Also in 2000 at Harvard, Camp at the School of Government and Wolfram in the Department of Economics argued that security is not a public good but rather each extant vulnerabilities has an associated negative externality value.
In 2000, the scientists at the Computer Emergency Response Team at Carnegie Mellon University proposed an early mechanism for risk assessment.
The Hierarchical Holographic Model provided the first multi-faceted evaluation tool to guide security investments using the science of risk.
In 2001, in an unrelated development, Lawrence A. Gordon and Martin P. Loeb published Using Information Security as a Response to Competitor Analysis System.
The authors came together to develop and expand a series of flagship events under the name Workshop on the Economics of Information Security.
Another finding, one that is critical to an understanding of current American data practices, is that the opposite of privacy is not, in economic terms anonymity, but rather price discrimination.
Privacy and price discrimination was authored by Andrew Odlyzko and illustrates that what may appear as information pathology in collection of data is in fact rational organizational behavior.