Identity Theft and Systems Theory: The Fraud Act 2006 in Perspective

Abstract

The Fraud Act 2006 provides us with an instrument through which we can now target emerging online criminal threats posed by identity thieves. This paper argues for a nuanced approach to the debates regarding the amenability of online criminal activity to centralised regulatory oversight. Managing risks in a decentralised and distributed network environment has frequently descended into a question of how liability rules can be harnessed to promote trust and security. We argue that a deeper understanding of the governance implications of managing complex systems is an important prerequisite to coherent policymaking. The analysis advocated in the paper has a number of implications for the way we understand and conceptualise information security governance in the online environment. We identify three. First, law is a necessary but not a sufficient governance instrument in managing the emerging threats on the Internet. Second, identity theft is a social not technologically driven problem. Third, emerging networks for information sharing, the evolution of specialised technological solutions and increased end-user participation suggest an important trend in the way online threats can be conceptualised and managed. The central thesis of the paper is that Luhmann’s ideas of autopoiesis and social systems may provide us with a better understanding of governance in the online environment than what seems to be afforded by current analysis of the Fraud Act 2006.