Skip to main content
Publications
Subject(s)
Information technology and systems
Keyword(s)
Sovereignty, cyberspace, cyber operations, Tallinn Manual, cyber sovereignty, digital sovereignty, defend forward, persistent engagement
The article critically examines the current discourse on the legal status and substance of “sovereignty” in the context of the application of international law to cyberspace against the backdrop of conflicting political-ideological attitudes. After tracing the origins of the interpretation of “respect for sovereignty” as a primary rule of international law, two approaches to cyberspace are surveyed that challenge the emerging consensus: “cyber imperialism,” embodied by the US and the other Five Eyes members on the one hand, and “cyber Westphalia,” represented by China, Russia, and Iran on the other. Both conceive cyberspace in ways fundamentally irreconcilable with prevailing legal views. A third group of states endorses the “sovereignty-as-rule” understanding but leaves this legal position vulnerable to both authoritarian co-optation and imperialist dismissal. In light of this, the paper offers an alternative interpretation of state practice and international jurisprudence that constructs sovereignty as a principle with derivative primary rules. It is shown that despite not by itself having the status of a rule, the principle of sovereignty allows for the identification of rules that protect the territorial integrity and political independence of states beyond the traditional notions of the prohibition of intervention and the use of force. Following a careful analysis of evidence in existing practice in support of this novel, doctrinally more precise understanding of sovereignty, the policies of “persistent engagement” and “cyber sovereignty” are assessed in light of the argument’s legal implications.
ISSN (Online)
2328-9708
ISSN (Print)
1053-6736
Subject(s)
Information technology and systems; Strategy and general management
Keyword(s)
public-private partnerships, cybersecurity governance, germany, united states, united kingdom, israel, trust
The article survey the current situation concerning the operative cybersecurity cooperation of public and private-sector entities in Germany and compares it with solutions implemented in the United States, Israel, and the United Kingdom. Subsequent to the analysis, the establishment of trust between the different involved actors is identified as the principal challenge for efficient cooperation in this subject area.

[Der vorliegende Artikel stellt die bisherige Situation der operativen Zusammenarbeit zwischen Staat und Wirtschaft in der Cybersicherheit in Deutschland dar und vergleicht sie mit den Lösungen, die in den USA, Israel und Großbritannien für das gleichlautende Problem gefunden worden sind. Im Anschluss wird die Herstellung von Vertrauen zwischen den beteiligten Akteuren als größte Herausforderung für eine effiziente Zusammenarbeit näher beleuchtet.]
Volume
45
Journal Pages
239–243
ISSN (Online)
1862-2607
ISSN (Print)
1614-0702
Journal Article
International Law Studies 97: 556–572
Robin Geiss, Henning Christian Lahmann (2021)
Subject(s)
Information technology and systems; Technology, R&D management
Keyword(s)
data protection, cyber warfare, international humanitarian law, law of armed conflict, objects, hybrid warfare, cyber attacks
This article presents a novel way to conceptualize the protection of data in situations of armed conflict. Although the question of the targeting of data through adversarial military cyber operations and its implications for the qualification of such conduct under International Humanitarian Law has been on scholars’ and states’ radar for the last few years, there remain a number of misunderstandings as to how to think about the notion of “data.” Based on a number of fictional scenarios, the article clarifies the pertinent terminology and makes some expedient distinctions between various types of data. It then analyzes how existing international humanitarian and international human rights law applies to cyber operations whose effects have an impact on data. The authors argue that given the persisting ambiguities of traditional concepts such as “object” and “attack” under international humanitarian law, the targeting of content data continues to fall into a legal grey zone, which potentially has wide-ranging ramifications both for the rights of individual civilians and the functioning of civilian societies during situations of conflict. At the same time, much legal uncertainty surrounds the application of human rights law to these contexts, and existing data protection frameworks explicitly exclude taking effect in relation to issues of security. Acknowledging these gaps, the article attempts to advance the debate by proposing a paradigm shift: Instead of taking existing rules on armed conflict and applying them to “data,” we should contemplate applying the principles of data protection, data security, and privacy frameworks to military cyber operations in armed conflict.
