AOH :: PT-1202.HTM

CEI on cybersecurity: private insurance, not government regulation

CEI on cybersecurity: private insurance, not government regulation
CEI on cybersecurity: private insurance, not government regulation

-------- Original Message --------
Subject: 	note from Wayne Crews at Competitive Enterprise Institute re:
cybersecurity policy/regulation
Date: 	Tue, 31 May 2005 16:19:38 -0400
From: 	Wayne Crews  

Dear Friends--I thought this new report from CEI on the questions of
liability and the role of insurance in cybersecurity might be of some
interest to you (see below). You're likely well aware of the hearings
and conferences that abound on this topic, and the debate over the
relative roles of regulations and market discipline. (We emphasize
boosting the latter.)  An earlier, related report explored the role of
anonymity online and the distinction between political and commercial
anonymity ("Cybersecurity and Authentication: The Marketplace Role in
Rethinking Anonymity=97Before Regulators Intervene" Future analyses will explore the role 
of telecom deregulation in cybersecurity and critical-infrastructure
security, as well as the appropriateness (and inappropriateness) of
"cyber-vigilantism." Here's hoping we can resolve cyber-hazards with
minimal unintended consequences.

Best, wayne
Clyde Wayne Crews Jr.
VP for Policy, Director of Technology Studies
Competitive Enterprise Institute  
mobile 202.251.4298

Subscribe to /c:\spin/ and other CEI policy newsletters
/The more corrupt the state, the more numerous the laws./
-Tacitus   56 - 120 A.D.

*Managing Cybersecurity for Businesses and Consumers*

/Study: Why Rules on Liability and Insurance Should Be Set by Market
Players, Not Feds /

Washington, D.C., May 31, 2005=97Computer security and liability are
elements of what in today=92s highly-networked economy we call
cybersecurity. While cybersecurity has become a focus of policymakers,
it is an economic and legal arena too dynamic and important to fall
under an inflexible set of federal rules, according to a new study
 by Competitive Enterprise 
Institute Vice President for Policy Clyde Wayne Crews, Jr
. Crews advises 
letting market players negotiate among themselves the most efficient
agreements and remedies to cybersecurity threats.

=93We face unprecedented information security vulnerabilities in our
hyper-networked, global economy. Leaving the path clear for private,
technical, market, and contractual solutions, and avoiding governmental
mandates that impede contractual liability and insurance markets, should
take priority,=94 writes Crews.

With high-profile customer security breaches at major corporations
arousing national interest in the issue, it becomes all the more
important to head off panicked regulatory policies being proposed simply
in the name of doing =93something=94 about the problem. A new market for
risk assessment and management is already beginning to evolve; a set of
rules issued from Washington would likely destroy the benefits of those
creative responses.

=93Embracing legislation or mandates can mean locking in collective
=91solutions=92 that may be hard to correct, undermining information
security rather than enhancing it. Policymakers, along with the
computing and infrastructure industries, should think carefully before
implementing further federal regulation over risk allocation,=94 Crews

Read the full text [pdf] of /Cybersecurity Finger-pointing: Regulation
vs. Markets for Software Liability, Information Security, and Insurance
/online . Other CEI reports on 
cybersecurity include /Cybersecurity and Authentication: The Marketplace
Role in Rethinking Anonymity=97Before Regulators Intervene

CEI is a non-profit, non-partisan public policy group dedicated to the
principles of free enterprise and limited government.  For more
information about CEI, please visit our website at 

Politech mailing list
Archived at 
Moderated by Declan McCullagh ( 

Make REAL money with your website!

The entire AOH site is optimized to look best in Firefox® 2.0 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to