The research will be designed to compare the respective practices and doctrine of the surveyed states with each other and with respect to the emerging interpretations of international law in the cyber context, as reflected in the Tallinn Manual and in Tallinn Manual 2.0. This will serve to “field test” the various legal positions reflected in the Manuals, evaluate their influence, and identify areas of resistance to their contents. Through comparison and evaluation, the research will contribute to promoting the conceptual legal work already taken in Tallinn.
The focus will be on identifying emerging practices and doctrines for combating cyber-attacks in selected countries, including the United States of America and Israel. The research will initially focus on the following core practical questions, which are critically important in analyzing the application of international law to cyber-attacks:
- Under what circumstances do the surveyed states consider cyber-attacks a prohibited “use of force” under international law?
- Under what circumstances do these states consider cyber-attacks to qualify as an “armed attack” under international law, such that the target state may respond forcefully pursuant to the right of self-defense?
- Under what circumstances do these states consider a cyber-attack a terror attack?
- Under what circumstances do these states take the position that a cyber-attack that does not qualify as an armed attack may be treated as opening the door to a “cyber counter-attack” pursuant to the law of countermeasures?
- Do these states treat cyber-attacks by other states and by non-state actors differently, and if so – how?
- What degree of relationship do these states generally deem sufficient to attribute a cyber-attack by a non-state actor to another state?
- When do these states view cyber-attacks conducted by or attributable to other states as a violation of the prohibition of intervention into the internal affairs of other states?
- What type and degree of evidence do these states require in order to attribute a cyber-attack to another state or to a non-state actor?
- How do these states apply the rules governing the conduct of hostilities during an armed conflict to cyber operations?
The purpose of the research is to provide an updated overview of law in practice in comparison with the suggested practice of the Tallinn Manuals, with a view to evaluating its progress toward becoming customary international law.
Click here to see the photos from the Tallinn
Click here to read the Tallinn summery