Inside Cyber Warfare - Jeffrey Carr [24]
UNCLOS
UNCLOS stands for the United Nations Convention on the Law of the Sea treaty. Like outer space, the oceans offer a comparable analogy to cyberspace in their vastness and in how nations have agreed to interact in what we identify as international waters.
Problems arose with UNCLOS III when the United States, Germany, and the UK balked at the UN’s attempts to institute technology transfer requirements. Technology, it seems, consistently poses challenges to any treaty regime that attempts to regulate its development—a foreshadowing of the legal difficulties that are present with acts of cyber warfare. In other words, if technology transfer hit a wall with UNCLOS, things aren’t going to get any easier with a cyber warfare treaty modeled after it.
MLAT
Mutual Legal Assistance Treaties are a catch-all for individualized cooperation agreements between nations, such as joint law enforcement efforts, extradition treaties, and so on. The United States currently appears to be pursuing this approach, whereas the Russian Federation prefers the analogy of treating cyber warfare as a weapon of mass destruction (WMD) and banning its use under an appropriate treaty regime.
United States Versus Russian Federation: Two Different Approaches
The New York Times reported on June 27, 2009, that Russia and the United States were butting heads on how to approach cyber warfare from an international perspective. Russia’s position is that it should be modeled after the Chemical Weapons Treaty or other arms control-type treaties, whereas the United States would prefer to engage international law enforcement in cooperating more closely to catch cyber criminals. Many cyber criminals are also engaged as nonstate hackers during times of cyber conflict, so this strategy would have a two-tiered benefit of securing the Web against acts of cyber crime and cyber warfare.
One Russian argument against the US position was published in Moscow Military Thought (March 31, 2007) entitled “Russian Federation Military Policy in the Area of International Information Security: Regional Aspect”:
International legal acts regulating relations arising in the process of combating cyber crime and cyber terrorism must not contain norms violating such immutable principles of international law as noninterference in the internal affairs of other states, and the sovereignty of the latter.
Moreover, politically motivated cyber attacks executed on orders from governmental structures can be qualified as military crimes with all the ensuing procedures of investigation and criminal persecution of the culprits. Besides, military cyber attacks can be considered as a subject of international public law. In this case, we should speak about imposing restrictions on development and use of computers intended to bring hostile influences to bear on objects in other states’ cyberspace.
In any event, the military policy in the area of international information security where it involves opposition to cyber terrorism and cyber crime should be directed at introducing international legal mechanisms that would make it possible to contain potential aggressors from uncontrolled and surreptitious use of cyber weapons against the Russian Federation and its geopolitical allies.
Clearly, Russia was formulating its policy in this area prior to 2007, and it has not changed in the years since. Although the reason expressed is one of national sovereignty and noninterference, such a position also protects Russia’s key strategic asset in its cyber arsenal: its own population of highly educated, patriotic hackers who are more than willing to fight on their country’s behalf in the domain of cyberspace.
The Law of Armed Conflict
Interestingly, Shackleford does not address the LOAC at all in his paper, which goes to show just how diverse the opinions are of legal experts who focus on this field. Instead, he attempts to make the case that:
The best way to ensure a comprehensive approach to lessening the occurrence