No, it's because we're using shared secrets (hey look, an oxymoron!) to establish identity. As far as your finances are concerned, anyone who knows your name/birthdate/SSN/address/card number/etc is *you*, and can do pretty much anything you can do.
A rather fundermental part of the problem is that none of these actually are "shared secrets" in the first place. Technically they are what is know as "identifiers". In some cases, especially with web based systems, it can be possible to hack in actual shared secrets. e.g. a web form might well accept an obviously daft answer to a question like "what is your mother's maiden name?"
And of course anyone you do business with knows enough of these things that they or anyone who steals their database can pretend to be you.
If real shared secrets were being used stealing a database would only enable them to impersonate you to whoever the database was stolen from in the first place.
That said, in my brain dead country you can get someone's electricity turned off if you know their name, address and date of birth.
You don't even need to know their mother's "maiden name"? I suspect that impersonating someone by knowing facts about them only actually works for some people. If you are well known or important enough there are actually secure available. Otherwise every celebrity's house would be easily identifiable by the presence of a generator... (A generator with a very large fuel tank in the case of politicans.)
My SSN was lost twice last year, both by large organizations, and I had no choice in giving either of them my SSN. One of them had it for health insurance reasons from when I was a child, and the other one was a school I attended. I think it's ridiculous.
Why did either of them need it in the first place? Quite often when it comes to these kind of "loses" there is little rational reason for several of the fields being in the database. In the extreme this applies to the whole database.
There's no reason that companies, schools, and other organizations should be able to lose tens of thousands of social security numbers and basically just shrug and say "oops".
If SSNs were treated properly in the first place the worst that could happen would be that some idiot could boost your pension. One thing they most definitly are not is a method of authenticating identity.
I bet if they had to pay a $10,000 fine for every SSN they lose, they'd start encrypting the data really quickly.
Encryption is no magic wand. Also a large fine means a large incentive to cover up any such instances.
Even traditional companies are retaining credit card information by default. I ordered a pizza from Round Table the other day and they asked me if I wanted to use the same card that I used last time.
Which is something they should never be doing.
I drove down there and told the manager to delete any of my personal information and asked him where I ever signed anything or in any other way authorized them to retain my credit card information. Of course he wasn't able to provide any such documentation.
Probably because very few customers actually want such a "service". Consider also that a retailer doing this could change the transaction from a regular "cardholder not present" to "continuious authority".
That isn't remotely true. There was a consumer line which went 95, 98, ME. All of those were worthless. The professional line on the other hand went NT 3.51, NT 4.0, Windows 2000, Windows XP. None of those were worthless.
For some strange meaning of "worthless". There certainly were situations where the 9x series was a better tool for the job than the NT series. Indeed there undoubtedly exist applications where an entirely single user version of Windows would be desirable.
The Doctrine of First Sale covers sale and lending of ones own property. Therefore, used CDs (and DVDs) are perfectly legal. (And so are libraries...before the Doctrine of First Sale libraries were technically illegal!)
Actually the reason libraries exist is that they predate copyright. If they didn't already exist it would probably be impossible to "invent" them now.
Aren't Apple, Sony, Microsoft, Sandisk and anyone else that sells a device and software to transfer music from CDs to the device doing just the same? If what they're doing is illegal, why are the RIAA not hitting them as well?
Probably because if push came to shove the RIAA would lose any such battles. Anyway their current tactics, intended for use against individuals, probably just wouldn't be much use against other corporates.
It would be one thing to say, "User X seeded Song B to a bittorrent client", but then they'd actually have to prove that, or face libel/slander charges.
In order to actually do they'd at minimum need to download the file in question. Using a client hacked to never upload. Even then all they'd be able to say is "This material was made available by a machine with that IP address..."
Watching many older and/or less tech savvy people using a remote, it seems to me like a large portion of their time is used up staring at the huge array of things sitting in front of them - at least 75% of which don't have anything to do with what they're doing.
Or even working out which of the tiny buttons, labled in tiny writing, they actually need to press.
It's a fairly safe bet that you do not read manuals either. If you did, you would know that they are generally produced either by an engineer with negligible communications skills or by a technical writer who has not been given adequate time to understand the device. There are exceptions, but most manuals for modern equipment are even worse than the controls.
You also need to factor in that the manual you are reading could well be a bad translation of the original.
The number of registered voters is known in advance. The percentage that will show up is not known, but it is usually less than half.
