The slow process of normativizing cyberspace

In their article, Dan Efrony and Yuval Shany claim that post-Tallinn Manual practice demonstrates that states entertain doubts about the applicability to cyberspace of the rules contained in the Tallinn Manuals. According to the authors, post-Tallinn practice reveals that states treat the application of international law to cyber operations as optional; operate in parallel—legal and nonlegal—tracks of conduct; and engage in gradated enforcement. They also claim that their study invites further research into the implications of state conduct in cyberspace for general international law theory. I will use this last point as a springboard to explain the process of normativization in cyberspace—that is, the process of subjecting states’ cyber operations and behaviors to legal standards. To do this, I will use Oscar Schachter's representation of a normative (legal) order as a three-story building. According to Schachter's metaphor, the third floor is occupied by public values and general policy aspirations; the second floor is occupied by law with its distinctive normative patterns of prescribing, proscribing, and applying; while the ground floor is occupied by the social reality of conduct. The three floors are not isolated but connected by escalators and staircases that go in both directions

The League of Nations and visions of world order

The article assesses the significance of the League of Nations as an experiment in world order and explains its relevance to the contemporary world order. It does this by studying three world order institutions introduced by the League namely, intergovernmental organisations, collective security, and international law

Electoral cyber interference, self-determination and the principle of non-intervention in cyberspace

This chapter examines the application of the principle of non-intervention to electoral cyber interference. In the first place it discusses how the traditional definition of intervention can apply to such interference and identifies the normative and regulatory gaps that arise. For this reason, it proceeds to contextualise and reconceptualise the meaning of intervention in cyberspace and then applies this new definition to electoral cyber interference such as the interference into the 2016 US elections. Its main argument is that the baseline of intervention is control over choices whereas the function of the principle of non-intervention is to protect the principle of self-determination interpreted as the free construction of a state’s authority and will. Thus, external cyber interference amounting to control over the cognitive environment within which such authority and will are formed violates the principle of non-intervention

The covid-19 infodemic and online platforms as intermediary fiduciaries under international law

Reflecting on the covid-19 infodemic, this paper identifies different dimensions of information disorder associated with the pandemic, examines how online platform governance has been evolving in response, and reflects on what the crisis reveals about the relationship between online platforms, international law, and the prospect of regulation. The paper argues that online platforms are intermediary fiduciaries of the international public good, and for this reason regulation should be informed by relevant standards that apply to fiduciary relationships

Law, borders and the territorialisation of cyberspace

This article explores the relationship between law and more specifically international law with territory and borders and how this relationship manifests itself in cyberspace. It claims that it manifests itself through two processes: a process of territorialisation of cyberspace that is, the application of territorial notions of international law to persons, activities, and objects existing or operating in or through cyberspace and, secondly, in States asserting their sovereignty in cyberspace by creating national cyberspace zones. All in all, its main claim is that borders are still relevant in the legal regulation of cyberspace

Non-state actors, ungoverned spaces and international responsibility for cyber acts

This article examines the question of whether states can be held responsible for the malicious cyber activities of non-state actors operating from ungoverned spaces. After examining relevant rules of the law of state responsibility, it concludes that there is a responsibility deficit. For this reason, it puts forward a proposal for holding non-state actors that exercise effective power over territories and people directly responsible for their malicious cyber activities. In this respect, it considers the scope of their obligations, issues of attribution as well as issues concerning the implementation of their responsibility. It however acknowledges that many non-state actors including ‘virtual’ groups still remain outside legal regulation

The Crisis in Crimea and the Principle of Non-Intervention

During the civil unrest in Ukraine in early 2014 Russia began supplying rebel groups in Crimea with military equipment, deployed military forces into Crimea and encouraged and supported Crimea’s secession from Ukraine. This article claims that Russia’s conduct between February and March 2014 constitutes unlawful intervention and not a use of force. It reaches this conclusion by, first, exploring the meaning and content of the principles of non-intervention and the non-use of force and then, second, by examining Russia’s justifications namely, that it intervened at the request of Ukraine’s competent authorities, to protect endangered Russian citizens and to support Crimea’s claim to self-determination. The overall aim of this article is to highlight the content and meaning as well as the legal boundaries of the principle of (non)intervention as an international legal norm distinct from the prohibition against the use of force

Cyber peacekeeping operations and the regulation of the use of lethal force

Peacekeeping is an essential tool at the disposal of the United Nations for the maintenance of international peace and security. The growing relevance of cyber technologies presents itself as an opportunity to adapt peacekeeping to the challenges of a rapidly evolving security landscape. This article introduces the notion of "cyber-peacekeeping," defined as the incorporation and use of cyber capabilities by peacekeepers. It discusses the legal basis for cyber-peacekeeping and the foundational principles of consent, impartiality, and use of defensive force. The article examines the use of lethal force by cyber-peacekeepers under the law of armed conflict paradigm. It considers the circumstances under which cyber peacekeepers become a party to an international or non-international armed conflict, whether they become combatants, and under what circumstances cyber peacekeepers can commit direct participation in hostilities. The article also considers the use of lethal force under the law enforcement paradigm. In this respect, it discusses the applicability of International Human Rights Law to cyber-peacekeeping as well as its extraterritorial application by focusing on the right to life. It then goes on to examine the application of the requirements of necessity, proportionality, and precautions to the use of lethal force by cyber peacekeepers. The article is one of the first systematic expositions of how international law regulates the use of lethal force in the course of cyber-peacekeeping but its findings can also apply to traditional peacekeeping

Autonomous cyber weapons and command responsibility

Autonomous cyber weapons have made their way onto the battlefield, raising the question of whether commanders can be held criminally responsible under command responsibility when war crimes are committed. The doctrine of command responsibility has a long history in international criminal law and comprises three core elements: the existence of a superior-subordinate relationship, the commander’s knowledge of the crime, and the commander’s failure to prevent or repress the subordinate’s criminal actions. This article unpacks the content of these elements and applies them to autonomous cyber weapons by treating them as being analogous to soldiers since they operate within an organized system of command and control. The article goes on to address the important question of whether autonomous cyber weapons as subordinates can commit crimes and then examines the element of causality for the purposes of command responsibility. This article also explains the nature of command responsibility and offers conclusions as to its utility in establishing accountability when war crimes are committed by autonomous cyber weapons