At the beginning of January 2019, just three months before the upcoming Israeli parliamentary elections, the Director of the ISA (Israel Security Agency – “Shin Bet”) revealed that “[a] foreign country intends to interfere in the coming elections…and it will interfere” through the use of cyber-means. Of course, this is not the first time in the digital era that a certain country has been suspected of interfering in foreign elections. Such allegations arose, inter alia, surrounding the 2015 UK election, the 2016 US Presidential election, the 2017 French election, and the Brexit referendum.
Indeed, foreign election interference is not a new concept in international relations. History shows that states attempted to meddle in foreign elections – mainly in order to change the existing regime – long before cyber became a means to this end. However, we seem to be more anxious when confronted with interference conducted by the use of cyber, perhaps because the accessibility of cyber products, which are found in (almost) every household, has made election interference (among others) easier; or perhaps because of the difficulty in identifying interference assessing its implications on a real-time basis. Regardless of the means used (cyber or other), however, interference in foreign elections poses a genuine threat to democracy, the integrity of the electoral process, and the political independence and stability of states.
Various publications explain that election interference though cyber-means may be undertaken through three main types of operations:
(1) Information operations aimed at collecting personal information or data on a certain candidate or campaign (“phishing”), in order to embarrass and undermine their status and thus influence public opinion. This type of operation targeted the Hillary Clinton Campaign in 2016 and the DNC (Democratic National Committee) server in the US, as well as the 2017 Macron campaign in France.
(2) Influence operations, or “fake news,” designed to disseminate false data or information and mainly used for propaganda and social purposes in order to spread fear and distress. As with informational operations, the goal is to influence public opinion. This type of operation occurred in the US during both the 2016 Presidential election and the 2018 midterm elections, as well as during the Brexit referendum in the UK.
(3) Technical operations aimed at the end-point device (in this case, electronic voting machines) through the use of malware, in order to cause actual changes in the “vote tallies” (as distinct from changes in public opinion). The purpose here is to undermine the voting process and its integrity. Although such operations seem plausible, to date there is no actual proof that technical operations have been implemented in past elections.
On the surface, it appears that when discussing interference in elections, we are essentially dealing with “unauthorized access to information and its subsequent distribution” or espionage. In practice, and as far as we know, states have either abandoned the need for retaliation in response to election interference or dealt with it under domestic criminal law. Nevertheless, while former US Vice-President Richard B. Cheney called the 2016 election interference an “act of war,” and former President Barack Obama stated that the US would “take action…at a time and place of [its] own choosing,” the legality of such practices, from an international law perspective, remains contested, especially when conducted in peacetime. I will focus here mainly on the principles of non-intervention and the prohibition of the use of force. Other aspects of international law may certainly be involved in election interference, such as sovereignty and attribution, but these exceed the scope of this post.
Currently, there is no specific principle of international law applicable to cyberspace in general or to election interference, in particular. Accordingly, we must apply the existing principles of international law and interpret them accordingly. Nonetheless, it would seem that the current legal interpretation and scope of application concerning the relevant legal principles (i.e. non-intervention and the prohibition of the use of force) have no contemporary legal basis and do not provide states with a comprehensive legal solution for cyber threats in the context of election interference. This reality may ultimately undermine the long-term international stability of the legal principle.
The Tallinn Manual, as well as the prevailing legal interpretation, do not construe interference in elections as amounting to an “act of war.” Indeed, it is emphasized that such actions may fall below the bar for the use of force (and particularly the right of self-defense, which requires the even higher threshold of “armed attack”), as stipulated in article 2(4) of the United Nations Charter (“UNC”). Current legal interpretation reflects a narrow approach to the term “force,” excluding all actions that are inherently non-violent. Accordingly, cyber operations are only usually considered to amount to the use of force if they cause physical casualties or damage. Since election interferences lead to neither of the above, they may fall short of the use-of-force level.
Even more clearly, arguably, election interference also fails to meet the non-intervention principle, which is not explicitly mentioned in the UNC but is established in customary international law as “the right of every sovereign State to govern its affairs without outside interference.” The difficulty in applying the non-intervention principle to election interference concerns the “coercive element” – an often elusive component that can be difficult to identify, especially when dealing with election interference. The Tallinn Manual concluded that the non-intervention principle might apply when “using cyber-operations to remotely alter electronic ballots and thereby manipulate an election”. In other words, election interference that does not manipulate the election process per se, but rather seeks to influence (freely) voters’ behavior (e.g. information and influence operations) may not activate this principle.
In order for any legal instrument to endure, it must be adjusted and molded in response to new realities. Therefore, the paradigms of international law should also develop in order to withstand changing times. International law is presumed to be a dynamic legal instrument that can be adjusted and amended over time, And accordingly as warfare changes, so should the existing law – though its “principles…remain intact.” This was also the spirit of the ruling in the Nicaragua v. Costa Rica case, in which the ICJ concluded that “where the treaty has been entered into for a very long period or is ‘of continuing duration,’ the parties must be presumed, as a general rule, to have intended those terms to have an evolving meaning.”
