Who is Bruce Sterling Kidding?

Bruce Sterling calls for War on Cyberterror - the threat of spam, viruses, worms, etc. He calls for three policy recommendations.

...The FBI claims it will get around to arresting spammers sooner or later. The G-men need to start now.

...

We're witnessing the birth of an ugly electronic underworld. Only smart, energetic, iron-fisted law enforcement will bring it to heel.

...

[Amit] Yoran is a nice guy with some hard-won expertise, but the core of his job is, as he describes it, "to motivate the public and private sectors to partner and act decisively under their responsibilities." In other words, Yoran himself can't do a damn thing. He has no badge, no gun, no team of prosecutors, no carrot, and no stick. He needs all of those things, and he needs them yesterday.

As successful as the War on Drugs has (not) been, does Sterling really thing a War on spam and viruses is going to be any more successful? At least drugs take up physical space, even if it is very little physical space. A small fragment of code is infinitely reproducible and can be highly distributed at the click of a mouse. What is Yoran going to do with the guns and prosecutors Sterling wants him to have - threaten CEOs with jailtime unless they protect their own businesses? Don't they have an incentive to do that already?

Sterling sees the world through a technocrat's eyes. Problems are solved by wise men in offices handing down dictates and creating 5-year plans. The rest of society is either too dumb or too sluggish to find its own solutions.

Yet a stroll into any Staples or Office Max proves him wrong. Numerous aisles are lined with stacks of boxes of the latest security and antivirus software. Computer security has become a multi-billion dollar industry. And "industry" is the key word. Computer security, like any other kind of security, is a scarce economic good. Companies such as McAfee, Symantec, and Computer Associates, among others, compete to provide individual consumers and businesses with this good.

How effectively are they providing this good? With rare exception, companies continue to do what they are in the business of doing in spite of spam and viruses. I have continued to use my computer daily for the past year with only a single occasion during which I had to expend significant effort as a result of security breaches. Computer security does have very real costs, but that is a direct result of it being a scarce good.

Sterling wants to fight the battle through central authority. But that approach is highly unlikely to be successful. The knowledge to fight the constantly evolving arms race between cyberterror and cybersecurity lies at the periphery, dispersed among the multitude of users in the field. It is in the minds and skills of those who have a vested interest in protecting their property, not in the office of the technocrat. It will be successfully provided through the free market, not through experts empowered with sticks and guns.

Share this

The real issue isn't spam

The real issue isn't spam per se, but *fraudulent* commercial offers via email that violate the existing commercial code.

Fraudulent business dealings are a criminal activity. That means there's a role for the state in protecting against it. Not distributed market mechanism will protect us against people who violate the rules of the game. At some level of criminal penalty, state intervention will quell fraudulent spam, as it should.

As for non-fraudulent spam, I'd argue it does the world some good, in the same way traditional direct mail solicitations disseminate information and help solve public goods problems in markets by securing donations for nonprofit organizations, etc.

Andrew: Of course, the

Andrew:

Of course, the state/courts should protect its citizens from fraudulent actions. That is a given. It is a role that transcends particular arenas (such as, in this case, cyberfraud). But there seems to be this idea that we need the state to "focus" on certain types of fraud, and create even more layers of bottom-sludge beaurocracy in order to "specialize". Fraud is fraud, whether it's scheming old folks out of their life savings via an infomercial on late-nite cable, or scheming naive people into giving you all sorts of private information via a fake e-mail from a trusted source. Fraud is fraud, we don't need another layer of beaurocracy to make sure that certain types of fraud are paid more attention to.

Either way, to the issue of cybersecurity, we all know that, whenever the Empire decides to declare "war" on something (war on drugs, war on poverty, etc.), then that something is in for a big ass-kickin, right? I mean, damn, the war on drugs has been successful, right? The war on poverty has been successful, right? Since Bush declared a "war" on a verb, terror, we h'aint got no mo terrrra, right?

I think it might have been Julian Sanchez that pointed out that a government declaration of "war" on someTHING is usually just an excuse for the state to begin curtailing freedom and liberty in the name of said "war". "War" connotes a time of sacrifice and fear, a time of coming together, putting aside all objections, and blindly working to defeat an enemy, no matter the cost. And this is why the government and pro-statist types like to declare war on anything they want to get rid of, but can't do so without raping the constitution.

A "war" on something is the last thing we want.

And, as Jonathan pointed out, the market will take care of this problem. I personally get alot of spam at my old college e-mail addy, since I've had it for about 8 years now. But my firm recently installed spam and virus filtering software at the gateway to our network, and I personally have a FREE pop-up blocker, and 2 different FREE adware and spyware search-n-destroyers. So, using mostly free shareware software, and a powerful spam/virus filter that my firm paid for, I have alleviated all the doom-n-gloom evils that have sent Bruce Sterling to whimper in the corner like a little beeyatch. :cry2:

But, yes, yes, let's spend millions upon millions of stolen taxpayer dollas to fund an inefficient bearocratic "war" on "cyberterror"...even though said "cyberterror" has been defeated, by me, for next to nothing, with a few clicks of a button. :dizzy: Gotta love the doom-n-gloomers. They're so innovative! No matter what, they always find a way to turn the stupidest little problems into worldwide bringers of horror and suffering.

