Derek E. Bambauer
University of Arizona - James E. Rogers College of Law
August 26, 2014
48 UC Davis Law Review (2014), Forthcoming
Arizona Legal Studies Discussion Paper No. 14-21
Both law and cybersecurity prize accuracy. Cyberattacks, such as Stuxnet, demonstrate the risks of inaccurate data. An attack can trick computer programs into making changes to information that are technically authorized but incorrect. While computer science treats accuracy as an inherent quality of data, law recognizes that accuracy is fundamentally a socially constructed attribute. This Article argues that law has much to teach cybersecurity about accuracy. In particular, law’s procedural mechanisms and contextual analysis can define concepts such as authorization and correctness that are exogenous to code. The Article assesses why accuracy matters, and explores methods law and cybersecurity deploy to attain it. It argues both law and cybersecurity have but two paths to determining accuracy: hierarchy, and consensus. Then, it defends the controversial proposition that accuracy is constructed through social processes, rather than emerging from information itself. Finally, it offers a proposal styled on the common law to evaluate when accuracy matters, and suggests that regulation should bolster technological mechanisms through a combination of mandates and funding. Like the cat of Schrödinger’s famous thought experiment, information is neither accurate nor inaccurate until observed in social context.
Number of Pages in PDF File: 56
Keywords: cybersecurity, Internet, accuracy, integrity, hacking, data, Stuxnet, evidence, confidentialityAccepted Paper Series
Date posted: August 28, 2014
© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.
This page was processed by apollo4 in 0.265 seconds