Eli Dourado, Andrea Castillo | Apr 17, 2014
This paper will describe the current dynamic provision of cybersecurity and explain how a technocratic solution like the Cybersecurity Framework could weaken this process and ultimately undermine cybersecurity.
Adam Thierer | Jan 25, 2013
This paper will consider the structure of fear appeal arguments in technology policy debates and then outline how those arguments can be deconstructed and refuted in both cultural and economic contexts. Several examples of fear appeal arguments will be offered with a particular focus on online child safety, digital privacy, and cybersecurity. The various factors contributing to “fear cycles” in these policy areas will be documented.
Sean Lawson | Dec 19, 2012
Cybersecurity proponents often rely upon cyber-doom scenarios as a key tactic for calling attention to prospective cyber-threats. This essay critically examines cyber-doom scenarios by placing them into a larger historical context, assessing how realistic they are, and drawing out the policy implications of relying upon such tales. It draws from relevant research in the history of technology, military history, and disaster sociology to examine some of the key assertions and assumptions of cyber-doom scenarios. It argues that cyber-doom scenarios are the latest manifestation of fears about “technology-out-of-control” in Western societies, that they are unrealistic, and that they encourage the adoption of counter-productive, even dangerous policies. The paper concludes by offering alternative principles for the formulation of cybersecurity policy.
Eli Dourado | Jun 19, 2012
ISPs have borne significant costs to reduce malware, despite their lack of formal legal liability. Informal institutions perform much better than a regime of formal indirect liability. The fact that legal polycentricity is more widespread than is often recognized should affect law and economics scholarship.
Jerry Brito, Tate Watkins | Apr 10, 2012
There has been no shortage of attention devoted to cybersecurity, with a wide range of experts warning of potential doomsday scenarios should the government not act to better secure the Internet. But this is not the first time we have been warned of impending dangers; indeed, there are many parallels between present portrayals of cyberthreats and the portrayal of Iraq prior to 2003, or the perceived bomber gap in the late 1950s.
Eli Dourado, Jerry Brito | Mar 06, 2012
Like gardens, the Internet developed without government intervention. Unnecessary regulation could break down the norms and practices that caused the Internet flourish in the first place.

Testimony & Comments

Research Summaries & Toolkits

Expert Commentary

Apr 27, 2013

Evgeny Morozov’s latest book, To Save Everything, Click Here, follows the same blueprint as his first book, 2011’s The Net Delusion. He takes the over-zealous ramblings of a handful of Internet evangelists, suggests that Pollyannas like them are all around us, and then argues, implausibly, that their very ideas threaten to undermine our culture or humanity in some fashion. Along the way, he doles out generous heapings of unremitting, snarky scorn.
Feb 22, 2013

Now that President Obama has acted on cyber-security, Congress doesn’t need to. Yet guided by their worst impulses – to extend protections to business, or to exert bureaucratic control – members of Congress will insist that it is imperative they get in on the action. If they do, they will undoubtedly be saddling us with a host of unintended consequences that we will come to regret later.
Feb 21, 2013

While you might drive an Audi and shop at Ikea, you likely can’t even think of a European Internet company. Some would argue that the EU’s strict privacy regulations inhibit Internet entrepreneurship in the continent, but there seems to be something else going on since they don’t seem to keep U.S. firms from doing business there. Well, just barely.
Feb 07, 2013

As more inevitable breaches are reported, the public will demand that Congress “do something” about the cyber threat from abroad—even if they have no idea what that something should be. As a result, Congress will be more than happy to act by spending gobs of money on “cyber R&D and scholarships,” by exempting companies from privacy laws, and even by licensing cybersecurity professionals.
Jan 31, 2013

Aaron Swartz, a 26-year-old computer prodigy and Internet activist, was facing decades in prison for violating federal hacking laws when he took his own life earlier this month. Many commentators, including Lawrence Lessig and Glenn Greenwald, have argued that prosecutorial zeal drove Swartz to hang himself. They’re certainly right. Yet prosecutorial discretion would not have mattered much if the possibility of such draconian punishment did not exist.
Jan 04, 2013

In January, Internet service providers will begin sending notices to subscribers suspected of illegally downloading music or movies using peer-to-peer file-sharing networks. After five increasingly sternly worded warnings, subscribers’ Internet access will be slowed down or partially blocked. This new “Copyright Alert System” is bound to raise the hackles of digital rights activists—but should it?


This week’s chart uses data from federal websites and budget documents to display the federal offices whose missions are directly dedicated to cybersecurity monitoring, provision, and preparedness. Information in a 2013 Government Accountability Office (GAO) report, “Cybersecurity: National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented,” provided the names of several agencies and high offices tasked with coordinating both internal federal cybersecurity and public-private coordination.



Eli Dourado | January 21, 2015
Eli Dourado discusses the rate of cybersecurity breaches in federal agencies, arguing for a private sector-led cybersecurity framework.

Recent Events

Cybersecurity is a hot topic on Capitol Hill. But what exactly does cybersecurity entail? An issue this large encompasses many elements: what is the real threat? What is its scope? Who is at risk? Who is the most suited to defend against the threat?

Media Clippings

Adam Thierer | Jun 24, 2013
"High technology companies are among the fastest growing lobbying shops in Washington," said Adam Thierer.
Jerry Brito | Jul 12, 2012
Jerry Brito cited discussing current cybersecurity concerns.
Eli Dourado | Jul 06, 2012
Eli Dourado explains how the United States can combat new threats to a free and open web.
Adam Thierer | Jun 28, 2012
Adam Thierer comments on Federal Communications Commission (FCC) Commissioner Robert McDowell's recent speech.
Jerry Brito | Jun 27, 2012
Jerry Brito cited discussing the possible effects of revisions to the UN's global telecommunications treaty.
' '