Government Intervention in Information Infrastructure Protection
Critical information infrastructure protection is the subject “du jour.” An important part to addressing the issue is to answer the question whether the private sector or the government should be responsible for protection. The choice of governing arrangement – government provision, private provision or any combination thereof – is essential to ensuring an adequate level of security. This paper discusses how the market for critical information infrastructure protection may be susceptible to various market failures, namely public goods, externalities and information deficits. The presence of these market failures suggests that government intervention in the market is necessary. While this paper does not present a specific regulatory model or a set of regulatory tools to address these market failures, it asserts that understanding the market failures inherent in critical information infrastructure protection is a key element to designing a successful regulatory policy. Failure to understand and acknowledge the reasons for the inability of the private sector to provide adequate protection can impact a nation-state’s security and render it vulnerable to attack.
Keywords: Critical information infrastructure protection, cyber security, market failures, government regulation
KeywordsPrivate Sector Public Good National Security Market Failure Critical Infrastructure
- A. Aviram and A. Tor, Overcoming impediments to information sharing, Alabama Law Review, vol. 55(2), p. 231, 2004.Google Scholar
- L. Branscomb and E. Michel-Kerjan, Public-private collaboration on a national and international scale, in Seeds of Disaster, Roots of Re- sponse: How Private Action Can Reduce Public Vulnerability, P. Auer- swald, L. Branscomb, T. La Porte and E. Michel-Kerjan (Eds. ), Cambridge University Press, New York, pp. 395-403, 2006.CrossRefGoogle Scholar
- C. Coyne and P. Leeson, Who protects cyberspace? Journal of Law, Eco- nomics and Policy, vol. 1(2), pp. 473-495, 2006.Google Scholar
- B. Crowell, Too many secrets: Overclassification as a barrier to critical information sharing, Testimony to the Markle Taskforce on National Security in the Information Age, Subcommittee on National Security, Emerging Threats and International Relations, House Committee on Government Reform, U. S. House of Representatives, Washington, DC (www.fas. org/sgp/congress/2004/082404crowell. html), August 24, 2004.
- N. Elkin-Koren and E. Salzberger, Law, Economics and Cyberspace, Edward Elgar, Cheltenham, United Kingdom, 2004.Google Scholar
- R. Mandel, The Changing Face of National Security: A Conceptual Analysis, Greenwood Press, Westport, Connecticut, 1994.Google Scholar
- P. McNutt, Public goods and club goods, in Encyclopedia of Law and Economics, Volume I -The History and Methodology of Law and Economics, B. Bouckaert and G. de Geest (Eds. ), Edward Elgar, Cheltenham, United Kingdom, pp. 927-951, 2000.Google Scholar
- A. Ogus, Regulation: Legal Form and Economic Theory, Clarendon Press, London, United Kingdom, 1994.Google Scholar
- B. Powell, Is cyber security a public good? Evidence from the financial services industry, Journal of Law, Economics and Policy, vol. 1(2), pp. 497-510, 2005.Google Scholar
- B. Schneier, Secrets and Lies: Digital Security in a Networked World, John Wiley, New York, 2000.Google Scholar
- A. Smith, The Wealth of Nations, Bantam Classics, New York, 2003.Google Scholar
- U. S. -Canada Power System Outage Task Force, Final Report on the August 14, 2003 Blackout in the United States and Canada: Causes and Recommendations, U. S. Department of Energy, Washington, DC (reports. energy. gov/BlackoutFinal-Web. pdf ), 2004.Google Scholar