Externalities in Digital Markets: The Role of Standards in Promoting IoT Security
Posted: 3 Apr 2017
Date Written: March 30, 2017
Abstract
The internet of things (IoT) is ushering in a new era of online devices, with the potential to revolutionize the way consumers automate and interact with the world, both inside and outside the home. An unintended consequence of this connected device proliferation is a plethora of cost-effective attack vectors susceptible to malicious activity, made available, largely, by the IoT market’s lack of adoption and implementation of sufficient security. Recent examples of such malicious behavior illustrate the impact of insecurity can lead to large-scale network shutdowns and unwarranted access to sensitive consumer data. In this techno-economic analysis of the IoT security problem, we first describe why the IoT market fails to produce the socially optimal level of secure IoT devices, and why traditional solutions (e.g., state governance and privatization) to such market failures are infeasible. We then propose that standards, developed by a broad group of industry stakeholders, while not without drawbacks, can promote more optimal production of secure IoT devices by reducing information asymmetry between sellers and buyers, reducing the cost of security, and creating network effects that promote secure devices. The paper also explores the ideal attributes of such standards development, while recognizing the drawbacks of a standards approach. We also explore how theoretic frameworks for economic goods may apply to IoT, and by extension to the Internet more broadly. We note that traditional frameworks (e.g., common pool resource models or club good models) are instructive in certain respects, but do not align perfectly. This exploration allows us to extrapolate from the case of IoT security to techno-economic policy frameworks for the Internet.
Keywords: Internet of Things, IoT, Security, Externalities, Standards, Digital Markets
Suggested Citation: Suggested Citation