Who's Connected to Whom: The Impact of Liabilities and Network Structures on the Costs of Bad Behaviour Online
14 Pages Posted: 22 Jan 2012
Date Written: August 15, 2010
The spread of malware (broadly defined) and other risks on electronic networks has frequently been studied using the tools of epidemiology. This approach has led to a number of important insights, but tends to be applied at the system design level and thus cannot account for a number of observable features and can produce misleading policy recommendations, especially in contexts where the risks, the structure of the network and individual (as well as collective) risk management behaviour change endogenously. The present paper extends the analysis by considering the interactions among: The spread of ‘infections’ – in other words the state of the population of networked nodes; The structure of the network – to whom (and how) the nodes are linked; and The strategies or behaviour adopted by individual nodes – including risk communication and risk management.
The body of the paper develops some suggestive results from existing and ongoing research from related areas of theory and applies them to stylised aspects of the malware problem; the discussion also indicates areas for future work, especially in the latter part, which also develops some policy implications. In addition to the literature the paper draws on research being undertaken in connection with two specific projects: an investigation into privacy and security in cloud computing funded by the European Commission Directorate-General for Information Society and Media and an interdisciplinary study of the governance of livestock disease funded by the UK Biotechnology and Biological Sciences Research Council. It further benefits from the generous comments of colleagues at RAND Europe and the University of Warwick Departments of Economics, Biological Sciences, Systems Biology and e-Security. None of the material in this paper represents the position of any of the people or organisations whose support is acknowledged here and any errors remain my own.
Suggested Citation: Suggested Citation