Guess What? Most Cybercrime 'Losses' Are Massively Exaggerated As Well
from the because-they're-not-losses dept
We've talked about exaggerations in "losses" due to infringement for many years. However, we've also discussed how claims of "losses" due to so-called "cybercrime" are also massively inflated. It appears that others are figuring this out as well. The NY Times has an op-ed piece from two researchers, Dinei Florencio and Cormac Herley, highlighting how all the claims of massive damages from "cybercrime" appear to be exaggerated -- often by quite a bit:One recent estimate placed annual direct consumer losses at $114 billion worldwide. It turns out, however, that such widely circulated cybercrime estimates are generated using absurdly bad statistical methods, making them wholly unreliable.This is pretty common. In the first link above, we wrote about how a single $7,500 "loss" was extrapolated into $1.5 billion in losses. The simple fact is that, while such things can make some people lose some money, the size of the problem has been massively exaggerated. As these researchers note, this kind of thing happens all the time. They point to an FTC report, where two respondents alone provided answers that effectively would have added $37 billion in total "losses" to the estimate.
Most cybercrime estimates are based on surveys of consumers and companies. They borrow credibility from election polls, which we have learned to trust. However, when extrapolating from a surveyed group to the overall population, there is an enormous difference between preference questions (which are used in election polls) and numerical questions (as in cybercrime surveys).
For one thing, in numeric surveys, errors are almost always upward: since the amounts of estimated losses must be positive, there’s no limit on the upside, but zero is a hard limit on the downside. As a consequence, respondent errors — or outright lies — cannot be canceled out. Even worse, errors get amplified when researchers scale between the survey group and the overall population.
This doesn't mean that the problems should be ignored, just that we should have some facts and real evidence, rather than ridiculous estimates. If the problem isn't that big, the response should be proportional to that. Unfortunately, that rarely happens. In fact, combining this with the recent ridiculous stories about the need for "cybersecurity," perhaps we can start to estimate just how much of an exaggeration in FUD the prefix "cyber-" adds to things. I'm guessing it's at least an order of magnitude. Combine bad statistical methodology with the scary new interweb thing, and you've got the makings of an all-out moral panic.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybercrime, errors, exaggeration, fud, losses
Reader Comments
Subscribe: RSS
View by: Time | Thread
But, but....
[ link to this | view in chronology ]
It's all true
[ link to this | view in chronology ]
Re: It's all true
[ link to this | view in chronology ]
Re: Re: It's all true
[ link to this | view in chronology ]
Exaggerated!!!
sounds quite inflated...
thinking, how this happen ????
we live in the world where it is possible to deliver news faster than light..
just imagine how Pink revolution of tunisia happened...
thanks to innovation like facebook/youtube/greatify which helps to deliver news to right time...
cons:
7500=>1.5 billion exxageration .... :)
[ link to this | view in chronology ]
exaggeration
The article quoted talks about 1.5 billion, not 15. It seems some more extrapolation happened in the meantime.
[ link to this | view in chronology ]
Re: exaggeration
Indeed. Fixed! Thanks
[ link to this | view in chronology ]
Cyber vs Real World
If there is a problem on the Internet that is not addressed in the real world, one really has to ask themselves why!
[ link to this | view in chronology ]
Re: Cyber vs Real World
Yes, and it's a good thing that laws are the same in every nation in the world. If they weren't, this would be impossible.
[ link to this | view in chronology ]
What we need...
We need two numbers: one, the percentage of content infringers as a percentage of the global online population; and two, of that percentage, what is the percentage of casual infringers, i.e., those who would purchase digital content if conditions were right.
In other words, how many hardcore pirates are actually out there, those for whom piracy itself is the attraction? And how many people just pirate for convenience? My (totally empirical) gut feeling is the hardcore number is a tiny fraction of a percent; most casual infringers I know would LOVE to get archival quality copy direct from the source if cost, no DRM and other concerns were satisfied.
If the numbers are large, the current efforts towards paywalls, DRM and basically the way the world is now can be justifiably argued. If the numbers are small, we need yell them at the content providers, and keep yelling until they listen.
[ link to this | view in chronology ]
Ask Kevin Mitnick...
[ link to this | view in chronology ]
Re: Ask Kevin Mitnick...
FUS RO DAH
[ link to this | view in chronology ]
Re: Re: Ask Kevin Mitnick...
Wow, so my swapfile must be worth 1 quadrillion dollars by now. If only I could cash that in?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The sky is falling.
[ link to this | view in chronology ]
Just think...
[ link to this | view in chronology ]
Cyber Crime
[ link to this | view in chronology ]
Re:
will they close down any and all the grocery stores nearby for "money laundering" and or the gas stations
what if they bought lottery tickets with their ill gotten money??
Hollywood accounting Must be preserved at all costs. right??
?where's my shill check?
[ link to this | view in chronology ]
We have to have these horrible problems to justify paying our 'good friends' firms, with former government types pitching for them, tons of your money to gain nothing but more headaches for regular people!
Cybercrime its like real crime, except all cyber so you can't actually see the end result, just take our word for it happening.
[ link to this | view in chronology ]