Toward Cyber Peace: Managing Cyber Attacks Through Polycentric Governance
Indiana University - Kelley School of Business - Department of Business Law; Harvard Kennedy School Belfer Center for Science & International Affairs; Center for Applied Cybersecurity Research; Stanford Center for Internet and Society; Stanford Law School
August 20, 2012
American University Law Review, 2013
Views range widely about the seriousness of cyber attacks and the likelihood of cyber war. But even framing cyber attacks within the context of a loaded category like war can be an oversimplification that shifts focus away from enhancing cybersecurity against the full range of threats now facing companies, countries, and the international community. Current methods are proving ineffective at managing cyber attacks, and as cybersecurity legislation is being debated in the U.S. Congress and around the world the time is ripe for a fresh look at this critical topic. This Article searches for alternative avenues to foster cyber peace by applying a novel governance framework termed polycentric analysis championed by scholars such as Nobel Laureate Elinor Ostrom that promotes self-organization and networking regulations at multiple levels. This bottom-up form of governance is in contrast to the increasingly state-centric approach to both Internet governance and cybersecurity prevailing in forums like the International Telecommunication Union (ITU). ICANN, the Internet Engineering Task Force, and the ITU will be used as case studies to explore these different governance models. Analyzing the debate between Internet sovereignty and Internet freedom through the lens of polycentric regulation provides new insights about how to reconceptualize both cybersecurity and the future of Internet governance.
Number of Pages in PDF File: 75
Keywords: cybersecurity, cyber law, Internet governance, ICANN, IETF, ITU, polycentric
Date posted: August 22, 2012 ; Last revised: May 13, 2014