Hey Bruce, go to www.download.com and check out their various FREE anti-spam/anti-popup/anti-spyware/anti-adware/anti-virus downloadable software.

The real issue isn’t spam

The real issue isn’t spam per se, but fraudulent commercial offers via email that violate the existing commercial code.

That may be true, but I don't see Sterling addressing that issue, with the exception of using the word "scammers" in passing. The essay was focused on nonspecific spam, viruses, and worms.

Fraudulent business dealings are a criminal activity. That means there’s a role for the state in protecting against it.

I don't see how that follows at all.

Not distributed market mechanism will protect us against people who violate the rules of the game. At some level of criminal penalty, state intervention will quell fraudulent spam, as it should.

State intervention takes resources. The question becomes whether those resources are most effective at stopping fraud in the hands of the state or in the hands of private enterprise. I am skeptical that the answer the hands of the state due to the distributed nature of the problem.

Jonathan, If fraud is

Jonathan,

If fraud is committed, then an act of aggression (theft) has been committed. If there is a single legitimate role of the State, it is to protect the rights of its citizens.

This protection does not have to come in the form of preemptive intervention, but rather, in punishing said acts of aggression by one citizen against another.

Are you asserting that the government should simply stand idly by while people are robbed or attacked?

D, Please show me what you

D,
Please show me what you call the "dogmatic" degeneration.

I'm sad to see that the

I'm sad to see that the editors of Catalarchy degenerate into dogmatic, anti-government anarchists. I find it hard to believe you are unwilling to even accept a role for the state in the protection against fraud in the marketplace via spam email. You should be careful about this -- taking a position like that, you unfortunately risk subtracting yourself from the mainstream world of ideas. People simply won't listen to anarchists, and you'll never make progress changing the world. And that's too bad, because you guys have a lot to say that would do the mainstream some good, if you would just abandon the crazy Austrian extremism.

Jonathan, I agree that

Jonathan,

I agree that "security" against aggression is not a required role of the state. It's only when the private sector security fails and actual fraud is committed, when the state can step in, right? But, then, where do you stand on, say, attempted murder charges? What if you personally pay for a security system in your home, then someone tries to break in, your system goes off, and the police catch him/her. Would you press charges? Is the role of the state also to punish aggression even if no actual harm is done?

Micha,

However, getting to your example, even if you do leave your door unlocked, and your house is burglarized. Should the burglar then not be punished? Is not the role of the state to punish those citizens who aggressively violate the rights of others? Do I not have the right to my property? Surely, to use yoru example, if I DID leave my house unlocked, and was burglarized, and then I blamed the police for not keeping crime down, and called for a bigger police presence in my neighborhood, that would be bogus.

D,

Why should the government have a role in "protecting" against e-mail fraud? Surely, if fraud is perpetrated, then you may call upon the government to punish those who committed it, and also to garner restitution. This is the role of the state: reactive, not proactive. Surely, making certain things illegal is a way to proactively use reactive punishment as a deterrent; this seems like one of the main goals of imprisonment and fines anyway. But to declare that the state has the responsibility of making sure that you don't get defrauded, is ludicrous. The state does not exist to make sure that everyone is safe from harm all the time, especially when the private sector does a much better job at such things, at a fraction of the cost.

What if I don't own a computer? Should the state rob me of my wealth via taxation, and use those dollars to protect computer users...even though the free market is perfectly capable of being selective in its fees, whereas the state is not?

Evan, My main point was

Evan,
My main point was about security, which Sterling also focused on, not fraud. I think internet security, though it may be a defense of rights, is best provided by the private sector due to the dynamic nature of action/reaction found in cyberspace, not the government.

For some reason, people

For some reason, people think they are entitled to scarce goods--internet security, computer privacy, undisturbed email accounts--for free. The central insight of economics is there ain't no such thing as a free lunch--if you want a scarce good, you will have to pay for it - or wait in line for it, or bribe the right politician for it. If you want to live in an unlocked, glass house with your address posted on a billboard, few of us are going to take your complaints seriously when you get bombarded by burglars, peeping-toms, and advertisers.

This is just another instance of the fallacious belief that socialism can solve the scarcity problem. It can't; it just makes the problem worse.

The same goes for socialized police, socialized law, socialized military...

D, I didn't see anything

D,

I didn't see anything dogmatic in my comment. If you want to see dogmatic, I can direct you to some other radical libertarian websites. All I said was that free markets work better than socialist monopolies, and took this insight to its logical conclusion. There's nothing dogmatic about that.

Evan,

However, getting to your example, even if you do leave your door unlocked, and your house is burglarized. Should the burglar then not be punished? Is not the role of the state to punish those citizens who aggressively violate the rights of others?

The burglar should be punished, but that doesn't mean the state is the only one capable of providing this service. Further, private insurance companies have an interest in providing financial incentives to their customers to encourage them to lock their doors. Governments do not.

Surely, to use yoru example, if I DID leave my house unlocked, and was burglarized, and then I blamed the police for not keeping crime down, and called for a bigger police presence in my neighborhood, that would be bogus.

That was essentially my point: people are calling for a state solution for "cyberterror", yet they are unwilling to bear even the slightest cost themselves to reduce spam, viruses, etc.

[...] al | Comments (0)

[...] al | Comments (0) slvShowNewIndicator(-1); | Trackback | Cosmos

Spurred by the comments below, a couple of questions for readers. During the w [...]