While I don't necessarily agree that cyberspace should have no regulations, the way we think about regulating cyberspace must be different from the way we think about regulating anything else, because there's no specific place where an event happens.

In the traditional 18th-century nation state model, events always happen somewhere, and it's the government with jurisdiction over that piece of land which decides whether those events are legal or not.If they want those events to stop, they use their monopoly on violence in that place to arrest you and make you stop. This basically doesn't work in cyberspace.

You can't steal candy from a store in Romania without physically being in Romania. This gives Romanian authorities the ability to arrest anybody who steals candy from Romanian candy stores, which makes their anti-theft law enforceable. In cyberspace, things are not so simple. If a German employee of a company incorporated in Delaware with servers in Northern Virginia uses company resources to DeDoS a Slovenian competitor, which prison should they rot in? Who should set the sentence? There's no answer here without unacceptable tradeoffs.

This problem is just going to get bigger and bigger with crypto, AI and drones. It's already possible for. Russian to coordinate a network of American spies, paying handsomely for their service, without ever falling in reach of American law enforcement. With drones, they'll soon be able to do the spying (or the assassinations) themselves.

I would be extremely surprised if we don't see a terrorist attack in the next 10 years where the culprits have never set foot in the country the attack happens in.

Are the trade-offs really unacceptable? Like why can't we just build treaties and international accords and just like do what humans have always done forever, and muddle through?