So what? Printed paper is dirt cheap. Even if you overprint ballot papers by a few hundred percent you are still talking several orders of magnitude less in terms of "leftovers" than unsold copies of just about any newspaper (Which will often also contain "inserts" with much better quality paper and printing.)
Buy stock in thermal paper companies. it's coming with POD ballots or with paper trail for voting kiosks.
Considering how "stable" thermal paper is it would probably be more secure simply give people a blank sheet of paper and a soft pencil to write down they choice of candidate.
Electronic voting can force the voter to make a clear, unambiguous choice while paper cannot.
It can also force them to do things they may not wish to, but the person who designed the election thinks they should so. e.g. what happens if you have multiple elections on the same ballot. With a voter wishing to vote in some, abstain in others and "spoil their vote" with others. The simple solution is to give them individual ballot papers for each election if they want to take some of them home to use as toilet paper then nobody should care too much.
2) Ballot stuffing should be much harder with e-voting. The machine can enforce hard limits (1 vote per minute or whatever) and perform basic sanity checks like making sure the polling place doesn't just get an extra 1000 votes mere minutes before closing, or 100s of votes in a row for the same candidate, or whatever. Can paper do any of that?
For any well designed electoral system any form of widescale electoral fraud is difficult because it requires a large conspiracy. This includes ballot stuffing. Whereas this can take place within electronic systems with ease and needs only a few people. There is also the problem that scruitineering is virtually impossible with electronic voting systems. There just arn't enough people on the planet to do the job for an election of any size (even before you exclude those who are citizens of countries the US dosn't like). Added to that any effective techniques may well be destructive. (You cannot shut down a computer which may be running rogue code since this is likely to destroy any evidence.) Whereas with paper ballots people (preferably lots of people) can watch what is going on.
3) Paper trail. That's right, an electronic machine can actually produce a time-stamped cryptographically signed paper trail authenticating every vote cast which will make it very hard to add even an extra 100 votes to the record...
And what's to verify that each vote actually corresponds to a voter performing some action the voter considered to be intentionally casting a vote.
With paper ballots alone you can just stuff all the extra ballots into the box any time you like and there is no way to reconstruct exactly what happened.
An election official, who should never be working at their designated voting location, has to be very careful that they don't get seen by anyone. If for some reason there arn't enough people around then multiple video cameras watching the ballot box are a far more useful application of technology.
4) Counting the results. I don't think I need to say more here.
Given a choice between something when can be seen to be fair and accurate and trusting a "magic box" you'd take the magic box!
Biometrics. It might be possible to make sure that a particular person only votes once (using a fingerprint hash for example). It sure beats purple finger or demanding people present ID and register to vote beforehand.
Why use a simple and reliable method when you could use a complex and unreliable one. Anyway don't they have indelible fluorescent ink in US? again KISS!
Just print out 1000. It doesn't cost that much compared to 300 ballots, or 600 ballots, or however many ballots you think you might need. And print out a couple extra incase somebody makes a mistake and needs an extra ballots. For a voting area with 1000 voters, just print out 2000 ballots.
Since the major cost tends to be setting up the printer in the first place you may well find that there is no difference in cost between 1000 and 2000 because 2000 is the printer's minimum order. You might even find that printing 300 costs more because your choice of printing company prepared to handle tiny print runs is limited.
(Even with proper ballots there's an interesting question: if there are 1,000 voters and there has never been a turnout of more than 300 in this area, how many ballots do you print, bearing in mind that you'll almost certainly lose your job if you print just one too few, but on the other hand people will be upset with you if you end up wasting two thirds of your print cost?)
Your just under 300 printed one at a time on an inkjet probably costs more than just over a thousand on a regular printing press. Also if wasting paper was really a big deal you wouldn't be able to buy an office printer without an automatic (i.e. there's no way you can send it a 3 page document and get more than 2 sheets out or more than 3 sheets from a 5 page document, etc) duplexer!
Both (special paper and ink) would be better. Otherwise, someone could steal (or reproduce) the watermarked paper, run off a bunch of ballots that will scan incorrectly, and put them back in the pile. If special ink were required, they would have to steal or reproduce that as well, making it more difficult to interfere.
Most of this is already in place. You might just as well go the whole hog and make the election about who can put the most specially printed and watermarked ballot papers (other wise known as "cash") in the appropriate candidate's hand.
