Transcript Slide 1
Adapting Virtual Finance to Simulate Financial Information Security Risk Analysis: A Risk Management Strategy John W. Bagby IST @ PSU.edu Key Terms: • Banking Regulation, Counterfeiting, Counter Terrorism, EULA, Financial Information Assurance, Gambling-Gaming, ISP Duties, Investigations, Metadata, Money Laundering, Online Contracting, Online Markets, Risk Management, IP, Law Enforcement, Political Economy, Pre-Trial Discovery, Prediction Markets, Racketeering, Virtual Environments 2 Virtual Law is Becoming a Reality – Virtual Law Conference • Virtual Worlds 2008 Javits Convention Center • http://www.virtuallawconference.com/ • American Bar Association Section of Science & Technology Law • New Comm. on Virtual Worlds/Multiuser Online Games • New ABA treatise: Virtual Law – http://www.abanet.org/abastore/index.cfm?section=main&fm=Product.AddToCart&pid=5450052 3 What Virtual Public Policy Issues Arise? – Is this just CyberLaw All Over Again? • Jurisdiction, Dispute Resolution, ADR, ODR • Property Rights: IP • Contracts – OSP interactions: EULA, ToS, 3d P Service Outsourcing – Enforceability of User Side Agreements – Are Electronic Markets for Real? • Financial Services, Banking, Securities & Taxes…Oh My! • Torts, Privacy, Defamation, Fraud/Deception, Stalking 4 Why Should Democratic Capitalism Drive Virtual Environment Public Policy? – Private Property - Creative Incentives • Lockean social contract • Enjoyment, Economic Benefit Internalization, Exclusivity – Enforceability of Contracts • Enhances Private Property Ownership – Alienability of Private Property enhances enjoyment » Conversion into other asset forms – Development of Markets enhances enjoyment » Deception, Barriers to Entry, Transparency – Gamers, criminals & terrorists will disappear into Morpeg seclusion thereby concealing their ID & activities 5 Dispute Resolution as THE Starting Point • Jurisdiction is Key – As in ’90s CyberLaw Development: • vWorld Seminal Cases Involve Sex • Litigation with Fellow Users “in World” – Eros v. Simon (E.D.N.Y, 2007) • Settled cheap – Eros v. Leatherwood (M.D.Fl. 2007) • Default J/ • Settlement negotiations reportedly ongoing 6 7 8 Litigation with vWorld I/OSP – Virtual Environment = Internet/Online Service Provider – Bragg v. Linden Research (E.D.Pa.5.20.07) • Linden ToS: SL as opportunistic Scrivener – Choice of Law/Forum & ADR • ADR Boilerplate is Unconscionable – Procedural Unconscionability » cognition, consideration and negotiation – Substantive Unconscionability » Shocks the conscience – EULAs create but control user rights: 2d Life grants IP 9 Real Stakes for Real vWorld Users • Real IP – Full Range Likely • Immediate & Diffuse: Copyright, ™ dB • Possible: Process Patents (s/w, BMP), T/S – Thresholds have been expressive works • Copyright, DMCA imposes I/OSP Duties • Trademark, Famous Marks • Real Markets • Real Money – $L is quickly gaining critical mass 10 Common Types of Electronic Payment Systems • • • • • • • 1st ePmts in mid-19th Century telegraphic wire tsfr ATM & POS – credit/debit cards Electronic bill payment & presentment Automated clearing house (ACH) Credit cards & authorizations Wholesale EFT Check 21 11 Payment Systems need Durable Architectures • “Modern” history of non-currency payment systems – Medieval Europe, Knights Templar – Then Mercantilists used, Greatly facilitated int’l trade – Evolved into the law merchant then the UCC • Transferability (negotiation) of rights to receive pmt • Requires reliable interrelationships among trusted intermediaries, e.g., banks 12 Economics of Money & Payment Systems • Money is primary payment system – Storehouse of value • Precious metal coins, currency backed (redeemable) into commodity (gold) • Public confidence is THE key (a/k/a/ “trust”) – Medium of exchange • Broad acceptance, wide availability • Public confidence is THE key (a/k/a/ “trust”) • Long history of competing currencies – Weakens trust in government as intermediary – State currencies, state chartered banks, lending expands money supply 13 The Network Effects of Payment Systems • ePmt systems confront similar network effect difficulties as do competing monies • Network effects-economies of scale derived from standardization and universal acceptance • Success increases with Critical Mass – Sufficient customers, subscribers, participating merchants, infrastructure on line to facilitate frequent & reliable use – Comp Sci - bloated s/w, debug inserts more bugs than fixed • Trust expands with standardization,expands market power, perhaps to monopoly 14 vMoney is form of Scrip • Not “legal tender” – created outside government sanctioned monetary system • Substitute as currency • Traditionally Ltd utility outside closed social networks – e.g., tokens, tickets and points • vMoney gaining easier convertibility into legal tender, • “Near money” equivalent 15 vMoney under Interpol Taxonomy • Identified Virtual Money – Metadata records – ID originator, maybe intermediaries & recipient – Traceability • Anonymous Virtual Money – No Inherent Metadata • But External Metadata Service Providers Possible – Untraceable? 