False dichotomies don't do much to enhance understanding, or security, Milton. In fact they probably have the opposite effect. Categorically asserting that something is an individual or organization-level threat, and/or that remedies can only be sought at the individual or enterprise level represents the same kind of category error(s) that would result from the assertion that only national interests and/or government solutions are possible. Both claims rely on implicit assumptions about the absolute superiority of one kind of power or actor or solution over the other in some abstract theoretical sense, and thus fail to reckon with the historical fact that changes in security arrangements are almost invariably driven by *events*. In all likelihood, If some function or institution that is deemed to be "truly critical" by some influential interest -- governmental, societal, or commercial -- is subjected to a crippling Internet-based attack, the debate about whether government or private parties were to blame will last somewhere between zero and (small number) minutes, after which decisive action will follow. If that happens, and enough private actors continue to possess the means to act effectively in a coordinated fashion, then in all likelihood the established precedent of private "self-governance" mechanisms will continue to be the norm for the Internet. If private actors fail to do so, either because of lack of consensus or an erosion of their ability to take effective coordinated action, then the theoretical inferiority of government action will quickly become debatable, as the intervention of national government actors will inevitably cause the contours of the Internet to shift in ways that will make it more tractable to national level laws and enforcement mechanisms. Arguably, wishing that this were not so, asserting that such an outcome would be inefficient or suboptimal, and/or encouraging individual private sector actors to "go their own way(s)" in hopes of becoming absolutely ungovernable are all less likely to produce your desired outcome than to have the opposite effect. The global Internet will never be sustainable through pure bilateral "counterparty surveillance" alone, any more than was/is the now crippled global financial sector. Pretending otherwise invites the same fate. --Tom Vest