No Cop on the Beat: Underenforcement in E-Commerce and Cybercrime

20 Pages Posted: 21 May 2008 Last revised: 16 Aug 2017

See all articles by Peter Swire

Peter Swire

Georgia Institute of Technology - Scheller College of Business; Georgia Tech Institute for Information Security & Privacy; Cross-Border Data Forum

Date Written: 2009


This essay gives new reasons why we should expect underenforcement for E-commerce, cybercrime, and Internet harms more broadly. It also recommends a strategy for addressing that underenforcement, focusing on more federal or federated enforcement.

The essay stresses an information problem and a commons problem that have largely been overlooked to date. In brief, the information problem arises because only a tiny fraction of complaints and knowledge about an online fraudster or criminal comes from each jurisdiction. Enforcers thus lack the informational basis for telling good guys from bad guys. Priority bad guys are thus less likely to become the targets for enforcement.

This information problem is compounded by a commons problem. In light of the incentives facing enforcement agencies, priority will typically go to cases where many or all of the victims are local. No one will have the incentive to give priority to harms that occur across borders. This is a classic commons problem, because cross-border harms will be left to someone else. In short, no one will own these problems, and there will be underenforcement.

These information and commons problems exacerbate the forensic problem that has been the focus of the greatest legal attention to date, the problem that it is often technically and legally difficult to gather evidence where the perpetrator is physically distant from the victim. The basic response should be to shift toward more federal and federated enforcement. Federal enforcement means a greater role, compared to offline activity, for the Federal Trade Commission in consumer protection and the Department of Justice for cybercrime. Federated enforcement means building new structures, compared to offline activity, to share information among local enforcers and to encourage local enforcers to bring more enforcement actions even when the perpetrator and many of the victims are outside of their jurisdiction.

Part I of the essay explains the information, commons, and forensic problems in greater depth, and explores policy and legal responses to those problems. Part II responds to five possible critiques, which I call: (1) The Internet hasn't really changed anything; (2) Enforcement works better on the Internet; (3) We actually don't want enforcement for what's done on the Internet; (4) States need to be the laboratories of experimentation; and (5) The Feds don't do small potatoes.

Keywords: E-commerce, cybercrime, commons

Suggested Citation

Swire, Peter, No Cop on the Beat: Underenforcement in E-Commerce and Cybercrime (2009). 7 Journal of Telecommunications and High Technology Law 107 (2009), Available at SSRN: or

Peter Swire (Contact Author)

Georgia Institute of Technology - Scheller College of Business ( email )

800 West Peachtree St.
Atlanta, GA 30308
United States
(404) 894-2000 (Phone)

Georgia Tech Institute for Information Security & Privacy ( email )

Atlanta, GA 30332
United States

Cross-Border Data Forum

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics