Cyber Weapons Review in Situations Below the Threshold of Armed Conflict

Kudláčková,  Ivana; Harašta,  Jakub; Wallace, David

Cyber Weapons Review in Situations Below the Threshold of Armed Conflict

Warning

This publication doesn't include Faculty of Arts. It includes Faculty of Law. Official publication website can be found on muni.cz.

Authors	KUDLÁČKOVÁ Ivana HARAŠTA Jakub WALLACE David
Year of publication	2020
Type	Article in Proceedings
Conference	2020 12th International Conference on Cyber Conflict 20/20 Vision: The Next Decade
MU Faculty or unit	Faculty of Law
Citation
Web	Open access textu Open access sborníku
Keywords	cyber weapons; software; legal review; art. 36 of Additional Protocol I; human rights
Attached files	CyCon_2020_6_Kudlackova_Wallace_Harasta.pdf
Description	The use of cyber weapons raises many issues, one of which is the scope of legal requirements affecting the legal review of cyber weapons under Additional Protocol I and customary international law. This paper explores the review of cyber weapons intended for use below the threshold of armed conflict. As the line between war and peace is often increasingly blurred and the majority of cyber incidents are below the threshold of armed conflict, the laws and principles of international humanitarian law do not apply. In this paper, we engage in a scenariobased thought experiment exploring the legal framework affecting the use of cyber weapons outside armed conflict. In such situations, the well-known article 36 of Additional Protocol I and customary international law are not triggered. As a result, there is no explicit legal obligation to conduct a cyber weapons review in situations when cyber weapons are deployed in situations falling below the threshold of armed conflict. Our starting point is that even though international humanitarian law is not applicable, the use of cyber weapons is not completely unregulated. In the paper, we search for answer to following research question: what are the legal requirements for weapons review in situations where their intended use is for situations below the threshold of armed conflict? We identify the black-letter legal framework and explore the state practice of NATO member states where available. The paper argues that there are many obligations to be considered when deploying cyber weapons in situations below the threshold of armed conflict. The conclusion is that there is no obligation to conduct a review outside Article 36 of Additional Protocol I. That being said, there are definitely policy benefits in conducting broader software assessment to ensure respect to international law obligations of a state.
Related projects:	CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence