1 / 16

International Legal Aspects of Cyber Security

International Legal Aspects of Cyber Security. Thomas C. Wingfield Professor of International Law George C. Marshall European Center for Security Studies Garmisch-Partenkirchen, Germany June 11, 2013. International Cyber Law. Threats Framework Priority Regimes Top Legal Issues

ulfah
Download Presentation

International Legal Aspects of Cyber Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. International Legal Aspects of Cyber Security Thomas C. Wingfield Professor of International Law George C. Marshall European Center for Security Studies Garmisch-Partenkirchen, Germany June 11, 2013

  2. International Cyber Law • Threats • Framework • Priority • Regimes • Top Legal Issues • “Act of War”

  3. Sources States Corporations Hackers Hacktivists Disgruntled Insiders Terrorists Botnet Operators (Spear)phishers Spammers Spyware and Malware Authors Pedophiles Categories Confidentiality Espionage Personal Data Theft Data Mining Fraud Integrity Propaganda / Disinformation Intimidation Destruction Availability External Information Internal Information Threats

  4. Framework and Priority • Possible: Technology • Permissible: Law • Preferable: Policy • Treaty Law • Customary International Law • State practice • Opinio juris • Persistent objection • Jus Cogens

  5. Legal Regimes in Cyberspace

  6. Neutrality • Infrastructure-in-exile • General Rule • Absolute vs. Floating Standards • Loss of protection • Targets • Belligerency • Georgia

  7. Proportionality • Schmitt Uncertainties • What is being hit • Precision of targeting • “Blast” radius • Solutions • IPE • Hardware/Software • Phone Home • Legal vs. Policy • STUXNET, et al.

  8. Human Rights • Reporting • Organization • Tracking • Cyber Stents • Egypt, Libya, Syria, etc.

  9. Attribution • Two dimensions • Degree of involvement • State responsibility • Certainty • MP v. C&C v. BRD • Reactive attribution • CYBERCOM statement • China, Russia, . . .

  10. State Fingerprints • Criteria • Claim of Responsibility • High: Lulz Security v. US/UK • Low: Unknown exploits (but see MI-6) • Monetization • High: Citi names, addresses, e-mails, and transaction histories (200,000) • Low: IMF internal e-mails and documents; French Finance Ministry/G-20 • Sophistication • Low: (Spear)phishing, many zero-day exploits • High: STUXNET • Best Resources • Website: Information Warfare Monitor • http://www.infowar-monitor.net/ • Book: Cyber Adversary Characterization • http://www.amazon.com/s/ref=nb_sb_noss?url=search-alias%3Daps&field-keywords=cyber+adversary+characterization

  11. “Act of War” • Threat or Use of Force • “Scale and effects” • Schmitt Criteria • Severity • Immediacy • Directness • Invasiveness • Measurability • Presumptive Legitimacy • Responsibility • Armed Attack • Loss of life, extensive property damage • “Tanks across the border,” 9/11

  12. Questions? Thomas C. Wingfield Professor of International Law George C. Marshall European Center for Security Studies thomas.c.wingfield@marshallcenter.org +49 (0) 8821 750 2307

  13. Incitement • Nuremberg: Streicher v. Fritzsche • Genocide Convention: Art. III(c) “Direct and public incitement” • Rome Statute: Art. 25(3)(e) • Hate Speech • EU Framework Decision (28 Nov 08) • Free Speech • Rwanda: radio; Estonia: cyber

  14. Hate Speech vs. Free Speech • Framework Decision • Public incitement and hatred against persons of a different race, color, religion, or national or ethnic origin • Public approval, denial, or gross trivialization of international crimes, notably genocide • First Amendment: Congress shall make no law . . . abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.

  15. Human Rights: Treaty • General Comment No. 34 to Art. 19, ICCPR • http://www2.ohchr.org/english/bodies/hrc/comments.htm • 3. Freedom of expression is a necessary condition for the realization of the principles of transparency and accountability that are, in turn, essential for the promotion and protection of human rights. • 43. Any restrictions on the operation of websites, blogs or any other internet-based, electronic or other such information dissemination system, including systems to support such communication, such as internet service providers or search engines, are only permissible to the extent that they are compatible with paragraph 3. Permissible restrictions generally should be content-specific; generic bans on the operation of certain sites and systems are not compatible with paragraph 3. It is also inconsistent with paragraph 3 to prohibit a site or an information dissemination system from publishing material solely on the basis that it may be critical of the government or the political social system espoused by the government.

  16. Human Rights: Custom “We do not seek to impose any system of government on any other nation, but we also don’t believe that the principles that we stand for are unique to our nation. These freedoms of expression and worship, of access to information and political participation, we believe are universal rights.” President Obama, 16 Nov 09

More Related