FC: Reply to Schneier: No need for more federal "cybersecurity" laws

From: Declan McCullagh (declanat_private)
Date: Wed Oct 16 2002 - 06:56:41 PDT

  • Next message: Declan McCullagh: "FC: Text of 1986 Defense Department directive on assisting police"

    Previous Politech message:
    http://www.politechbot.com/p-04081.html
    
    ---
    
    Date: Tue, 15 Oct 2002 22:28:13 -0400
    From: Roderick Sprattling <rlsat_private>
    To: declanat_private
    Subject: Re: FC: Bruce Schneier: Feds need to pass new laws for "cybersecurity"
    
    Declan,
    
    I agree with Schneier when he says "make companies liable for insecurities, 
    and you'll be surprised how quickly things get more secure." But don't pass 
    laws making companies liable: Markets can be much stronger motivators than 
    regulation, so turn up the liability heat in society by creating and 
    promoting security's version of Consumer Reports.
    
    Love it or hate it, you've got to admit Consumer Reports and similar 
    product testing and review organizations do more than just teat, praise and 
    pan products. They also identiy and teach people what attributes of a 
    product class really matter, and what the acceptable range of those 
    attributes' values should be.
    
    In time:
    
    - People will learn the applicability of information security to their 
    lives, and demand security from organizations.
    - Standards bodies will be more focused and careful.
    - Organizations will first consider security in product and service design.
    - Organizations will be more careful about product claims and information 
    utilization.
    - Organizations will be more responsive to security breaches.
    
    Social and economic liabilies are far more powerful, immediate and elegant 
    forces of influence than criminal and civil liabilities. Organizations also 
    can't write themselves out of the liability loop as they can when the law 
    is involved, so governmental and non-commercial organizations are 
    influenced as well.
    
    Rod Sprattling
    rlsat_private
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    -------------------------------------------------------------------------
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    Recent CNET News.com articles: http://news.search.com/search?q=declan
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Wed Oct 16 2002 - 08:27:40 PDT