16 Challenges for New Monies • Switching Costs – Overcome Competition Facilitating Switch • Legacy Money Unattractive • New Money’s Competitive Edge • Critical Mass – Accessibility • Sufficient Supply for User Demand – Trust • Storehouse of Value, Intrinsic Value (gold or on the gold standard) • Favorable Government Controls – EX: Permit New Money, Assume Trusted Intermediary Role 17 Roles for Trusted 3d P Intermediaries in eMoney • • • • • • • • • Invest, own, operate ePmt system R&D, set stds for system design & process Issue electronic value to consumers Financial liability for the electronic value Resale agent for other issuers of eMonies Recruit consumers & merchants Operate computer data & storage Operate telecom network infrastructure Escrow services 18 vMoney’s Success • Competes Well in Niche Markets • Achieved Some Reliability Engendering Trust • Anonymity Lowers Switching Costs – But to whom? • Regulatory Costs Remain Very Low – May change when FinCEN, Fed, SEC, DoJ Awaken 19 What is MoneyLaundering? – Law Enforcement motto: “Follow the Money!” – Term originated in 20s-30s gangster era • Coin cash flow from “numbers” racket cleansed through mob-operated coin-op laundries – But has Existed for nearly 4000 yrs • Hide earnings from despotic govt confiscation & taxes • Essential to terrorism, illegal drug trade, organized crime, smuggling 20 Money Laundering Model • Placement – laundered funds initially made less suspicious – more convenient – first fall into financial system after initial acquisition • Layering – process moves funds to separate from illegal source – multiple complex financial transactions • E.G., wire transfers, monetary instruments, asset purchases/sales – Obscures links between placement and integration • Obfuscates audit trail – May alter size of lump sum • Integration – funds re-enter legitimate economy – expenditure or investment 21 22 Money Laundering Methods & Tools • Well-known practices, detection is costly • Transactions with minimal recordkeeping – Pmts under $10K avoid Currency Trans. Rpts (CTR) • FinCEN flooded with CTR & SAR data – – – – Cash: whenever possible, smsll & unmarked Minimize: checks, wire transfers, credit cards “Legitimate Fronts” apparently respectable businesses (e.g., Morpeg) Plausible Business Purpose avoids Suspicious Activity Rpt (SAR) 23 Money Laundering is Illegal • Post 9-11 Legislation Broadens Anti-Money Laundering Enforcement (AML) • Requires AML programs & training • Increasingly Closer Regulation: Pvt. & Correspondent Banking, Novel Financial Services • Stiffened civil & criminal penalties – USA Patriot Act & its Revisions – FCPA - form of unlawful bribery • Internal Controls Required…Pre SOX – RICO - Predicate Offense 24 Harsh Reality for Morpeg CyberLibertarians • Morpeg NOT distinct CyberLaw despite contrary cyberlibertarian dogma – Public Policy Applies to vWorld! – Rising Stakes are the Main Reason – Morpeg vEnvironment Sponsor is just another type of I/OSP • Hopes to take advantage of ISP Safe Harbors but still Owes Duties • Discovering Identities/Monitoring Traffic Diverges depending on: – Military, Intel, Law Enforcement, Regulatory, Civil, Internal Investigation, Independent Sleuth, Unlawful Hacker • EULAs: Why do vEnvironment Sponsor/ISPs Limit User Rights – E.g., IP, trading, L$, vote off island – cya! • Seclusion of Assets & Transactions Becomes More Challenging • “Play Money” - many users not as fully invested in the stakes of vMoney as are users of conventional money 25 Now Some Rosy Reality for Libertarians • Libertarian economic theory supports construction of new markets, eCommerce now vEnvironments are great examples • vMoney Exch Rate (5.24.08) approx L$264/$1 • Virtual (IP) Asset Creation is a Good Thing • vMoney is a Unique ePmt Success – Anonymity Attracts Users from Real Money • But Traditional Payment System Architectures Remains 26 Still Rosy: vMoney is a Unique ePmt Success • vMoney users apparently do not yet demand trust equal to or superior to conventional payment systems – Competes well w/ conventional money in ltd instances • Some Reliability Engendering Trust – vMoney May be Scalable BUT May Not be Stable • Why would vMoney need stability if goal is temporary: enhance ML • Regulatory Costs Govt. Oversight Largely Avoided 27 Parting Observations: • Morpegs are Interesting not so deserving of Scorn • Most ePmt Experiments Eventually Fail – Thousands of ePmt patents, few make money or royalties • New eMoney Forms Weaken FRB’s Monetary Policy, Financial Institution Solvency & FDIC • Alan Greenspan has predicted: “Electronic money is likely to spread only gradually and play a much smaller role in our economy than private currency did historically.” 28 Next Steps, Research Promise: – Prove vMoney-Denominated Money Laundering – Raise Awareness among Financial Regulators – Simulation methods applied to public policy experimentation • Challenges for law enforcement & AML in using vWorlds as testbeds • Explore Information/Prediction Markets Analogies – Compare/Contrast w/ vMoney: Stakes put at risk, economic activity signals new information, arguably violates public policy (banking, counterfeiting), low transaction costs attract • Market Manipulation Architectures & Enforcements 29