtaining and using information, “It is far harder to do so in a manner that is consistent with the full scope of the First Amendment.” At the same time, he commented that unintended consequences of legislation are especially heightened in areas where rapidly changing technology and privacy intersect, such as autonomous vehicles, location-aware smartphone applications and “always-on” devices with audio and video capabilities.

Other witnesses testified about the variety of issues to be considered, including limiting drone technology for use in agriculture, air traffic safety, infrastructure inspection and protection, and as critical tools in saving lives in natural disasters and search and rescue efforts.

Villasenor, while recommending restraint, concluded the hearing by stressing that Congress still has a vital role in addressing the challenges of emerging technologies. He urged dialogue among lawmakers, regulators, consumers, the commercial sector and civil liberties groups, so all parties can gain a better understanding of the issues.

“Part of that role involves identifying where existing legal frameworks are working well and where they are falling short,” Villasenor said. “Part of that role involves knowing when not to legislate. And part of that role involves enacting carefully targeted legislation at the right time.”

After his appearance before the Senate panel, Villasenor said he was grateful to have the opportunity to testify.

“Congressional hearings provide a very important opportunity to contribute to the dialog regarding today’s complex policy questions,” he said. “I appreciated the chance to testify before the Senate Commerce Committee on the privacy challenges being raised by rapidly changing technologies.”

In addition to the archived webcast, the full written testimony of Villasenor and the other witnesses may be found online.

On The Security Of Things And Cyber Trust

By Stan Paul

The Internet is where technology, policy, law, banking and business meet, not to mention the innumerable interconnected electronics and gadgets that we rely on each day — the so-called “Internet of Things.”

Also at this intersection is John Villasenor, professor of engineering and public policy at UCLA. While keeping up with the growth and proliferation of technology, Villasenor is more concerned with the security, safeguards and trust that must accompany our interdependence on this progress — what Villasenor refers to as “the Security of Things.”

At the Luskin School, he brings this expertise to the classroom. He co-teaches, among other things, a course titled Science, Technology and Public Policy, a class for graduate and undergraduate students, with Prof. Albert Carnesale, UCLA Chancellor Emeritus, SALT Treaty negotiator, professor emeritus of public policy and professor of mechanical and aerospace engineering.

Villasenor, formerly with the NASA Jet Propulsion Laboratory (where he developed methods of imaging the Earth from space), also serves as an adviser for Luskin’s Master of Public Policy (MPP) students’ Applied Public Policy projects.

Villasenor also is a prolific writer, researcher and public commenter on technology issues such as digital privacy, intellectual property, trade secrets and corporate cybersecurity, drones and autonomous cars. This year, Villasenor testified at a U.S. Senate hearing in Washington, D.C., on unmanned aircraft, examining the safety and privacy issues that are emerging as unmanned aircraft fill the skies over areas of peace and conflict. His wide interest and expertise is evidenced by the array of publications that have included his writing: Atlantic, Billboard, Chronicle of Higher Education, Fast Company, The Huffington Post, Scientific American, Slate, and the Los Angeles Times and Washington Post, to name a few.

While the actual application of autonomous cars to the streets is heading toward reality — although a work in progress — some of the legal issues involved are long established, according to Villasenor. In a recent Forbes article, he addresses the headline question: “If a Cyberattack Causes a Car Crash, Who Is Liable?” While the concept, in actual practice, still appears futuristic, unintended consequences may easily be seen through the legal lens of product liability and negligence, which could bring accountability to hackers (often unlikely, according to Villasenor), manufacturers (more likely) and, under some circumstances, even end purchasers, he says.

Villasenor outlines the issues coming to the fore with autonomous vehicles in a Brookings Institution report titled “Products Liability and Driverless Cars: Issues and Guiding Principles for Legislation.”

And, writing in Forbes (July 2015) on the recent wireless hack of a Jeep Cherokee that disabled control over the vehicle, Villasenor comments, “In the rush to increase connectivity, manufacturers — not just vehicle manufacturers — are often giving insufficient attention to the additional security exposures created when complex systems become increasingly linked.” He adds, “More connections mean more pathways and back doors that could be exploited by a hacker — especially when a system’s own designers may not be aware that those pathways and back doors even exist.”

On the recent VW emissions scandal, Villasenor wrote in Forbes Magazine (Sept. 21), “More broadly, the Volkswagen emissions scandal provides an important reminder that cyber trust involves more than cyber security. What we want, at the end of the day, is confidence that the software that runs everything from cars to medical devices to the critical infrastructure can be trusted.”

John Villasenor is a professor of electrical engineering, public policy and management at UCLA. He also teaches at the UCLA Anderson School of Management and the UCLA School of Law and is an APP (Applied Policy Project) adviser for the Department of Public Policy. He is a nonresident senior fellow at the Brookings Institution and a National Fellow at the Hoover Institution at Stanford University. He serves on the World Economic Forum’s Global Agenda Council on Cybersecurity and is a member of the Council on Foreign Relations.

Decoding the Apple v. U.S. battle Public Policy professor John Villasenor breaks down the background, key points and possible consequences of the iPhone legal dispute

By George Foulsham

During his discussion of the much-publicized iPhone standoff between Apple and the U.S. government, UCLA Luskin Public Policy professor John Villasenor said his main goal was to present the facts of the controversial case, and not to focus on his personal opinion. But, at the end of the discussion, after walking the audience through the background, technology and possible consequences of the legal battle, he did disclose what he thinks the outcome might be.

“I can’t imagine that the government is going to force a team of Apple engineers to drop everything and create a bunch of new code,” Villasenor, a professor of public policy, electrical engineering and management, said. “I have a hard time seeing it’s going to go that way.

“I might be wrong,” he added. “At the end of the day, if Apple refuses, there may be sanctions. They could fine Apple. They could hold them in contempt of court. You could jail the responsible person. It’s just hard to see that would happen to Apple.”

Villasenor’s talk, held at the UCLA Luskin School of Public Affairs, attracted students and scholars who, like the rest of the country, are fascinated by the many twists and turns the case has taken.

“This is a perfect example of why so much of what we do at UCLA crosses these boundaries — technology, policy, law and business — and how it intersects in this way that quite literally is dominating the headlines,” Villasenor said.

The latest development occurred Thursday when Apple filed court papers claiming that a federal judge had overstepped her authority and violated the company’s rights by ordering the company to help unlock a terrorist’s phone. “The ground is moving underneath us as we sit here,” Villasenor said of the rapidly unfolding legal war.

On Feb. 16, a federal magistrate issued an order compelling Apple to assist the government in bypassing the security features of an iPhone 5c used by one of the shooters in the December 2015 San Bernardino terrorist attack. Apple opposes the order, arguing that the government’s demand to “build a backdoor into our products … would undermine the very freedoms and liberty our government is meant to protect.”

Villasenor, who’s also a visiting professor of law at UCLA, covered the key points in the dispute, including an overview of the government invoking the All Writs Act of 1789 as a justification for compelling Apple to provide access to the phone. “What other document happened in 1789 that we like?” he asked. “Anything else come to mind? Like the Bill of Rights?”

Speaking of the government’s use of the All Writs Act, Villasenor said that “as far as I know, this is the first time the government has ever ordered someone to write code.”

He explained that one of the ways to access the information in the phone is through the use of a “brute force attack” — entering passcodes until you get the right one. “The problem is that iPhones have security features designed to thwart those attacks,” he said. So if someone tries to enter passcodes 10 times, and they’re unsuccessful, the phone can erase a file system key, making it impossible to decrypt data on the phone.

However, if the government had access to a phone containing the software it is trying to compel Apple to create, a brute force attack might not take long to unlock all of the data.

“If you have a four-digit passcode, it will only take you about 15 minutes to go through all of those combinations, actually probably less,” Villasenor said.  “After 7 or 8 minutes, you could probably get in. A six-digit passcode could be found in about a day.”

But since iPhones running recent versions of iOS also allow longer passcodes, including alpha-numeric combinations, the challenge could be daunting. “The numbers quickly explode,” he said. For a six-digit alpha-numeric code, Villasenor said it would take “five and a half years to calculate all combinations …  according to Apple.”

The next steps in the dispute include additional court filings, a March 22 hearing in a Los Angeles federal courtroom, followed by a decision by a magistrate, inevitable appeals in district and circuit courts, and maybe an appeal to the Supreme Court.

