NYU Law Review Online

The Infrastructure Ratchet Effect


This article identifies a profound and previously overlooked incentive for excessive risk- taking by infrastructure providers. The magnitude and critical nature of infrastructure implies that negative externalities potentially far exceed the net assets of the infrastructure provider. The nonconsensual relationship of infrastructure providers with their stakeholders implies that excessive risks cannot be contracted for and incorporated into price. Shareholders of infrastructure providers thus develop asymmetric preferences towards excessive risk-taking: They could gain from risks if things go well but are shielded by limited liability rules if things do not. The article identifies this moral hazard and terms it “The Infrastructure Ratchet Effect.”

This Article shows that normal market forces and legal mechanisms fail to counter these distorted incentives in infrastructure providers: Regulation, reputation, litigation, and debt pricing all fail to deter excessive risk-taking in infrastructure. Project finance, leverage, executive compensation, and behavioral tendencies exacerbate the problem.

To illustrate the infrastructure ratchet effect, this Article presents the 2017 data breach at Equifax as a case study, arguing that Equifax is a data public utility and should be considered an infrastructure provider. It surveys the events leading to the massive Equifax data breach and shows that despite cataclysmic implications, Equifax eschewed adequate controls to ensure the security of its data. This Article proposes the infrastructure ratchet effect as a possible explanation for this series of events.

In addition to shedding new light on the infrastructure ratchet effect as a potential source of cataclysmic risks caused by infrastructure providers, this Article considers possible tools to tackle these distorted incentives. Insight is drawn from literature surrounding banking-risk regulation, where a similar moral hazard is well understood.