EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Chilling Effect of the Enforcement of Computer Misuse Act: Evidence from Publicly Accessible Hack Forums

Qiu-Hong Wang (), Ruibin Geng () and Seung Hyun Kim ()
Additional contact information
Qiu-Hong Wang: Department of Information Systems and Analytics, National University of Singapore, Singapore 117417
Ruibin Geng: School of Management, Xi’an Jiaotong University, Xi’an 710049, P.R. China
Seung Hyun Kim: School of Business, Yonsei University, Seoul 03722, Korea

Information Systems Research, 2024, vol. 35, issue 3, 1195-1215

Abstract: To reduce the availability of hacking tools for use in cybersecurity offenses, many countries have enacted computer misuse acts (CMAs) that criminalize the production, distribution, and possession of such tools with criminal intent. However, the dual-use nature of cybersecurity technology complicates the legal process of recognizing such computer misuse tools and of predicting harmful intent based on mere possession. This predicament introduces the possibility of unfounded prosecution that may produce a chilling effect on the provision of techniques otherwise valuable in maintaining cybersecurity and defending against hackers. This study establishes a theoretical foundation for the potentially chilling effect of such legal enforcement by adopting theories about choice under uncertainty. Leveraging an external shock in publicly accessible online hack forums, we examined the impact of CMA enforcement on users’ contributions to cybersecurity-relevant topics that are not targeted by the law. We found that CMA enforcement reduces the quantity and the extent of relevance to cybersecurity in discussions in hack forums. We further identified the mechanisms of this chilling effect by delving into users’ heterogeneity in responding to the uncertainty of false prosecution imposed by CMA enforcement as well as users’ proactivity undertaken to alleviate such uncertainty. Our study reveals this chilling effect is not just about restraining individuals from lawful acts but also about how they refrain from acts not intended as targets of the law.

Keywords: cybersecurity; computer misuse act; chilling effect; hack forum; enforcement; content analysis; machine learning (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://dx.doi.org/10.1287/isre.2019.0346 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:orisre:v:35:y:2024:i:3:p:1195-1215

Access Statistics for this article

More articles in Information Systems Research from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:orisre:v:35:y:2024:i:3:p:1195-1215