Among the consequences of the case, according to Villasenor, are what other, potentially oppressive governments might do if Apple were to lose the case and be forced to provide what the U.S. wants, and the inevitability that we all will wind up with more secure phones in the future.

“This is a compelling test case,” Villasenor said. “This case is going to be incredibly important.”

John Villasenor

John Villasenor is a professor of electrical engineering, public policy, and management at UCLA, a nonresident senior fellow at the Brookings Institution, and a National Fellow at the Hoover Institution. In addition, during the current (2015-2016) academic year, he is a visiting professor at the UCLA School of Law. His work addresses the intersection of digital technology with public policy and the law. He is also a member of the World Economic Forum’s Global Agenda Council on Cybersecurity, a member of the Council on Foreign Relations, and an affiliate of the Center for International Security and Cooperation (CISAC) at Stanford.

Professor Villasenor’s research addresses the technology and policy challenges associated with trends such as the move to cloud computing, the globalization of technology product design and manufacturing, advances in digital communications and electronics, and the increasing complexity of today’s networks and systems.  Prior to joining UCLA in 1992, he was with the NASA Jet Propulsion Laboratory in Pasadena, California, where he developed methods for imaging the earth from space. He received the B.S. degree in 1985 from the University of Virginia, his M.S. in 1986 from Stanford University, and Ph.D. in 1989 from Stanford, all in electrical engineering.

For more information, please visit Professor Villasenor’s personal page.

John Villasenor on digital media sales, hardware hacking and banking for the poor Research on digital security and risk assessment

john-villasenor-profile

By Angel Ibanez
UCLA Luskin Student Writer

Public Policy and Electrical Engineering professor, John Villasenor, was recently featured in the media on the topics of selling used digital media and the growing danger of hacked hardware. He also co-wrote a blog post for the Brookings Institute on the role of the global financial system in helping the poorest and most vulnerable.

In the article titled, “Secondhand Downloads: Will Used E-Books and Digital Games Be for Sale?” published by Bloomberg News, reporter Joshua Brustein explained that the mechanics of selling used digital media are not clearly set and possibly not legal. Professor Villasenor offered one potential solution to addressing some of the issues in music: to establish a “short-term online lending library” for songs. 

Through this short-term lending library, the owner of the song would “lose access whenever someone else listened to the song he contributed.” When capitalizing on the song, the recording artist would only be able to “sell the number of copies of a song equal to the maximum number of people listening to it at any one time.”

Popular Science’s “Nowhere to Hide” piece discusses the growing problems that hacked hardware could cause for security in the future. The article references Villasenor’s research in which he stresses the realization that possible attacks are only a matter of time “the laws of statistics guarantee that there are people with the skills, access, and motivation to intentionally compromise a chip design.” This becomes an ever bigger problem when so little is being done to prepare for such a scenario, “defensive strategies have not yet been fully developed, much less put into practice.”

In a blog post co-written for the Brookings Institute last week, Villasenor and Peer Stein discussed how the current rise of “retrenchment by global financial institutions may be undermining years of progress in providing the world’s poor with financial services.”

The problem of retrenchment comes from large fines against banks for failing to comply with international sanctions and anti-money laundering rules. Banks are doing what is known as “de-risking” where they restrict or terminate business with clients to avoid risk. 

This has led to a rise in banks closing remittance accounts and has affected civil society organizations. One NGO involved in helping women’s groups in the Middle East was denied a bank account to avoid the risk of funds indirectly ending up in Syria. 

In order to address this important problem, Villasenor suggested three pillars necessary for finding solutions going forward:

1. Public authorities need to provide more meaningful information on ML/TF risks to the financial industry, clarify their regulatory expectations, and adopt a genuinely risk-based approach in their supervisory and enforcement actions.

2. Financial institutions need to step up their understanding of the risks of their customer base, and direct internal control efforts accordingly. Risk management approaches should focus more on individual clients, and not write off entire sectors.

3. Countries with significant inflows of remittances need to improve the effectiveness of their regulatory regimes to combat ML/TF, and to provide more comfort to global financial institutions with banking relationships with clients in the developing world.

