Is the London Action Plan effective?

In a recent empirical study correlating botnet activity with ISPs, academic-led researchers (Michel van Eeten, Johannes Bauer, Hadi Asghari, Shirin Tabatabaie and Dave Rand of TrendMicro) used participation in the London Action Plan and adherence to the Cybercrime Convention as variables. The London Action Plan (LAP) is a loose transnational, multi-stakeholder network of public agencies responsible for enforcing laws concerning spam. It spans 27 countries and also includes a few industry and NGO members. In political science these are known as Trans-Governmental networks (TGNs).

The researchers separated ISPs located in countries that participate in the LAP from ISPs that did not; statistical tests were done to see if LAP membership was correlated with fewer botnets. To their surprise, they found that LAP participation was indeed negatively correlated with spam activity. In other words, countries that participate in LAP tend to have less botnets belching forth spam. The researchers ran some regressions to test whether other factors, if held constant, could account for the correlation. When these more sophisticated regressions were done, any correlation with the ratification of the Cybercrime Convention disappeared, but the LAP correlation held up.

This is an interesting finding, for a variety of reasons. For one thing, support for LAP has been flagging among some members. Second, it provides some tantalizing clues (but of course no conclusive causal evidence) about what forms of Internet governance might be effective. The van Eeten-Bauer study is already being touted by some as proof that new laws should be passed to more heavily regulate ISPs to deal with security problems related to botnets. The interesting thing about the LAP, however, is that it does not involve a law or a treaty, but is merely a looser form of networking. It is a mechanism for cooperation and information sharing among agencies under existing laws. It is a textbook case of what is called “networked governance.”

This is good news for LAP and for networked governance as a governance mode. But before anyone runs off and declares networked governance the solution to all the world's internet governance problems, it is important to note that many different factors could account for the correlation that was found. As a loose TGN, the level of participation in LAP among members varies significantly. It may be that membership in LAP and the lower level of botnet activity are both caused by a third factor, such as a general awareness of the problem among ISPs and government enforcement agencies and a commitment to work transnationally to do something about it.