Of course the p.o.d. ballots are an accident waiting to happen. The whole point of printing the ballots ahead of time is to ensure to the extent possible *ahead of time*, i.e., with time for corrective action to be taken, that there will be no systemic failures.
You also know ahead of time how many ballot papers you need, because you know the number of people entitled to vote ahead of time. If you have unused ballot papers you can just recycle the paper.
I am impressed by the spectacular cheapness displayed in the decision to go to a "just-in-time" solution for a system which should not accept delays.
It's unlikely that print on demand will actually be cheaper than bulk printing, even if you avoid using an inkjet printer...
Ultimately its about society and individuals. How comfortable are you with having sex offenders living in your neighborhood.
And you know you don't because?
Would your opinion change if you had kids? This is a balance of rights and clearly some people are nervous about having sex offenders living in their neighborhood.
It's quite likely that some of these people are actually sex offenders who have not only not escaped being caught, but have also realised that complete hypocricy is a good political tactic.
Wait so... instead of letting these guys sit around on the internet all day where they're essentially harmless, those in the sex offender registry who are there for a legitimate reason (as opposed to for say... pissing on somebodys lawn at 3 AM or being 17 while getting a blowjob from a 15 year old) will now need to go outside and "interact" (i.e. molest for those of you you are clueless--namely, legislators) with real people to get their rocks off.
This would not be a problem if it were possible to have them molest only legislators.
There are lots and lots of "sex offenders" that really did nothing wrong, or did something totally unrelated to actual sex. 15-17 couples, people urinating outside, streaking,...
In some cases public urination might be vandalism, but it certainly isn't "sex crime". Should there really be "dress codes" for public, which is what laws against "streaking", "flashing", "indecent exposure" ammount to. On the other hand we have actions such someone hacking off parts of someone else's genitals with a knife not being considered "sexual assault".
Sex offenders are wildly out of control, and we should make sure that we have the right to protect ourselves. Think of the victims here, and think of making it harder for these scumbags to find innocent families to victimize.
Except when you actually look at things a little more closely you discover that there are all sorts of people who were never any kind of danger to anyone (including children). Including cases which should probably never have gone anywhere near a court in the first place. Possible a few who people who are actually victims of sexual assault. But had the misfortune to be male whilst their attacker was female. There are also plenty of "scumbags" with extensive criminal records who you don't know about because they violently assaulted people (including children), but at least the only injured or killed...
At this rate we may as well just cut to the chace and sentence convicted sex offenders (and whoever else is out to get your children) to lifelong destitution.
Would make more sense with drunk drivers, who are a serious danger to everyone (including children). Indeed making them destitute would actually impede their ability of re-offend.
I have a friend that is a 'sex offender' because he got pissed off at his neighbor and flashed her during an argument. She pressed charges, and now he has to register. What he did was stupid...
With what law enforcement did being even more stupid. Unless there was at least one third party witness to the whole thing then it should have been simply "no case to answer".
P.S. We both live in NJ, and I vote here. I also don't agree with Megan's law. You fuck up the lives of THOUSANDS of people re-entering society, who have paid their debt, and you save, what, TWO lives a year?
Considering the number of vigilantes who use these lists to search for potential victims the number of lives saved may well be negative. That's before you even consider suicides and premature deaths due to people being unable to "re-enter society".
Sex-related crimes (such as public urination) are basically getting mandatory life sentences now - a couple years in prison, then the rest of your life shunned by society with no opportunity to turn over a new leaf.
With the definition of "sex related" being somewhat arbitrary and illogical. e.g. somehow Lorena Bobbit's actions were not "sex related". It also appears to have taken several years (and repeated probation violations) before child rapist Mary Kay Letourneau wound up on such a list.
If we were just talking about repeat-offending child molesters and rapists here, the situation would be different, but we're not.
More to the point there appear to be no lack of people who actually should be on these lists who are not. Probably for various reasons, including institutional sexist within law enforcement.
A totally unworkable, probably unconstitutional waste of time. A legislative brain-fart if you ask me.
What's new there...
While this is obviously about the United States, it's a problem everywhere. The criminal legislation velocity in the United Kingdom is totally out of control. There's a bill every couple of months that criminalises some silly action.
Or even something which was already illegal in the first place.
I recon that the criminal code should only be adjusted by bills put to referendum. This would reduce the volume of legislation and protect the people from totally stupid laws, unenforceable laws.
Another idea would be that any new law must have a "test group" for at least a year before it applies to everyone. That test group being MPs/Congressmen/etc.
