Deworming the Internet
51 Pages Posted: 24 Nov 2004
Abstract
Both law enforcement and markets for software standards have failed to solve the problem of software that is vulnerable to infection by network-transmitted worms. Consequently, regulatory attention should turn to the publishers of worm-vulnerable software. Although ordinary tort liability for software publishers may seem attractive, it would interact in unpredictable ways with the winner-take-all nature of competition among publishers of mass-market, internet-connected software. More tailored solutions are called for, including mandatory "bug bounties" for those who find potential vulnerabilities in software, minimum quality standards for software, and, once the underlying market failure is remedied, liability for end users who persist in using worm-vulnerable software.
Keywords: Worms, viruses, software, market failure, network externality, negative externality, perverse incentives, tort liability, lemons equilibrium, regulation
JEL Classification: K29, K13, L86, 031
Suggested Citation: Suggested Citation