For far too long, cybercriminals have taken advantage of legal blind spots and a resource-starved law enforcement community to undermine consumer confidence in the online medium. And this "trust deficit" is evident in the business community, too: The FBI also found that few organizations bother to report computer security incidents to law enforcement. Why? They believed the infractions were either not yet defined as illegal, or that there was little law enforcement could or would do.

When CAN-SPAM legislation was passed there was a collective "so what" driven by the realistic assessment that laws weren't going to stop spammers. Spam is still with us and technological solutions do a better job of keeping spam at bay than legislative ones. Cybercrime is not spam and Coviell and Hollyeman are right that more needs to be done on the legal front.

The first step is strengthening cybercrime laws:

Despite concerted efforts by authorities at all levels, budget constraints and gaps in existing law are hampering the prosecution of much of today's cybercrime. As a result, the criminals can act with virtual impunity, threatening online consumer confidence and security.

The second step is changing our attitudes about cybercrime. Incidents need to be reported. Cybercrime isn't going away and even modest success may take years to realize but the sooner we start, the sooner we will realize the benefits of addressing the problem.

The op-ed piece concludes on a less than positive tone:

In a knowledge-based economy, our productivity and quality of life depend in no small measure on our ability to use and trust the Internet. While we cannot completely stamp out crime in the online world any more than we can in the physical world, we need to at least make sure that the criminals who perpetrate these crimes can be caught and forced to pay for them. As consumers and businesses, we are already paying a price.