Volume
97
Journal Pages
556–572
Journal Article
Heidelberg Journal of International Law (HJIL) 80 (2): 433–452
Subject(s)
Information technology and systems
Keyword(s)
International law, cybersecurity, cyberattacks, attribution, necessity, rule of law, special emergency regime
The article deals with necessity as one of the circumstances precluding wrongfulness under customary international law and how it will likely gain relevance in view of the difficulty to quickly attribute malicious cyber operations that threaten important assets of a state. While the necessity doctrine seems fit for purpose, it lacks granularity and is problematic from an international rule-of-law point of view. Taking these pitfalls into account, the article proposes some general principles for a possible special emergency regime for cyberspace.
Volume
80
Journal Pages
433–452
Journal Article
Israel Law Review 53 (2): 189–224
2020 Best Paper Award
Subject(s)
Information technology and systems
Keyword(s)
Information operations, cyber operations, cognitive warfare, disinformation, election interference, principle of non-intervention, sovereignty, self-determination
The article examines the legal qualification of state-led information operations that aim to undermine democratic decision-making processes in other states. After a survey of the legal attitudes of states towards such operations during the Cold War, the impact of the digital transformation on the frequency and quality of information operations is explained. The article then assesses scholarly responses to the outlined paradigm shift regarding the prohibition of intervention, respect for sovereignty and the principle of self-determination. The study then inquires whether it is possible to detect a change in how states qualify adversarial information operations by tracking recent state practice and official statements of opinio juris. The survey concludes that there is insufficient uniformity to allow for an inference that the content of the analysed rules of customary international law has already shifted towards more restrictive treatment of foreign interference. As a possible way forward, the article ends with a proposal to focus on deceptive and manipulative conduct of information operations as the most viable path to outlaw such state behavior in the future. Instead of attempting to regulate the content of information, this approach is better suited to safeguard freedom of speech and other potentially affected civil rights.
© Cambridge University Press and The Faculty of Law, The Hebrew University of Jerusalem 2020
Volume
53
Journal Pages
189–224
ISSN (Online)
2047-9336
ISSN (Print)
0021-2237
Journal Article
Israel Law Review 45 (3): 381–399
Robin Geiss, Henning Christian Lahmann (2012)
Subject(s)
Information technology and systems
Keyword(s)
Cyber warfare, principle of distinction, dual-use objects, precautionary obligations, principle of proportionality
While the rules of the jus in bello are generally operative in cyberspace, it appears to be problematic to apply the fundamental principle of distinction because of the systemic interconnection of military and civilian infrastructure in the cyber realm. In this regard, the application of the accepted legal definition of military objectives will make various components of the civilian cyber infrastructure a legitimate military objective. In order to avoid serious repercussions for the civilian population that might follow from this inherent interconnectedness, different concepts are analysed that could provide potential solutions for a clearer separation of legitimate military targets and protected civilian installations and networks. The approaches discussed range from the exemption of central cyber infrastructure components that serve important civilian functions, to the creation of ‘digital safe havens’ and possible precautionary obligations regarding the segregation of military and civilian networks. As a solution, the authors propose a dynamic interpretation of the wording ‘damage to civilian objects’ within the principle of proportionality of Article 51(5)(b) of Additional Protocol I, an interpretation that would comprise the degradation of the functionality of systems that serve important civilian functions.
Volume
45
Journal Pages
381–399
ISSN (Online)
2047-9336
ISSN (Print)
0021-2237
Volume
59
Journal Pages
1051–1087
ISSN (Online)
2326-9197
ISSN (Print)
0002-919X
Subject(s)
Economics, politics and business environment
Keyword(s)
International Humanitarian Law, Israel, Occupied Palestinian Territories, enemy combatant, targeted killings, terrorism, unlawful combatant, Geneva Conventions, war on terror, detention
Volume
69
Journal Pages
347–364