Qualification of the Harmful Use of Information and Communications Technologies Under International Law: In Search of a Consensus

States face the question of how International Law norms should be applied to the harmful use of information and communications technologies (hereinafter ICT) in many different collective formats. Against this background, the intensive disclosure by states of their positions is a brand-new trend. As a result, managerialism is slowly giving way to consensualism. However, do these collective and individual efforts help to clarify the key problems connected with the qualification of these harmful practices? Based on the analysis of the reports of the UN Group of Governmental Experts and the Open-Ended Working Group, as well as the official positions articulated by states, this article seeks to reveal the extent to which states have managed to achieve a consensus on the qualification of harmful cyber activities under International Law, and on which issues. This question is crucial for identifying the subsequent practice in the application of international treaties, which establishes the agreement of the parties regarding their interpretation, as well as the practice and opinio juris as elements of international customs.

The research confirmed that the principle of non-intervention in domestic affairs, while its full applicability in the cyber context is not questioned by states, has very limited significance for the qualification of the harmful use of ICTs, which brings to the fore[1]front the principle of sovereignty. However, the official positions of states, based on a denial or, vice versa, an affirmation of this principle as a separate rule, postulate the impossibility of applying the principle of sovereignty without the concretization of its content in the cyber context. The fact that there is a multitude of approaches does not foreshadow the possibility of reaching a consensus on this issue in the near future. With respect to the jus ad bellum and jus in bello norms, the readiness of the majority of states to qualify the cases of harmful use of ICTs as a “use of force” or even an “armed attack,” and to overstretch the scope of the International Humanitarian Law notions of an “attack” or “military operation,” is described as being indicative of the abuse of the “military paradigm” to assess these activities. The approaches of some states go so far beyond the normative scope of these notions that their assertion loses legal significance and seems to have rather a political character by primarily fulfilling the deterrent function.

The article concludes by diagnosing that a consensus between states on the application of International Law to harmful ICT practices has been reached at a very high level of abstraction and hardly transcends the limits of the general acknowledgment of the applicability of International Law in the cybersphere. This fact enshrines indeterminacy as the main feature of the qualification of harmful use of ICTs under International Law and renders almost every stance on nuances of the application of International Law to these acts to be ad hoc ones.

1. Akande D., Coco A., de Souza Dias T. 2022. Drawing the Cyber Baseline: The Applicability of Existing International Law to the Governance of Information and Communication Technologies. International Law Studies. Vol. 99. P. 4-36.

2. Chircop L. 2018. A Due Diligence Standard of Attribution in Cyberspace. International and Comparative Law Quarterly. 67(3): 643-668. DOI: 10.1017/S0020589318000015.

3. Corten O. 2012. The Law against War: The Prohibition on the Use of Force in Contemporary International Law. Oxford; Portland: Hart Publishing. 569 p.

4. Delerue F. 2019. Reinterpretation or Contestation of International Law in Cyberspace? Israel Law Review. 52(3): 295-326. DOI:10.1017/S0021223719000104.

5. Delerue F. 2020. Cyber Operations and International Law. Cambridge: Cambridge University Press. 513 p. DOI: https://doi.org/10.1017/9781108780605.

6. Hitchens Th., Goren N. 2017. International Cybersecurity Information Sharing Agreements. 141 p. URL: https://cissm.umd.edu/sites/default/files/2019-07/Cyber%20information%20sharing%20agreement%20report%20-%20102017%20%20FINAL.pdf (accessed 01.11.2021).

7. Hollis D. 2020. Improving Transparency. International Law and State Cyber Operations. Fourth report to the Organization of American States. 22 p. URL: https://ceipfiles.s3.amazonaws.com/pdf/CyberNorms/LawStatements/Improving+Transparency+International+Law+and+State+Cyber+Operations_+Fourth+Report.pdf (accessed 01.11.2021).

8. Melzer N. (ed). 2009. Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law. Geneva: International Committee of the Red Cross. 89 p. URL: www.icrc.org/en/doc/assets/files/other/icrc-002-0990.pdf (accessed 01.11.2021).

9. Jensen E.T., Watts S. 2017. A Cyber Duty of Due Diligence: Gentle Civilizer or Crude Destabilizer? Texas Law Review. Vol. 95. P. 1555-1577.

10. Koh H.H. 2012. International Law in Cyberspace. Harvard International Law Journal Online. Vol. 54. P. 1-12. URL: https://harvardilj.org/wp-content/uploads/sites/15/2012/12/Koh-Speech-toPublish1.pdf (accessed01.11.2021).

11. Romashkina N. P. 2020. Problema mezhdunarodnoi informat- sionnoi bezopasnosti v OON [Problem of International Information Security in the UN]. Mirovaya ekonomika i mezhdunarodnye otnosheniya. No.64. P. 25-32. DOI: 10.20542/0131-2227-2020-64-12-25-32. (In Russian).

12. Roscini M. 2015. Evidentiary Issues in International Disputes Related to State Responsibility for Cyber Operations. Texas International Law Journal. 50(2): 233-273

13. Rusinova V. N. 2018. Mezhdunarodno-pravovoi printsip nevmeshatel'stva i kiberoperatsii: neopravdannye ozhidaniya? [The international legal principle of noninterference and cyber-operations: unjustified expectations?]. Mezhdunarodnoe pravosudie. No. 1. P. 38-52. DOI: 10.21128/2226-2059-2018-1-38-52. (In Russian).

14. Shackelford S.J., Russell S., Kuehn A. 2016. Unpacking the International Law on Cybersecurity Due Diligence: Lessons from the Public and Private Sectors. Chicago Journal of International Law. Vol. 17. P. 1-51.

15. Schmitt M. N. (ed). 2017. Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. Ed. by Cambridge: Cambridge University Press. 598 p.

16. Simma B. (ed). 2002. The Charter of the United Nations. A Commentary. 2nd ed. Oxford: Oxford University Press. 895 p.

17. Watts S. 2015. Low-Intensity Cyber Operations and the Principle of Non-Intervention. In: Ohlin J.D., Govern K., Finkelstein C. (eds). Cyber War: Law and Ethics for Virtual Conflicts. Oxford: Oxford University Press. P. 249-270. DOI: 10.1093/acprof:oso/9780198717492.003.0012