The Tallinn Manual on Cyber Operations and the Laws of War: Towards Customary International Law

By: Yuval Shany, Dan Efrony and Michael Schmitt

Read the Full Article

The research will be designed to compare the respective practices and doctrine of the surveyed states with each other and with respect to the emerging interpretations of international law in the cyber context that are reflected in the Tallinn Manual and in Tallinn Manual 2.0.  Doing so will serve to “field test” the various legal positions reflected in the Manuals, evaluate their influence, and identify areas of resistance to their contents. Through comparison and evaluation, the research would contribute to promoting the conceptual legal work, which was already taken in Talinn.

The focus will be on identifying practices and doctrines that are emerging for combating cyber-attacks in a number of select states, including the United States of America and Israel.

The research may will initially focus on the following core practical questions, which are critically important in analysing international law application to cyber-attacks:

  1. Under what circumstances do the surveyed states consider cyber-attacks a prohibited “use of force” under international law?
  2. Under what circumstances do these states consider cyber-attacks to qualify as an “armed attack” under international law such that the target state may respond forcefully pursuant to the right of self-defence?
  3. Under what circumstances do these states consider a cyber-attack a terror attack?
  4. Under what circumstances do these states take the position that a cyber-attack that does not qualify as an armed attack may be treated as opening the door to a “cyber counter-attack” pursuant to the law of countermeasures?
  5. Do these states treat cyber-attacks by other states and by non-state actors differently and, if so, how?
  6. What degree of relationship do these states generally deem sufficient to attribute a cyber-attack by a non-state actor to another state?
  7. When do these states view cyber-attacks conducted by or attributable to other states as a violation of the prohibition of intervention into the internal affairs of other states?
  8. What type and degree of evidence do these states require to attribute a cyber-attack to another state or to a non-state actor?
  9. How do these states apply the rules governing the conduct of hostilities during an armed conflict to cyber operations?

The purpose of the research is to provide an updated  overview of law in practice in comparison with the suggested practice of the Tallinn Manuals, with a view to evaluating its progress towards becoming customary International law.