Anti-Spam Lawfare

It sounds like some Computer Scientists…

A team of computer scientists at two University of California campuses has been looking deeply into the nature of spam, and they think found a ‘choke point’ [PDF] that could greatly reduce the flow of spam…If a handful of companies like these refused to authorize online credit card payments to the merchants, ‘you’d cut off the money that supports the entire spam enterprise,’ said one of the scientists. [Link]

…has caught up to my thinking…

Often much of the cost of an information security incident falls not onto the party that is responsible for providing the Security but onto third parties. While the enterprise/individual that has the incident may incur costs, much of the cost of this InfoSec externality is put onto others (organizations/individuals/taxpayers).

What is lacking is proper incentives. By incentives I do not mean government regulations or criminal statutes.

I mean money. Getting money is a good incentive. Avoiding loosing money is a good incentive. Not having your Balance Sheet, Income Statement, and Cash Flow Statement be effected by information security loss is a good incentive.

What is needed is Information Security Lawfare.

If an organization or individual deploys information technology in such a way that normal best practices are not followed (read: Duty of Care) and is subsequently used as part of an information security incident, those effected by that information Security incident should sue for a Tort Remedy.[link]

Why leave Lawfare just to the bad guys?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: