Paul Rosenzweig on Cybersecurity and Public Goods
Former DHS policy official Paul Rosenzweig has this new contribution to a paper series published by the Hoover Institution's Task Force on National Security and Law--of which I am a member. The paper, entitled "Cybersecurity and Public Goods: The Public/Private 'Partnership,'" concludes as follows:
cyberspace is unique.
Published by The Lawfare Institute
in Cooperation With
Former DHS policy official Paul Rosenzweig has this new contribution to a paper series published by the Hoover Institution's Task Force on National Security and Law--of which I am a member. The paper, entitled "Cybersecurity and Public Goods: The Public/Private 'Partnership,'" concludes as follows:
cyberspace is unique. And the best way to correctly approach fundamental policy questions about the division of authority between government and private actors is to begin with a fundamental analysis of first principles. Those economic principles suggest there is a clear but limited domain in which government action is both appropriate and required: that of fostering the sharing of cybersecurity information. As for the rest of the bundle of cybersecurity goods, we face a wicked problem. Private sector actions will doubtless create externalities that the market cannot account for and that cannot be effectively managed by a self-organizing private sector. But the prospect of government action to correct for those externalities raises the same traditional problems of regulatory capture that attend any government endeavor. More fundamentally, precisely because cyberspace is unique in its rapidly changing and path-breaking nature, we face the almost intractable problem of creating policy too slowly to be of any utility. Ultimately, then, the principle recommendation for government is to treat cyberspace like any patient with an ailment and “first, do no harm.”
Benjamin Wittes is editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings Institution. He is the author of several books.