Position: The
government should not
be able to regulate consumer related cyber security.
Argument #1: Companies prioritize finances, which
makes them more inclined to
make security with as little money needed, which implies poorer
security.
"We need
standards and a method for enforcement. We need
liabilities and the ability to sue companies that poorly
secure our data. The biggest reason companies don't
protect our data online is that it's cheaper
not to. Government policy is how we change that.
(Kennerly, 2018)
Argument #2: Standards and a method for enforcement are needed
that way consumers can
have liabilities and the ability to sue companies that poorly
secure our
data.
“A more controversial — but still
nonregulatory — approach would
be to subject private vendors of IT products and
services to tort liability for
security lapses and inadequacies. Vendors say such
liability would stifle
innovation. But today's market environment has few
incentives to attend to
security while innovating. Tort liability — with
appropriate carve-outs and
limits — would help to redress that balance.”
(Kennerly, 2018)
Argument
#3: Responsibilization,
leaving the responsibility
of individual cybersecurity
for the individual or organization to take care of, is
injudicious because
when one particular
person or organization does not manage their personal cyber risk
well, a possible
cyberattack could then possibly affect more than just the
individual or
organization, which would be a national security issue which
would lead to government regulations.
"In summary, the cyber security
situation shares the key characteristics of the other areas we
studied with hierarchist regimes. Firstly, cyber security
requires a level of technicalexpertise that is
relatively rare in the general population. Expecting them [the
general public] to manage their own cyber security is likely
to beunreasonable. Secondly, if an individual fails
to secure his device, it very quickly becomes acommunityissue,
and isinjudicious [in response to an earlier question, 'Is responsibilization judicious?']." (Renaud et al., 2018)
Sources
Kennerly, E. (2018, February 9). Privacy and
the
internet. CQ researcher, 28, 121-144.
Retrieved from http://library.cqpress.com/. Database:
CQ Researcher.
Renaud,
Karen, et al. “Is the
Responsibilization of the Cyber Security Risk Reasonable and Judicious?” Computers & Security, vol. 78, Sep. 2018, pp.
198-211. Elsevier Advanced
Technology, 27 July 2018,
doi:doi-org.libproxy.adelphi.edu:2443/10.1016/j.cose.2018.06.006.
Database: Ebscohost.