SSRN Home Search and Download Papers Browse Abstract and Paper Submission Subscribe to Networks View Briefcase Top Papers Top Authors Top Institutions

 

Abstract

  
 

Footnotes (149)

Beta

 		 


 


Download | Share | Email | Add to Briefcase | Buy Hard Copy

Network Responses to Network Threats: The Evolution Into Private Cyber-Security Associations

Amitai Aviram
University of Illinois College of Law

July 2004

FSU College of Law, Public Law Research Paper No. 115; FSU College of Law, Law and Economics Paper No. 05-04

Abstract:     
The enforcement of certain norms on network participants - such as norms supporting information exchange and governing access to the network - is critical in ensuring the security of the network. While a public norm enforcer may be feasible in many situations, private norm enforcement may, and frequently does, complement or substitute public enforcement. Private enforcement of cyber-security is often subsidized, primarily in non-pecuniary manners (e.g., by exemption from antitrust laws). These subsidies may be necessary to capture the positive externalities of providing security to the network, but they also bias private parties' incentives and may result in the formation of inefficient security associations that are beneficial to their members only due to the subsidy. To mitigate this concern, subsidies should be awarded only to associations that are likely to be effective in enforcing norms on the network participants. This Article offers a framework that assesses the likelihood that an association would become an effective norm enforcer.

Norms that are expensive to enforce are rarely enforced by newly-formed private legal systems (PLSs), because the effectiveness of mechanisms used to secure compliance (e.g., the threat of exclusion) depends on the PLSs' ability to confer benefits on their members, and newly-formed PLSs do not yet confer such benefits. Pre-existing functionality inexpensively enhances a PLS' ability to enforce norms, and therefore most PLSs rely on preexisting institutions that already benefit members, typically by regulating norms that are not very costly to enforce. The threat of losing these benefits disciplines members to abide by the PLS' rules, thus permitting the PLS to regulate behavior.

Network security norms are usually expensive to enforce, and thus a private association enforcing them would be more successful and thus more deserving of public subsidies if it relied on a suitable pre-existing functionality. The Article suggests criteria for assessing the effectiveness of pre-existing functionalities.

JEL Classifications: D23, K20, K42, L14

Working Paper Series

Date posted: July 28, 2004 ; Last revised: May 09, 2005

Contact Information

Amitai Aviram (Contact Author)
University of Illinois College of Law ( email )
504 E. Pennsylvania Avenue
Champaign, IL 61820
United States
Feedback to SSRN (Beta)


Paper statistics
Abstract Views: 2,382
Downloads: 272
Download Rank: 30,638
Footnotes: 149
People who downloaded
this paper also downloaded:
1. Cyber Security: Of Heterogeneity and Autarky
By Randal Picker

© 2009 Social Science Electronic Publishing, Inc. All Rights Reserved. Terms of Use  Privacy Policy
This page was served by apollo3 in 0.125 seconds.