Bruce Schneier throws in his two thousand quatloos worth on the ChoicePoint fiasco. Among other things:
The upshot of this is that ChoicePoint doesn't bear the costs of identity theft, so ChoicePoint doesn't take those costs into account when figuring out how much money to spend on data security. In economic terms, it's an "externality." The point of regulation is to make externalities internal. SB 1386 did that to some extent, since ChoicePoint now must figure the cost of public humiliation when they decide how much money to spend on security. But the actual cost of ChoicePoint's security failure is much, much greater. Until ChoicePoint feels those costs – whether through regulation or liability – it has no economic incentive to reduce them. Capitalism works, not through corporate charity, but through the free market. I see no other way of solving the problem.
One of the reasons I don't agree with the agorist wing of the Libertarian party (the wing that would turn absolutely everything over to the Greek marketplace) is that mechanisms that internalize externalities need to be enforced. In most cases, the marketplace will work, once a consensus has been established, but if it breaks down, the government can at least serve as a court of last resort.
Private courts, private arbitration services, private negotiation services, "justice management organizations", and other free market devices are fine, but they work better when the law requires parties in a dispute to use one of these, and if none of them can agree on one, fall back on the government default.
And the beauty of that sort of system is that the government institution need not be perfect, or even very good. If it is, great. If not, then it can be used as a threat, in the event the parties in a dispute refuse to agree on a third party to settle their differences.
No comments:
Post a Comment