On the Soapbox

Is education a public good?

Friday, April 6, 2007
Keywords: Economics, Politics

I read this post in my RSS reader, and it got me thinking about the economics of education.

This is a topic that I have not thought much about before, and if someone asked me about education, I would usually give a canned response about how education is a public good and thus public education makes sense. But the explicitness of the language used in the post that I read caused me to pause and reconsider whether or not education really is a public good.

"... situations where there is very, very little control over who gets the benefits of the good (no matter who paid for the good)."

For starters, I would not make the argument of education as a public good quite that way. If a parent were to spend lots of money on private tuition, their child will be the direct and most significant beneficiary of that expenditure.

This is not to say that education is not a public good, though. In my view, education has what I would call an institutional public good effect. The public good benefits are of an educated public in general...

  1. Democracy requires good, informed public discourse and a public that understands and appreciates the principles of the social contract into which they are bound. We can look at the United States and scoff at the state of our public discourse, but if we look at many other worse-off countries where democracy has stumbled or outright failed, we would see that a poorly-educated public plays a large (though by no means exclusive) role in their failure.
  2. Inheritance is one of the kinks of the libertarian ideal. Dynastic wealth and aristocracy are generally not things that libertarians embrace, and they are most certainly not compatible with free markets. Our notions of equal opportunity and the self-made person necessitate public education (and other things like the estate tax). One could consider the support of these ideals to be public goods.

Those are the two public good arguments that can be made for education. Argument #1 is limited in scope because it really only covers things like reading, economics (that this subject is not a high school requirement is tragic), history, and civics. Argument #2 covers the problem of inheritance (which we would never eliminate unless we establish some sort of Brave New World system where the family unit is abolished), and the public goods argument here is fairly weak and limited in scope as well, since the public good is just the promotion of what we hold to be a positive ideal.

It would seem, then, that my support for public education based on the notion of it being a public good is a fairly weak one, and as I more carefully thought about the role of education in society, it became clear to me that I have been falsely attributing many of the arguments for public education to the weak (though non-dismissible) notion of public goods.

Education is an investment in human capital. In an efficient market, resources will be allocated such that those who would gain the most from the investment will get the most. On some levels, this works. A student with a low IQ who struggles in school will probably not spend much on higher education: either no college or an inexpensive community college, and this person will most likely opt for a job that requires just labor and not labor with a lot of invested capital. Similarly, a student with a high IQ who learns things very quickly will most likely invest more in education: take out large student loans to pay for expensive medical school, for example, and in the end, this student will be in a high paying job that requires that its labor have a lot of invested capital. In such a case, the market has allocated resources efficiently: the factory has a laborer with an appropriate IQ and an appropriate level of education, and the hospital has a laborer with an appropriate IQ and an appropriate level of education. The problem, however, is that family ties make it such that capital is often allocated based on who the child's parents are and not necessarily on the child's abilities or potential. The children of rich parents will often receive a lot of educational investment regardless of their abilities or potential, and children of poor parents will often receive a low level of educational investment regardless of their abilities or potential. The former case is just a waste of resources, while the latter is a more tragic case where someone may be deprived of opportunity. Although some exceptionally bright children will develop very well even with a very low level of investment so that poor resources do not play as large of a role, for many children, the level of educational resources that they receive do play a large role. A higher degree of financial freedom (e.g., student loans, financial aid) along with a clearer picture of each person's abilities make it such that wholesale privatization of higher education makes some amount of sense (and before the post-WWII boom of state universities, this was the norm in higher education), but this is not a sensible approach for primary, or to a lesser extent, secondary education, especially since it is difficult to gauge a child's abilities (and thus the appropriate level of capital investment) until secondary education at the earliest. I would thus say that the most important argument for public primary and secondary education is that it corrects for a market failure brought about by ties of blood interfering with the efficient allocation of resources. And by giving everyone a fair and equal chance, it will also result in a better, more accurate picture of what someone's abilities are when they reach a stage where there is increasing differentiation of investment (e.g., this will increase the likelihood that if a poor child fails to get into college or into an AP class in high school, it is because of factors inherent to the child and not because an unfair lack of educational investment), thus correcting for another market failure brought about by imperfect and distorted information.

Finally, proponents of public education see an educated population as a public good in respect to industries having a better labor pool to draw from. I think that this claim should be dismissed. Instead, I would like to approach this from a different angle and propose the idea that public education encourages more investment in human capital because it diversifies away the risk of this sort of investment. If public education did not exist, then the tax dollars spent on education would end up in the hands of individuals and businesses. Individuals could use that same money to put themselves through private school and businesses could use that money to educate and train their employees, thus resulting in, at least on paper, the same level of education spending as before. However, let us consider a thought experiment where each person has $100 to spend on education. In this thought experiment, $100 spent on education may result in either $220 worth of extra income for a net gain of $120, or it may result in failure, no extra income, and thus a net loss of $100. Assuming equal probabilities of both outcomes, the expected result is a positive gain of $10, or 10%. However, as most people are risk adverse, many will not make such an investment, and society as a whole will miss out on that 10% gain. If, instead, the investment costs were paid by society, the risk is diversified away, and that overall social gain of 10% will thus be realized. Similarly, employers educating their employees about the things that public education would otherwise teach will face similar risks in addition to a free-rider problem where one company can lure away employees educated by another, thus gaining an educated employee while forcing the other company to bear the costs. This will generate risk and will discourage companies from spending too much on human capital investment. Thus, assuming a positive overall return on education, then public spending on education will have a positive overall effect and would thus benefit society as a whole (though, individually, the effects would be mixed).

