SOME JOBS are so politically sensitive that their occupants need special protections that run contrary to the general rule that top government officials ought to be accountable to someone — usually the governor — for their actions.
Members of the State Ethics Commission, for instance, are charged with deciding whether the governor and her supporters broke the ethics law, so she can’t remove them unless they break the law or refuse to show up for work, or meet a few other narrow criteria.
We give the same protection to the SLED chief for similar reasons, and to the inspector general, who is charged with ferreting out wrongdoing in state agencies, including the governor’s Cabinet and even her office.
But we don’t stop there. The list of protected gubernatorial appointees — that is, people who are hired or appointed by the governor but who, in reality, don’t work for her, or for anyone else, because they can’t be fired — is up to 15 categories, one of which (members of professional licensing boards) encompasses hundreds of people. And it’s growing.
Now senators want to add a new cybersecurity chief to the list of protected employees, making it impossible to fire him without going through a drawn-out administrative and possibly judicial procedure, to prove to exacting legal standards that he’s not up to the job.
Which raises this question: What in the world would possess anyone to think we need to give union-style job protections to the person charged with making sure state agencies protect the public from identity theft?
Granted, a director of information technology security who has the authority to force state agencies to encrypt records or use double-password verification systems or other time-consuming and sometimes expensive procedures is likely to ruffle feathers.
Frankly, that’s part of the reason we need such an official. Agency directors don’t tend to be experts on computer security, or fully comprehend its importance, so it’s just too tempting — as we saw at the Revenue Department — to downplay the threat while they try to stay on budget. And to be clear: The overall thrust of S.334 — to create a central authority to set and enforce IT security standards across the government — is excellent, and overdue.
But those union protections for the new IT security chief? Really, what are senators afraid of? That the governor is going to fire the cybersecurity chief because he insisted that state agencies encrypt the sensitive personal data that they force us to give them?
Even the black-helicopter crowd wouldn’t argue that the governor — or the Revenue Department — deliberately exposed our tax records.
Frankly, I’m willing to trust that politics will keep the governor in line on this one. It’s tough enough for a governor to have to explain that 6.4 million individuals’ and businesses’ Social Security numbers and bank records were hacked because her agency director either didn’t know about or ignored concerns from his own IT people. She certainly doesn’t want to have to explain that we had another breach because she fired the state cybersecurity chief, or cowed him into backing off basic protections.
Truth be told, I’d be more concerned that a governor wouldn’t be aggressive enough if a cybersecurity chief gets out of control.
As much as some legislators are fond of saying that no price is too high to secure our personal information, the fact is that there is always, always more that can be done to provide security, be it for our computer networks or our cities or our businesses or our homes. The fact is that some prices are indeed too high, and it’s the job of our Legislature and our governor, or whoever a cybersecurity director reports to, to balance the risk against the cost, in money and in time.
If you’re going to give union-style job protections to the cybersecurity chief, then why not give them to the governor’s lobbyists — since she might not like it if they tell her that legislators don’t like her? Or to the prison director — since she might not like it if he tells her how much it’s going to cost to keep the prisons safe?
In fact, why not just go back to the way we did things when I moved to South Carolina, when the governor couldn’t fire the directors of any state agencies? When those directors reported to part-time board members who, even if the governor could appoint them, couldn’t be fired.
For that matter, if S.C. governors are that untrustworthy, maybe we ought to go back to the old system whereby the Legislature elected the governor. After all, what’s the point of bothering voters with the matter of electing a governor if the governor has no power to carry out the agenda those voters elected her to carry out?
Or maybe, just maybe, we could decide that government officials should be held accountable for their actions. Maybe we could decide that it’s better to trust that a governor won’t abuse her power over powerful officials than it is to risk that those officials will either get too comfortable in their jobs or else let their power go to their heads, and be less aggressive, or more aggressive, than they ought to be, because they don’t have a boss — and they know they’ve got a job for life.
Ms. Scoppe can be reached at email@example.com or at (803) 771-8571.