Youth Internet Safety: Risks, Responses, and Research Recommendations Professor John Villasenor identifies gaps in existing knowledge concerning internet safety.

176193280_0By Luskin Center for Innovation staff

As Internet use by children and teenagers increases, so do concerns about their online safety. Providing a safe environment requires an in-depth understanding of the types and prevalence of online risks young Internet users face, as well as the potential solutions for mitigating risks.

A team at the Luskin Center led by Public Policy professor John Villasenor conducted a review of existing research on online safety and then identified knowledge gaps and recommendations for specific areas of research to further the policy dialogue regarding online safety. These findings and recommendations are summarized in a paper released today by the Brookings Institution.

This paper is timely because, despite the significant amount of research on these risks, improving youth Internet safety remains a challenge. In part, this is because definitions of terms and categories relevant to online safety, such as “cyberbullying,” often vary, making the comparison of statistics and findings among sources imprecise. In addition, there are complex overlaps among different online safety subtopics.

The paper was authored by John Villasenor, graduate student Adina Farrukh and researcher Rebecca Sadwick. Read the full paper here.

 

Why Blaming Health Care Workers Who Get Ebola Is Wrong Public policy professor John Villasenor argues that data and statistical methods can protect health workers.

Since the Centers for Disease Control and Prevention confirmed on Oct. 12 that a Texas health care worker tested positive for Ebola, media outlets have reported that health officials are now “scrambling” to find out how she contracted the disease despite wearing protective gear. According to the head of the CDC, the infection was caused by a “breach in protocol” that officials are working to identify.

Public Policy professor John Villasenor argues in an article published on Forbes.com that while working to identify weak links in protocol is important, blaming the health worker for breaching protocol ignores the fact that, statistically, having multiple contacts with Ebola patients will lead to an inevitable “limited number of transmissions to health workers.”

He writes:

“This is because if you do something once that has a very low probability of a very negative consequence, your risks of harm are low. But if you repeat that activity many times, the laws of probability—or more specifically, a formula called the “binomial distribution”—will eventually catch up with you.

For example, consider an activity that, each time you do it, has a 1% chance of exposing you to a highly dangerous chemical. If you do it once, you have a 1% chance of exposure. If you do it twice, your chances of at least one exposure are slightly under 2%. After 20 times, you have an 18% chance of at least one exposure, and after 69 times the exposure probability crosses above 50%. After 250 times, the odds of exposure are about 92%. And the exposure odds top 99% after about 460 times.

In other words, even if the probabilities are strongly stacked in your favor if you do the activity only once, with repetition the probabilities flip against you.”

Villasenor ends his article by offering three recommendations for how to analyze this situation, including avoiding assumptions. You can read the full article here.

In another piece published in Slate on Oct. 15, Villasenor asserts that big data should be used as a “core component of the strategy” to protect health workers from Ebola exposure. Big data and statistical methods are vital in analyzing how Ebola can spread and shouldn’t be treated as an afterthought, he says.

Villasenor urges health officials to collect data about interactions between health workers and Ebola patients, and develop protocol for simulations so that health workers can practice using and removing protective gear.

He concludes:

“Big data and statistics alone aren’t going to keep health workers safe from Ebola. But they can certainly help. If we are going to ask health workers to repeatedly step into rooms with patients contagious with a virus that now appears to have a fatality rate of about 70 percent, we have the obligation to do everything possible to minimize the chances that they might be exposed. And today, we’re not doing nearly enough.”

John Villasenor Talks Bitcoin with Patt Morrison

Villasenor.jpeg_e

Public Policy professor John Villasenor was recently interviewed by Patt Morrison for her Los Angeles Times column on the topic of cryptocurrencies. In the Q&A, Villasenor answers questions about the efficiencies of cryptocurrencies like bitcoin, how bitcoin works, and possible implications on future regulation.

When asked what may be the most difficult for people to grasp about bitcoin, Villasenor said:

“The hardest thing — not unreasonably — is that bitcoin is completely decentralized currency. There’s nobody in charge, no company, no government, no consortium — collectively everybody acts to run it. Most of us grew up in a world where government has oversight over currency like the dollar.” 

To read more from his Q&A, go here.