On the whole, I think that the market inefficiencies introduced by public education are far outweighed by market efficiencies gained from the correction of market failures and from the diversification of risk. That, coupled with the secondary, though still important, public goods arguments, is why I believe public education is an institution that must exist.

Note: Upon further reflection, I suppose I should clarify and say that the arguments for public education are really the arguments for publicly-funded education. Through the use of vouchers, it should be possible to maintain public funding for education while also giving schools an incentive to operate efficiently and effectively. While I do strongly support vouchers in principle, I have many reservations about their actual use because in most cases, vouchers are just a cleverly dressed-up vehicle for people to shield children from secular education and to indoctrinate them in religious schools. Legitimate use of vouchers to transfer a child to a better school do exist, but they account for only a small minority of cases. I also have many reservations about implementation, practice, and how the way reality plays out may differ from the theory on paper.

This entry was edited on 2007/04/06 at 03:04:52 GMT -0400.

Security Advisory #935423: The story of a vulnerability

Tuesday, April 3, 2007
Keywords: Technology

On December 20, 2006, a security company named Determina privately reported to Microsoft a vulnerability in how Windows handles animated cursors. According to Microsoft, they immediately began to "investigate" the issue in December. Not much was heard about this bug until last Wednesday when McAfee reported to Microsoft about a new attack using a previously unknown method. Microsoft then launched their incident response process and issued a security advisory the next day.

On the surface, a bug in how Windows handles animated cursors does not seem to be a very serious problem. (Edit: The following passage has been updated.) However, it is possible in CSS to specify different mouse cursors--for example, if the site owner wishes for the mouse to remain an arrow instead of turning into a hand when hovering over a link. It is thus possible to embed animated cursors on a web page or in an e-mail. Because mouse cursors are rendered by the operating system and not by the browser (the browser effectively tells the operating system to change the cursor), this is an operating system bug that affects all browsers that support the changing of mouse cursors through CSS (which is a part of the official CSS specification). What this means is that if you just visit an infected website, you will be immediately infected without the need for you to do or click anything. Or, if you open, read, or even preview an infected e-mail, you will be immediately infected even if you don't open any attachments in the e-mail. In other words, malware that exploit this vulnerability are extremely virulent. Infected websites could either be created by hackers, or they could be legitimate websites that have been discreetly compromised and hacked to deliver a payload without the website owner's knowledge (which meant that Microsoft's recommended temporary solution to "not visit untrusted websites" is not very practical because it is possible for any "good", but poorly-secured, website to become unwitting infection vectors). Once infected, anything is possible, depending on the payload delivered by the virus--including the possibility of a complete takeover of one's computer and the compromise of all data on it.

The severity of the problem grew significantly worse on Friday and over the weekend, a spam campaign was launched with e-mails that either contained a malicious payload or that had links to websites that delivered a malicious payload. Later in the weekend, a tool was made public that allowed anyone to attach any payload of their choosing to an infection vehicle that exploited this vulnerability. In response, various security groups raised their "alert level", including SANS, which hadn't raised its alert level in almost a year. Recognizing the severity of the problem, Microsoft announced on Sunday that they have a fix and that they will be releasing it on Tuesday. Microsoft always releases their security updates at the same time, on the second Tuesday of each month (known as "Patch Tuesday"), and it is only in rare and severe circumstances, like this one, that Microsoft will deviate from the schedule and release a security update early and separately from the rest.

What is most interesting about this story is how Microsoft responded. This incident never would have happened and goodness-knows-how-many computers would never have been compromised (it will be impossible to measure how many computers were infected because of the large number and wide diversity of different payloads that exploited this vulnerability, though it should be safe to assume that the number will likely be very high) if Microsoft had just fixed the problem in December instead of just "investigating" it for over a quarter of a year. Microsoft clearly didn't think very much about this problem until it was too late. Like most other vulnerabilities, this one uses a buffer overflow, and these are generally very easy to fix. In fact, on Friday, mnin.org was able to locate the exact location of this particular bug, and eEye had created an unofficial "quick-and-dirty" fix for the problem on Thursday. On the other hand, Microsoft, with their vast resources and intimate knowledge of their own code, took more than three months to "investigate" the problem. I suppose this is one of the things that makes Mozilla software more secure. Firefox is not devoid of security vulnerabilities--there has been so many that I've lost count (though still not as many severe ones as Internet Explorer), but after observing how they have handled their security vulnerabilities, it becomes clear that they take an approach that might be described as being excessively paranoid. Each vulnerability, no matter how obscure, is treated with great urgency, and most security flaws are patched within a few days of their initial reporting, even if no attacks exploiting the vulnerability exist and even if the vulnerability has never been publicly disclosed. This is in contrast of Microsoft's practice of quietly sitting on known security vulnerabilities as long as no attacks that exploit them exist and as long as a particular vulnerability has not yet been publicly disclosed, in the gamble that perhaps nothing will ever come of it. Well, this time, Microsoft lost the gamble in a very grand way, and average computer users are paying for it with hijacked systems and compromised data. (Edit: Unfortunately, in this case, because the bug is a OS-level bug, it will affect all browsers, even those not made by Microsoft, but it does serve to illustrate a different approach to such bugs that Microsoft takes.)

Update: Interestingly, a similar vulnerability was reported and fixed in 2005. See Determina's notes.

This entry was edited on 2007/04/03 at 16:05:35 GMT -0400.