No, it's because we're using shared secrets (hey look, an oxymoron!) to establish identity.
As far as your finances are concerned, anyone who knows your name/birthdate/SSN/address/card number/etc is *you*, and can do pretty much anything you can do.
A rather fundermental part of the problem is that none of these actually are "shared secrets" in the first place. Technically they are what is know as "identifiers".
In some cases, especially with web based systems, it can be possible to hack in actual shared secrets. e.g. a web form might well accept an obviously daft answer to a question like "what is your mother's maiden name?"
And of course anyone you do business with knows enough of these things that they or anyone who steals their database can pretend to be you.
If real shared secrets were being used stealing a database would only enable them to impersonate you to whoever the database was stolen from in the first place.
That said, in my brain dead country you can get someone's electricity turned off if you know their name, address and date of birth.
You don't even need to know their mother's "maiden name"?
I suspect that impersonating someone by knowing facts about them only actually works for some people. If you are well known or important enough there are actually secure available. Otherwise every celebrity's house would be easily identifiable by the presence of a generator... (A generator with a very large fuel tank in the case of politicans.)
My SSN was lost twice last year, both by large organizations, and I had no choice in giving either of them my SSN. One of them had it for health insurance reasons from when I was a child, and the other one was a school I attended. I think it's ridiculous.
Why did either of them need it in the first place? Quite often when it comes to these kind of "loses" there is little rational reason for several of the fields being in the database. In the extreme this applies to the whole database.
There's no reason that companies, schools, and other organizations should be able to lose tens of thousands of social security numbers and basically just shrug and say "oops".
If SSNs were treated properly in the first place the worst that could happen would be that some idiot could boost your pension. One thing they most definitly are not is a method of authenticating identity.
I bet if they had to pay a $10,000 fine for every SSN they lose, they'd start encrypting the data really quickly.
Encryption is no magic wand. Also a large fine means a large incentive to cover up any such instances.
Even traditional companies are retaining credit card information by default. I ordered a pizza from Round Table the other day and they asked me if I wanted to use the same card that I used last time.
Which is something they should never be doing.
I drove down there and told the manager to delete any of my personal information and asked him where I ever signed anything or in any other way authorized them to retain my credit card information. Of course he wasn't able to provide any such documentation.
Probably because very few customers actually want such a "service". Consider also that a retailer doing this could change the transaction from a regular "cardholder not present" to "continuious authority".
That isn't remotely true. There was a consumer line which went 95, 98, ME. All of those were worthless. The professional line on the other hand went NT 3.51, NT 4.0, Windows 2000, Windows XP. None of those were worthless.
For some strange meaning of "worthless". There certainly were situations where the 9x series was a better tool for the job than the NT series. Indeed there undoubtedly exist applications where an entirely single user version of Windows would be desirable.
The Doctrine of First Sale covers sale and lending of ones own property. Therefore, used CDs (and DVDs) are perfectly legal. (And so are libraries...before the Doctrine of First Sale libraries were technically illegal!)
Actually the reason libraries exist is that they predate copyright. If they didn't already exist it would probably be impossible to "invent" them now.
Aren't Apple, Sony, Microsoft, Sandisk and anyone else that sells a device and software to transfer music from CDs to the device doing just the same? If what they're doing is illegal, why are the RIAA not hitting them as well?
Probably because if push came to shove the RIAA would lose any such battles. Anyway their current tactics, intended for use against individuals, probably just wouldn't be much use against other corporates.
It would be one thing to say, "User X seeded Song B to a bittorrent client", but then they'd actually have to prove that, or face libel/slander charges.
In order to actually do they'd at minimum need to download the file in question. Using a client hacked to never upload. Even then all they'd be able to say is "This material was made available by a machine with that IP address..."
Watching many older and/or less tech savvy people using a remote, it seems to me like a large portion of their time is used up staring at the huge array of things sitting in front of them - at least 75% of which don't have anything to do with what they're doing.
Or even working out which of the tiny buttons, labled in tiny writing, they actually need to press.
It's a fairly safe bet that you do not read manuals either. If you did, you would know that they are generally produced either by an engineer with negligible communications skills or by a technical writer who has not been given adequate time to understand the device. There are exceptions, but most manuals for modern equipment are even worse than the controls.
You also need to factor in that the manual you are reading could well be a bad translation of the original.
The number of registered voters is known in advance. The percentage that will show up is not known, but it is usually less than half.