On the basis of the above, I propose two cumulative theories in order to address the issue of the legality of elections interference:
First, we should consider regarding cyberspace as a new operational dimension. This will allow for a more flexible interpretation of cyber terminology and result in fewer cases when legal paradigms cannot be clearly applied and implemented. In other words, the legal principle should be interpreted according to the unique characteristics of each dimension, real and virtual. Instead of the prevailing narrow approach to the use of force prohibition, we could perhaps adopt a non-material approach, so that even virtual operations resulting in non-material outcomes could reach the use-of-force threshold (without requiring physical consequences, such as damages or casualties). Similarly, we might reconsider the concept of coercion, widening the scope of the non-intervention principle in order to ensure that it also applies to elections interference.
Second, we should distinguish between election interference that causes psychological effects and impacts on the electoral process when voters “adopt or change certain behaviors willingly” (i.e. information or influence operations), and forms of interference that cause actual disruption to the essential functions of a state, such as its voting machines (i.e. technical operations), thereby affecting the voting process. Subsequently, we could formulate different levels of operations: while the former operations might activate the non-intervention principle (once the interpretation of “coercion” is expanded), the latter operations might meet the use-of-force threshold, since such actions disrupt functions that are essential and influence the public (in addition to the notion of intervention “in the internal or external affairs of another State”).
Future developments may require us to re-examine these legal conclusions and interpretations. For now, though, these proposed theories offer a sufficient baseline for the legal discussion concerning election interference.
 Samuli Haataga, Cyber Attacks and International Law on the Use of Force: The Turn to Information Ethics (Emerging Technologies, Ethics and International Affairs), Routledge – Taylor and Francis Group (2019), 172
 Ducan B. Hollis, The Influence of War: The War for Influence (2018), available at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3155273, 11
 Ibid (Hollis), 9
 Ibid., FN 1 (Haataga), 173
 Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, (Michael N. Schmitt ed.), Cambridge University Press (2nd edition - 2017), 330: Rule 69 - "A cyber operation constitutes a use of force when its scale and effects are comparable to non-cyber operations rising to the level of a use of force"
 Ibid., FN 1 (Haataga), 168
 Yoram Dinstein, War, Aggression and Self-Defence, Cambridge University Press (6th edition – 2017), 90
 Ibid., FN 5 (Tallinn)
 Note that article 2(7) of the UNC does not explicitly apply to States; also acknowledged in several UN Resolutions, such as the Declaration on the Inadmissibility of Intervention in the Domestic Affairs of States and the Protection of Their Independence and Sovereignty (A/RES/2131(XX)), 21 December 1965, and the Declaration on Principles of International Law concerning Friendly Relations and Co-operation among States in accordance with the Charter of the United Nations (A/RES/25/2625(XXV)), 24 October 1970; and also mentioned in several International Court of Justice (ICJ) judgments, such as The Corfu Channel case (Merits), Judgment of April 9, 1949, I.C.J Reports 1949; the Military and Paramilitary Activities in and against Nicaragua (Nicaragua v. United States of America), Merits, Judgment. I.C.J. Reports 1986; and Armed Activities on the Territory of the Congo (Democratic Republic of the Congo v. Uganda), Judgment, I.C.J. Reports 2005
Ibid., FN 9 (Nicaragua), para 202
 Ibid., FN 2 (Hollis), 10-11
 Michael N. Schmitt, Grey Zones in the International Law of Cyberspace, the Yale Journal for International Law, Vol 42:2 (2017), available at https://cpb-us-w2.wpmucdn.com/campuspress.yale.edu/dist/8/1581/files/2017/08/Schmitt_Grey-Areas-in-the-International-Law-of-Cyberspace-1cab8kj.pdf, 2
 Ibid., FN 5 (Tallinn), 313
 Ibid., FN 2 (Hollis), 11; also see ibid., FN 1 (Haataga), 171-172
 Tom Ruys, The Meaning of Force and the Boundaries of the jus as bellum, 108(2) American Journal of International Law 159 (2014), 163; also see, Michael N. Schmitt, The Law of Cyber Warfare: Quo Vadis, 25 Stan. L. & Pol'y Rev. 269 (2014), 271-272
 “If law is to remain effective over time, it must be responsive to context”, ibid., 272
 Mathew C. Waxman, Cyber-Attacks and the Use of Force: Back to the Future of Article 2(4), 36 Yale J. Int'l L. 421 (2011), 425
 Yoram Dinstein, Cyber War and International Law: Concluding Remarks at the 2012 Naval War College International Law Conference, 89 Int’l L. Stud. 276 (2013), 280
 Dispute regarding Navigational and Related Rights (Costa Rica v. Nicaragua), Judgment, I.C.J. Reports 2009, para 66
 Ibid., FN 1 (Haataga), 171
 Ido Kilovaty, Doxfare – Election Hacking as Prohibited Intervention (2017), available at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2945128, 174
Ibid., FN 2 (Hollis), 11
 Ibid., FN 5 (Tallinn), 312