« New admin law articles | Main | Secret admin law sauce - I mean, source »
March 28, 2011
Bambauer on "Rules, Standards, and Geeks"
I find the issue of setting regulatory standards both interesting and under-addressed. As a practical matter, rules and standards are the nitty gritty of administrative law. Setting them (for the policy maker) and finding them (for the practitioner) are often difficult. A recent article on SSRN by Derek E. Bambauer (Brooklyn), "Rules, Standards, and Geeks", addresses this in the context of information technology. Abstract:
Policymakers and scholars generally assume that information technology is best regulated using standards, not rules. This Article argues that rules are often the superior choice. Those favoring standards typically focus on the wrong problem: they seek to prevent data spills, rather than to mitigate their impact. Rules can helpfully reduce a breach's effects. For technology, rules are preferable when they can specify a minimum level of protection that is relatively effective; where obsolescence occurs slowly; and where monitoring implementation is low-cost and accurate. The Article sets out examples of where each type of approach is superior. Application design is best governed by standards, while the transport and storage of data, along with identification of access to information, are best dealt with via rules. The Article questions the prevailing consensus in favor of standards for regulating technology, and also seeks to create testable predictions about when rules will work better.
Thanks to Larry Solum at the Legal Theory Blog for the pointer. EMM
March 28, 2011 in Admin Articles, Recent | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341bfae553ef014e870732da970d
Listed below are links to weblogs that reference Bambauer on "Rules, Standards, and Geeks":