So what? Printed paper is dirt cheap. Even if you overprint ballot papers by a few hundred percent you are still talking several orders of magnitude less in terms of "leftovers" than unsold copies of just about any newspaper (Which will often also contain "inserts" with much better quality paper and printing.)
Buy stock in thermal paper companies. it's coming with POD ballots or with paper trail for voting kiosks.
Considering how "stable" thermal paper is it would probably be more secure simply give people a blank sheet of paper and a soft pencil to write down they choice of candidate.
Electronic voting can force the voter to make a clear, unambiguous choice while paper cannot.
It can also force them to do things they may not wish to, but the person who designed the election thinks they should so. e.g. what happens if you have multiple elections on the same ballot. With a voter wishing to vote in some, abstain in others and "spoil their vote" with others.
The simple solution is to give them individual ballot papers for each election if they want to take some of them home to use as toilet paper then nobody should care too much.
2) Ballot stuffing should be much harder with e-voting. The machine can enforce hard limits (1 vote per minute or whatever) and perform basic sanity checks like making sure the polling place doesn't just get an extra 1000 votes mere minutes before closing, or 100s of votes in a row for the same candidate, or whatever. Can paper do any of that?
For any well designed electoral system any form of widescale electoral fraud is difficult because it requires a large conspiracy. This includes ballot stuffing. Whereas this can take place within electronic systems with ease and needs only a few people.
There is also the problem that scruitineering is virtually impossible with electronic voting systems. There just arn't enough people on the planet to do the job for an election of any size (even before you exclude those who are citizens of countries the US dosn't like). Added to that any effective techniques may well be destructive. (You cannot shut down a computer which may be running rogue code since this is likely to destroy any evidence.)
Whereas with paper ballots people (preferably lots of people) can watch what is going on.
3) Paper trail. That's right, an electronic machine can actually produce a time-stamped cryptographically signed paper trail authenticating every vote cast which will make it very hard to add even an extra 100 votes to the record...
And what's to verify that each vote actually corresponds to a voter performing some action the voter considered to be intentionally casting a vote.
With paper ballots alone you can just stuff all the extra ballots into the box any time you like and there is no way to reconstruct exactly what happened.
An election official, who should never be working at their designated voting location, has to be very careful that they don't get seen by anyone. If for some reason there arn't enough people around then multiple video cameras watching the ballot box are a far more useful application of technology.
4) Counting the results. I don't think I need to say more here.
Given a choice between something when can be seen to be fair and accurate and trusting a "magic box" you'd take the magic box!
Biometrics. It might be possible to make sure that a particular person only votes once (using a fingerprint hash for example). It sure beats purple finger or demanding people present ID and register to vote beforehand.
Why use a simple and reliable method when you could use a complex and unreliable one. Anyway don't they have indelible fluorescent ink in US?
again KISS!
Just print out 1000. It doesn't cost that much compared to 300 ballots, or 600 ballots, or however many ballots you think you might need. And print out a couple extra incase somebody makes a mistake and needs an extra ballots. For a voting area with 1000 voters, just print out 2000 ballots.
Since the major cost tends to be setting up the printer in the first place you may well find that there is no difference in cost between 1000 and 2000 because 2000 is the printer's minimum order. You might even find that printing 300 costs more because your choice of printing company prepared to handle tiny print runs is limited.
(Even with proper ballots there's an interesting question: if there are 1,000 voters and there has never been a turnout of more than 300 in this area, how many ballots do you print, bearing in mind that you'll almost certainly lose your job if you print just one too few, but on the other hand people will be upset with you if you end up wasting two thirds of your print cost?)
Your just under 300 printed one at a time on an inkjet probably costs more than just over a thousand on a regular printing press.
Also if wasting paper was really a big deal you wouldn't be able to buy an office printer without an automatic (i.e. there's no way you can send it a 3 page document and get more than 2 sheets out or more than 3 sheets from a 5 page document, etc) duplexer!
Both (special paper and ink) would be better. Otherwise, someone could steal (or reproduce) the watermarked paper, run off a bunch of ballots that will scan incorrectly, and put them back in the pile. If special ink were required, they would have to steal or reproduce that as well, making it more difficult to interfere.
Most of this is already in place. You might just as well go the whole hog and make the election about who can put the most specially printed and watermarked ballot papers (other wise known as "cash") in the appropriate candidate's hand.
