|
|
|
|
||||
|
||||
Rules, Standards, and GeeksDerek E. BambauerUniversity of Arizona - James E. Rogers College of Law March 22, 2011 Brooklyn Journal of Corporate Finance & Commercial Law, Vol. 5, p. 49, 2011 Brooklyn Law School, Legal Studies Paper No. 223 Abstract: Policymakers and scholars generally assume that information technology is best regulated using standards, not rules. This Article argues that rules are often the superior choice. Those favoring standards typically focus on the wrong problem: they seek to prevent data spills, rather than to mitigate their impact. Rules can helpfully reduce a breach's effects. For technology, rules are preferable when they can specify a minimum level of protection that is relatively effective; where obsolescence occurs slowly; and where monitoring implementation is low-cost and accurate. The Article sets out examples of where each type of approach is superior. Application design is best governed by standards, while the transport and storage of data, along with identification of access to information, are best dealt with via rules. The Article questions the prevailing consensus in favor of standards for regulating technology, and also seeks to create testable predictions about when rules will work better.
Number of Pages in PDF File: 15 Keywords: rules, standards, encryption, data security, privacy, technology, hacking, data spill, breach, mitigate, storage, application, design, efficiency, cost-effectiveness, information Accepted Paper SeriesDate posted: March 27, 2011Suggested CitationContact Information
|
|
||||||||||||||
© 2013 Social Science Electronic Publishing, Inc. All Rights Reserved.
FAQ
Terms of Use
Privacy Policy
Copyright
This page was processed by apollo2 in 0.375 seconds
