Distributed Security: Moving Away from Reactive Law Enforcement

Cybercrime essentially consists of using computer technology to engage in illegal activity. The activity can constitute traditional crime (e.g., fraud, theft, extortion) or new types of criminal behavior (e.g., denial of service attacks, malware). Cybercrime creates significant challenges for our current, reactive model of law enforcement: The current model of law enforcement evolved to deal with real-world crime, which is spatially-based and limited in scale due to the constraints of physical reality. Cybercrime ignores territorially borders and, since it can be automated crime, can be committed on a much greater scale than real-world crime. For these and other reasons, the hierarchical, reactive model we use to control real-world crime is not an effective means of dealing with cybercrime. It is therefore necessary to develop a new model to deal with cybercrime. The model cannot be a hierarchically-based system which is designed to concentrate personnel and other resources on controlling a population situated in a spatially defined area. It must be a lateral, flexible approach that shifts much of the responsibility for controlling crime from a cadre of designated professionals to the individuals and entities who use cyberspace. The focus of the model must be on prevention, not reaction. To implement this model is it necessary to impose certain responsibilities upon those who use cyberspace; the article explains how modified principles of criminal liability can be used to create incentives to prevent cybercrime.