Of course the p.o.d. ballots are an accident waiting to happen. The whole point of printing the ballots ahead of time is to ensure to the extent possible *ahead of time*, i.e., with time for corrective action to be taken, that there will be no systemic failures.
You also know ahead of time how many ballot papers you need, because you know the number of people entitled to vote ahead of time. If you have unused ballot papers you can just recycle the paper.
I am impressed by the spectacular cheapness displayed in the decision to go to a "just-in-time" solution for a system which should not accept delays.
It's unlikely that print on demand will actually be cheaper than bulk printing, even if you avoid using an inkjet printer...
Ultimately its about society and individuals. How comfortable are you with having sex offenders living in your neighborhood.
And you know you don't because?
Would your opinion change if you had kids? This is a balance of rights and clearly some people are nervous about having sex offenders living in their neighborhood.
It's quite likely that some of these people are actually sex offenders who have not only not escaped being caught, but have also realised that complete hypocricy is a good political tactic.
Wait so... instead of letting these guys sit around on the internet all day where they're essentially harmless, those in the sex offender registry who are there for a legitimate reason (as opposed to for say... pissing on somebodys lawn at 3 AM or being 17 while getting a blowjob from a 15 year old) will now need to go outside and "interact" (i.e. molest for those of you you are clueless--namely, legislators) with real people to get their rocks off.
This would not be a problem if it were possible to have them molest only legislators.
There are lots and lots of "sex offenders" that really did nothing wrong, or did something totally unrelated to actual sex. 15-17 couples, people urinating outside, streaking,...
In some cases public urination might be vandalism, but it certainly isn't "sex crime". Should there really be "dress codes" for public, which is what laws against "streaking", "flashing", "indecent exposure" ammount to.
On the other hand we have actions such someone hacking off parts of someone else's genitals with a knife not being considered "sexual assault".
Sex offenders are wildly out of control, and we should make sure that we have the right to protect ourselves. Think of the victims here, and think of making it harder for these scumbags to find innocent families to victimize.
Except when you actually look at things a little more closely you discover that there are all sorts of people who were never any kind of danger to anyone (including children). Including cases which should probably never have gone anywhere near a court in the first place. Possible a few who people who are actually victims of sexual assault. But had the misfortune to be male whilst their attacker was female.
There are also plenty of "scumbags" with extensive criminal records who you don't know about because they violently assaulted people (including children), but at least the only injured or killed...
At this rate we may as well just cut to the chace and sentence convicted sex offenders (and whoever else is out to get your children) to lifelong destitution.
Would make more sense with drunk drivers, who are a serious danger to everyone (including children). Indeed making them destitute would actually impede their ability of re-offend.
I have a friend that is a 'sex offender' because he got pissed off at his neighbor and flashed her during an argument. She pressed charges, and now he has to register. What he did was stupid...
With what law enforcement did being even more stupid. Unless there was at least one third party witness to the whole thing then it should have been simply "no case to answer".
P.S. We both live in NJ, and I vote here. I also don't agree with Megan's law. You fuck up the lives of THOUSANDS of people re-entering society, who have paid their debt, and you save, what, TWO lives a year?
Considering the number of vigilantes who use these lists to search for potential victims the number of lives saved may well be negative. That's before you even consider suicides and premature deaths due to people being unable to "re-enter society".
Sex-related crimes (such as public urination) are basically getting mandatory life sentences now - a couple years in prison, then the rest of your life shunned by society with no opportunity to turn over a new leaf.
With the definition of "sex related" being somewhat arbitrary and illogical. e.g. somehow Lorena Bobbit's actions were not "sex related". It also appears to have taken several years (and repeated probation violations) before child rapist Mary Kay Letourneau wound up on such a list.
If we were just talking about repeat-offending child molesters and rapists here, the situation would be different, but we're not.
More to the point there appear to be no lack of people who actually should be on these lists who are not. Probably for various reasons, including institutional sexist within law enforcement.
A totally unworkable, probably unconstitutional waste of time. A legislative brain-fart if you ask me.
What's new there...
While this is obviously about the United States, it's a problem everywhere. The criminal legislation velocity in the United Kingdom is totally out of control. There's a bill every couple of months that criminalises some silly action.
Or even something which was already illegal in the first place.
I recon that the criminal code should only be adjusted by bills put to referendum. This would reduce the volume of legislation and protect the people from totally stupid laws, unenforceable laws.
Another idea would be that any new law must have a "test group" for at least a year before it applies to everyone. That test group being MPs/Congressmen/etc.