Roger Clarke's Web-Site

© Xamax Consultancy Pty Ltd,  1995-2024
Photo of Roger Clarke

Roger Clarke's 'Regulatory Failures and Security'

Regulatory Failures in the Security Space:
Some Current Cases

Abstract of 10 August 2016

For presentation to the Norwegian Research Center for Computers and Law (NRCCL)
University of Oslo, 29 August 2016

and to the Crime and Justice Research Centre at QUT in Brisbane, 12 September 2016

Roger Clarke **

© Xamax Consultancy Pty Ltd, 2016

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at

The accompanying slide-sets are at and


The abstract notion of 'security' is subject to many different interpretations. These depend in particular on which stakeholder is concerned about harm to which values associated with which assets. As the aphorism has it: 'a Conservative is a Liberal whose kid's bike has just been stolen'. These issues are relevant in information technology contexts in general, and Internet / 'cybersecurity' contexts in particular.

The spectrum of regulatory forms is reviewed, noting the steady drift from 'government' to mere 'governance'. A series of test-cases is then considered, in order to gain some insights into the effectiveness of contemporary approaches to security regulation. The cases include PIAs for national security initiatives, natural and imposed controls over big data analytics, and the current challenges of the 'Internet of Things', remotely-piloted drones, and autonomous cars. Finally, the notion of a 'data protection impact assessment' (DPIA) that is embedded in the European Commission's GDPR is compared with a normative model of what a PIA should look like.

The test-cases suggest that the public is confronted by a wide array of regulatory failures. These may be attributed variously to failure by executive and legislative branches to apply evaluation standards to initiatives - particularly where the 'national security' mantra is invoked, to their excessive desire to stimulate business activity, and to the exercise of power by corporations over governments.

Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in Cyberspace Law & Policy at the University of N.S.W., and a Visiting Professor in Computer Science at the Australian National University.

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 1 August 2016 - Last Amended: 10 September 2016 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy