Derek E. Bambauer
University of Arizona - James E. Rogers College of Law
April 11, 2011
Minnesota Law Review, Vol. 96, p. 584, 2011
Brooklyn Law School, Legal Studies Paper No. 227
Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. It addresses cybersecurity based upon identification of actors and intent, arguing that inherent defects in the Internet’s architecture must be remedied to enable attribution. These proposals, if adopted, would badly damage the Internet’s generative capacity for innovation. Drawing upon scholarship in economics, animal behavior, and mathematics, this Article takes a radical new path, offering a theoretical model oriented around information, in distinction to the near-obsession with technical infrastructure demonstrated by other models. It posits a regulatory focus on access and alteration of data, and on guaranteeing its integrity. Counterintuitively, it suggests that creating inefficient storage and connectivity best protects user capabilities to access and alter information, but this necessitates difficult tradeoffs with preventing unauthorized interaction with data. The Article outlines how to implement inefficient information storage and connectivity through legislation. Lastly, it describes the stakes in cybersecurity debates: adopting current scholarly approaches jeopardizes not only the Internet’s generative architecture, but also key normative commitments to free expression on-line.
Number of Pages in PDF File: 92
Keywords: cybersecurity, security, Internet, information, regulation, architecture, cyberlaw, inefficiency, Egypt, Stuxnet, connectivity, data retention, ISP, kill switch, cyberwar, espionage, authentication, attribution, cyberspace, critical infrastructure, computers, terrorism, cybercrime, hacking, disaster
JEL Classification: O30, O33, O38
Date posted: April 12, 2011 ; Last revised: April 11, 2015
© 2015 Social Science Electronic Publishing, Inc. All Rights Reserved.
This page was processed by apollo1 in 0.281 seconds