Go to homepage
a
M
Maastricht University Library, Law research on bug hunters and economics.
Home > Resources > Maastricht University Press > Maastricht University Press Catalog

Deciphering Bug Hunters – A Law and Economics Perspective

Maastricht LAW Research Paper Series

Michael Faure and Jian Jiang
This paper offers an economic analysis of the incentives and market dynamics that drive bug hunters in cybersecurity, highlighting how regulatory and international cooperation can help address failures in vulnerability-trading markets.
Maastricht University Library, Law research on bug hunters and economics.

Published by Maastricht University Press as an open-access research paper

Open Access

This author’s version (preprint) is published in the Maastricht LAW Research Paper Series. It is freely available for download or online reading.

 

 

Maastricht University Press logo

Research Paper details

DOI
https://doi.org/10.26481/mup.law.rps.2601

Publication date (online)
03-03-2026

Copyright and license
© 2026 The Authors & Maastricht University – The content of this work is licensed under a CC BY 4.0 International License.

Download (PDF)
Read online

Abstract

This paper analyses the important role played by so-called Bug hunters in promoting cybersecurity.

It is argued that, as a result of the intense pressure on these highly dynamic markets, vulnerabilities are, unfortunately, unavoidable, given the tens of millions of lines of code in every program.

There is, therefore, a risk that malicious individuals will attempt to discover and exploit vulnerabilities. The paper provides a detailed Economic Analysis of the incentives of bug hunters as a collective group, assuming they make rational choices among the so-called white, grey, and black markets. The paper argues that the choice of the bug hunter depends on a variety of elements, such as the legality of the market transaction, the price offered for the vulnerability and the role of intermediaries. The paper more particularly points to the important role of those intermediaries who could have pervert incentives to prefer the black market. The paper, therefore, argues that regulation and international cooperation are necessary to remedy those market failures.

Publication details and metadata

Title
Deciphering Bug Hunters – A Law and Economics Perspective​

Series
Maastricht LAW Research Paper Series

Institution
Faculty of Law | Maastricht University

Authors
M.G. Faure (ORCID) – Maastricht University (ROR)
Jian Jiang

DOI (digital version) 
https://doi.org/10.26481/mup.law.rps.2601

Copyright and licensing
© 2026 The Authors & Maastricht University – CC BY
The content of this work is licensed under a Creative Commons BY 4.0 International License.

Access to this publication 

Publication Type and Language
Research Paper – English

Publication date (first online)
3 March 2026

Subject
Cyber Law, Basic Areas of Law

Keywords
artificial intelligence, internet of things, bug hunting, vulnerabilities, cybersecurity

Citation for this work

Faure, M. G., & Jiang, J. (2026). Deciphering Bug Hunters – A Law and Economics Perspective. Maastricht University Press. Maastricht LAW Research Paper Series Vol. 2026 No. 1. https://doi.org/10.26481/mup.law.rps.2601

Final Published Version (preferred citation)

This author’s version is published in the Maastricht LAW Research Paper Series. The final version of record is available as:

Faure, M. G., & Jiang, J. (2026). Deciphering Bug Hunters – A Law and Economics Perspective. European Journal of Risk Regulation, 17(1), 182-199. https://doi.org/10.1017/err.2025.10044

Statistics

Overview of total views and downloads. Statistics are updated monthly

  • Page views:
  • Paper downloads: 

Last update: 

Copy link
CopyCopied
Powered by Social Snap