Editor’s Note: This post is the final of three which have run over recent days as part of a book discussion on the Handbook on Developing a National Position on International Law and Cyber Activities: A Practical Guide for States.
The debate on how international law applies in cyberspace has the potential to reconfigure many of the foundational rules of international law.
This debate is ongoing in multiple forums. These include intergovernmental discussions in places like the UN Open Ended Working Group (OEWG) on security of and in the use of information and communications technologies and the International Committee of the Red Cross (ICRC)’s Global Initiative to galvanize political commitment to international humanitarian law that has a workstream on how humanitarian law applies in cyberspace during armed conflicts. Scholarly writings and expert initiatives like the Tallinn Manuals and the Oxford Process are also influencing this debate on the application of international law in cyberspace.
In addition, almost 40 States and two regional organizations (first the AU, then the EU) have issued position papers on the application of international law in cyberspace. I have not conducted a comprehensive survey of the history of international law, but I can’t think of a setting in recent memory in which States have publicly opined, often in doctrinally robust terms, on the scope and content of many of the rules that form the basic building blocks of international law.
The rules that States have addressed in these position papers include the prohibition on the threat or use of force, non-intervention, human rights like privacy and the freedom of expression, due diligence, the legality of cyber-espionage, and principles of humanitarian law – such as the definitions of “civilian object” and “armed attack,” whether reverberating effects should be taken into consideration in the calculus of “proportionality” – and the limits on “information operations” and “psychological warfare.” Secondary rules on attribution, necessity, and countermeasures are also being actively discussed. Even the juridical nature of sovereignty and the positive obligations it generates are being examined.
One reason that this debate could have a systemic effect on international law is that it is not a techie conversation. This is because, in their position papers, States have generally not limited themselves to opining on how rules of international law solely or specifically apply in cyberspace. Rather, States have expressed their views on the scope and content of these rules as part of general international law, after which they explained how these rules operate in cyberspace, including by providing examples of conduct in cyberspace that could violate these rules. That is why I think generalist international lawyers, especially government legal advisors, should pay special attention to this space. This is not a niche debate that is limited to cyberspace (which itself is an indispensable domain). Rather, this is also a conversation that can recode the foundations of international law.
A good place for diplomats and government legal advisors to start exploring this debate is the newly published Handbook on Developing a National Position on International Law and Cyber Activities. Its principal virtue is that it is not a doctrinally-dense, heavily-footnoted work of scholarship that engages grand theoretical questions. Rather, it’s concise, practical, and designed for use by a broad audience even if their area of expertise is not information and communications technologies (ICT) law and policy.
Specifically, the Handbook focuses on national position papers on the application of international law in cyberspace. It explains why States issue these position papers, how States should go about developing these documents, and what legal questions are addressed in these documents and in what format.
As the Handbook explains, the position papers that have been issued in recent years agree on certain points. States seem to share the policy objective of keeping cyberspace open, peaceful, safe, and secure. States also agree that international law applies in cyberspace. While seemingly trite, this is significant. It reflects a presumption – never explicitly stated, but that implicitly underlies these national and regional position papers – that international law is tech-neutral. Unless a rule is tailored to a specific technology or regulates conduct in a specific domain, it is presumed that rules of international law automatically apply in cyberspace. In other words, we do not need to reinvent the wheel of international law every time new and disruptive technologies emerge. This is significant for the future because artificial intelligence might be revolutionizing every aspect of life and law.
These position papers also agree that sovereignty (with the exception of the UK), non-intervention, the prohibition of the threat or use of force, due diligence (with the exception of the UK, Israel and New Zealand), humanitarian law, and human rights law apply in cyberspace. But, as the Handbook notes, States differ on the exact content of these rules and how they operate in cyberspace.
Take the prohibition of the threat or use of force; a rule of jus cogens. States generally concur that “a cyber operation qualifies as a use of force if it produces comparable effects to those of a conventional (kinetic) act covered by the prohibition.” But there are also some States that suggest that “loss of functionality of cyber infrastructure without causing material damage qualify as uses of force,” and other States contend that “cyber operations causing purely economic harm” could violate the prohibition on the use of force. There are similar variations on the exact scope and content of virtually all other rules of international law that are considered in national and regional position papers.
That is why, for me, one takeaway from the Handbook and from following this debate, is that the failure of States to opine on the application of international law in cyberspace might carry certain risks. As more national and regional positions are issued, greater areas of convergence will emerge. And as these convergences get cited, circulated, and highlighted in inter-State discussions and in scholarship, they could harden into either new rules of international law or dominant interpretations of established rules. States that remain silent in this process might be viewed as having acquiesced to these developments, provided that the relevant conditions are met.
Moreover, from a non-western perspective, until the Common African Position on the application of international law in cyberspace was adopted by the African Union, this debate was largely dominated by western governments, western international organizations, and western scholars. Therefore, it behooves more African, Asian, Latin American and Eastern European States to issue national position papers that provide their views on these questions.
In doing so, the Handbook provides an excellent guide to that process. Engaging voices that represent more juridical traditions and that reflect diverse policy-interests and historical experiences will only strengthen the resilience, robustness, and legitimacy of international law.
The Application of International Law in Cyberspace – A Debate that is Recoding International Law
Written by Mohamed HelalThe debate on how international law applies in cyberspace has the potential to reconfigure many of the foundational rules of international law.
This debate is ongoing in multiple forums. These include intergovernmental discussions in places like the UN Open Ended Working Group (OEWG) on security of and in the use of information and communications technologies and the International Committee of the Red Cross (ICRC)’s Global Initiative to galvanize political commitment to international humanitarian law that has a workstream on how humanitarian law applies in cyberspace during armed conflicts. Scholarly writings and expert initiatives like the Tallinn Manuals and the Oxford Process are also influencing this debate on the application of international law in cyberspace.
In addition, almost 40 States and two regional organizations (first the AU, then the EU) have issued position papers on the application of international law in cyberspace. I have not conducted a comprehensive survey of the history of international law, but I can’t think of a setting in recent memory in which States have publicly opined, often in doctrinally robust terms, on the scope and content of many of the rules that form the basic building blocks of international law.
The rules that States have addressed in these position papers include the prohibition on the threat or use of force, non-intervention, human rights like privacy and the freedom of expression, due diligence, the legality of cyber-espionage, and principles of humanitarian law – such as the definitions of “civilian object” and “armed attack,” whether reverberating effects should be taken into consideration in the calculus of “proportionality” – and the limits on “information operations” and “psychological warfare.” Secondary rules on attribution, necessity, and countermeasures are also being actively discussed. Even the juridical nature of sovereignty and the positive obligations it generates are being examined.
One reason that this debate could have a systemic effect on international law is that it is not a techie conversation. This is because, in their position papers, States have generally not limited themselves to opining on how rules of international law solely or specifically apply in cyberspace. Rather, States have expressed their views on the scope and content of these rules as part of general international law, after which they explained how these rules operate in cyberspace, including by providing examples of conduct in cyberspace that could violate these rules. That is why I think generalist international lawyers, especially government legal advisors, should pay special attention to this space. This is not a niche debate that is limited to cyberspace (which itself is an indispensable domain). Rather, this is also a conversation that can recode the foundations of international law.
A good place for diplomats and government legal advisors to start exploring this debate is the newly published Handbook on Developing a National Position on International Law and Cyber Activities. Its principal virtue is that it is not a doctrinally-dense, heavily-footnoted work of scholarship that engages grand theoretical questions. Rather, it’s concise, practical, and designed for use by a broad audience even if their area of expertise is not information and communications technologies (ICT) law and policy.
Specifically, the Handbook focuses on national position papers on the application of international law in cyberspace. It explains why States issue these position papers, how States should go about developing these documents, and what legal questions are addressed in these documents and in what format.
As the Handbook explains, the position papers that have been issued in recent years agree on certain points. States seem to share the policy objective of keeping cyberspace open, peaceful, safe, and secure. States also agree that international law applies in cyberspace. While seemingly trite, this is significant. It reflects a presumption – never explicitly stated, but that implicitly underlies these national and regional position papers – that international law is tech-neutral. Unless a rule is tailored to a specific technology or regulates conduct in a specific domain, it is presumed that rules of international law automatically apply in cyberspace. In other words, we do not need to reinvent the wheel of international law every time new and disruptive technologies emerge. This is significant for the future because artificial intelligence might be revolutionizing every aspect of life and law.
These position papers also agree that sovereignty (with the exception of the UK), non-intervention, the prohibition of the threat or use of force, due diligence (with the exception of the UK, Israel and New Zealand), humanitarian law, and human rights law apply in cyberspace. But, as the Handbook notes, States differ on the exact content of these rules and how they operate in cyberspace.
Take the prohibition of the threat or use of force; a rule of jus cogens. States generally concur that “a cyber operation qualifies as a use of force if it produces comparable effects to those of a conventional (kinetic) act covered by the prohibition.” But there are also some States that suggest that “loss of functionality of cyber infrastructure without causing material damage qualify as uses of force,” and other States contend that “cyber operations causing purely economic harm” could violate the prohibition on the use of force. There are similar variations on the exact scope and content of virtually all other rules of international law that are considered in national and regional position papers.
That is why, for me, one takeaway from the Handbook and from following this debate, is that the failure of States to opine on the application of international law in cyberspace might carry certain risks. As more national and regional positions are issued, greater areas of convergence will emerge. And as these convergences get cited, circulated, and highlighted in inter-State discussions and in scholarship, they could harden into either new rules of international law or dominant interpretations of established rules. States that remain silent in this process might be viewed as having acquiesced to these developments, provided that the relevant conditions are met.
Moreover, from a non-western perspective, until the Common African Position on the application of international law in cyberspace was adopted by the African Union, this debate was largely dominated by western governments, western international organizations, and western scholars. Therefore, it behooves more African, Asian, Latin American and Eastern European States to issue national position papers that provide their views on these questions.
In doing so, the Handbook provides an excellent guide to that process. Engaging voices that represent more juridical traditions and that reflect diverse policy-interests and historical experiences will only strengthen the resilience, robustness, and legitimacy of international law.
Share this:
Related
Categories
Tags
Leave a Comment
Comments