Published by Maastricht University Press as an open-access research paper
This author’s version (preprint) is published in the Maastricht LAW Research Paper Series. It is freely available for download or online reading.
- Series: Maastricht LAW Research Paper Series
- Institution: Faculty of Law | Maastricht University
Research Paper details
DOI
https://doi.org/10.26481/mup.law.rps.2601
Publication date (online)
03-03-2026
Copyright and license
© 2026 The Authors & Maastricht University – The content of this work is licensed under a CC BY 4.0 International License.
Abstract
This paper analyses the important role played by so-called Bug hunters in promoting cybersecurity.
It is argued that, as a result of the intense pressure on these highly dynamic markets, vulnerabilities are, unfortunately, unavoidable, given the tens of millions of lines of code in every program.
There is, therefore, a risk that malicious individuals will attempt to discover and exploit vulnerabilities. The paper provides a detailed Economic Analysis of the incentives of bug hunters as a collective group, assuming they make rational choices among the so-called white, grey, and black markets. The paper argues that the choice of the bug hunter depends on a variety of elements, such as the legality of the market transaction, the price offered for the vulnerability and the role of intermediaries. The paper more particularly points to the important role of those intermediaries who could have pervert incentives to prefer the black market. The paper, therefore, argues that regulation and international cooperation are necessary to remedy those market failures.
Publication details and metadata
Title
Deciphering Bug Hunters – A Law and Economics Perspective
Series
Maastricht LAW Research Paper Series
Institution
Faculty of Law | Maastricht University
Authors
M.G. Faure (ORCID) – Maastricht University (ROR)
Jian Jiang
DOI (digital version)
https://doi.org/10.26481/mup.law.rps.2601
Copyright and licensing
© 2026 The Authors & Maastricht University – CC BY
The content of this work is licensed under a Creative Commons BY 4.0 International License.
Access to this publication
- Download: Download the PDF
- Read Online: Open the flipbook
- Archives:
Publication Type and Language
Research Paper – English
Publication date (first online)
3 March 2026
Subject
Cyber Law, Basic Areas of Law
Keywords
artificial intelligence, internet of things, bug hunting, vulnerabilities, cybersecurity
Citation for this work
Faure, M. G., & Jiang, J. (2026). Deciphering Bug Hunters – A Law and Economics Perspective. Maastricht University Press. Maastricht LAW Research Paper Series Vol. 2026 No. 1. https://doi.org/10.26481/mup.law.rps.2601
Final Published Version (preferred citation)
This author’s version is published in the Maastricht LAW Research Paper Series. The final version of record is available as:
Faure, M. G., & Jiang, J. (2026). Deciphering Bug Hunters – A Law and Economics Perspective. European Journal of Risk Regulation, 17(1), 182-199. https://doi.org/10.1017/err.2025.10044
Statistics
Overview of total views and downloads. Statistics are updated monthly
- Page views:
- Paper downloads:
Last update:
