Direct participation in hostilities

From International cyber law: interactive toolkit
Jump to navigation Jump to search

Definition[edit | edit source]

Direct participation in hostilities

Civilians benefit from a general protection from attack.[1] However, this protection is lifted “for such time as they take a direct part in hostilities”.[2] During this period, a civilian who directly participates in hostilities (DPH) may be attacked lawfully.[3] As customary international law,[4] this rule also applies to cyber operations, when these occur during an armed conflict.[5]

Absent a definition, it remains controversial when a conduct qualifies as direct participation[6] and how long this period lasts.[7] According to the ICRC DPH study,[8] a specific act must meet the following criteria to qualify as direct participation in hostilities:

  1. the act must be likely to adversely affect the military operations or military capacity of a party to an armed conflict or, alternatively, to inflict death, injury, or destruction on persons or objects protected against direct attack (threshold of harm), and
  2. there must be a direct causal link between the act and the harm likely to result either from that act, or from a coordinated military operation of which that act constitutes an integral part (direct causation), and
  3. the act must be specifically designed to directly cause the required threshold of harm in support of a party to the conflict and to the detriment of another (belligerent nexus).[9]

These criteria are neutral as to the means and methods of warfare used by the act in question; accordingly, they equally apply to cyber operations.[10] Arguably, “digital” damage is included as long as the cyber operation negatively affects the enemy’s military operations or military capacity.[11] Examples of direct participation in hostilities through cyber means include damaging enemy property or equipment, or the transmission of military information for immediate use by a belligerent.

Additionally, in a NIAC, a person who is a member of an organized armed group (OAG) that is a party to the conflict loses his or her protection if he or she fulfils a continuous combat function (CCF) within the group. This occurs when the (continuous) function of a person in a group is to directly participate in hostilities. It requires lasting integration into the OAG in question.[12] This includes the individuals whose continuous function involves the preparation, execution or command of cyber operations amounting to DPH.[13] Simple membership in a hacker group without any DPH function does not suffice for a CCF,[14] as the DPH criteria are designed to exclude subsidiary support functions within a group.[15]

The CCF concerns the temporal scope of the loss of protection and is function-based.[16] The membership in an OAG starts when the civilian “starts de facto to assume the continuous combat function” and lasts until that function ceases.[17]

Publicly available national positions that address this issue include: National position of France (2019) (2019), National position of Germany (2021) (2021), National position of the United Kingdom (2021) (2021).

National positions[edit | edit source]

France (2019)[edit | edit source]

"Cyber-combatants, especially military personnel assigned to a cyberspace operations command, a group of hackers under State command or members of organised armed groups perpetrating cyberoperations against the adversary may be attacked, unless they are hors de combat.

Any other person is considered to be a civilian and enjoys general protection against the dangers arising from military operations, unless and for such time as they take a direct part in hostilities. A cyberoperation which is carried out to adversely affect the military operations or military capacity of a party to an armed conflict to the detriment of that party and to the advantage of an adversary, or which is likely to cause loss of human life, injury and civilian damage may be deemed a direct participation in hostilities.

For example, the penetration of a military system by a party to an armed conflict with a view to gathering tactical intelligence for the benefit of an adversary for the purposes of an attack constitutes direct participation in hostilities. The same applies to installing malicious code, preparing a botnet in order to launch an attack by denial of service, or developing software specifically intended for the perpetration of a hostile act." [18]

"Cyber-combatants integrated into or affiliated with the armed forces or members of organised armed groups may be targeted by conventional means, in the same way as civilians conducting offensive activities that constitute direct participation in hostilities. Given the difficulties of identifying the perpetrators of a cyberattack, the targeting of such individuals remains marginal."[19]

Germany (2021)[edit | edit source]

"The principle of distinction obliges States to differentiate between military and civilian objects, as well as between civilians, on the one hand, and combatants, members of organized armed groups and civilians taking direct part in hostilities, on the other hand. While IHL does not prohibit an attack on the latter, civilians (not taking direct part in hostilities) and civilian objects must be spared.

Civilians operating in cyberspace can be considered as taking direct part in hostilities with the result of losing their protection from attack and the effects of the hostilities, provided the following conditions are met: Their acts are likely to adversely affect the military operations or military capacity of a party, there is a direct causal link between their acts and the adverse effects and the acts are specifically designed to inflict harm in support of a party to an armed conflict and to the detriment of another (belligerent nexus). Thus, Germany agrees with the view that, for example, ‘electronic interference with military computer networks […], whether through computer network attacks or computer network exploitation, as well as wiretapping […] [of an] adversary’s high command or transmitting tactical targeting information for an attack’, could suffice in order to consider a civilian person as directly participating in hostilities."[20]

United Kingdom (2021)[edit | edit source]

"Civilians are protected from attack unless and for such time as they take a direct part in hostilities. To the extent that civilians carry out cyber operations in an armed conflict that amount to attacks, they would lose their protected status under IHL and, by taking a direct part in hostilities, become legitimate military targets." [21]

Appendixes[edit | edit source]

See also[edit | edit source]

Notes and references[edit | edit source]

  1. Art. 51 (2) AP I; ICRC, CIHL Study, Rule 1, 7 and 25.
  2. Art. 51 (3) AP I; ICRC, CIHL Study, Rules 6 and 34.
  3. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009)69-73; • Hans-Peter Gasser/ and Knut Dörmann, ´Protection of Civilian Population´ in D Fleck (ed), The Handbook of International Humanitarian Law (3rd edn, OUP 2013) 255-257.
  4. ICRC, CIHL Study, Rule 6.
  5. Tallinn Manual 2.0, Rule 97.
  6. Program on Humanitarian Policy and Conflict Research at Harvard University, Commentary on the HPCR Manual on the International Law Applicable to Air and Missile Warfare (hereinafter AMW Manual) (2009) Rule 28, 119-120; ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 67; Michael N. Schmitt, ´The Interpretive Guidance on the Notion of Direct Participation in Hostilities: A Critical Analysis´, Harvard National Security Journal (2010) 25.
  7. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 41, 65-68; Tassilo Singer, ´Update to Revolving Door 2.0 – the Extension of the Period for Direct Participation in Hostilities Due to Autonomous Cyber Weapons´ in H. Roigas, R. Jakschis, L. Lindström and T. Minarik (eds.), Defending the Core, 9th International Conference on Cyber Conflict 2017 (NATO CCDCOE Publications 2017), 121-133; Bill Boothby, ‘“And for such time as”: The time dimension to direct participation in hostilities’ (2010) 42 International Law and Politics 741.
  8. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 46-64.
  9. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 46.
  10. Tallinn Manual 2.0, commentary to Rule 97, para. 5.
  11. Tallinn Manual 2.0, commentary to Rule 97, para. 5; see also ICRC, 51; AMW Manual, commentary accompanying Rule 29.
  12. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 33-35; Crit.: Michael N. Schmitt, ´The Interpretive Guidance on the Notion of Direct Participation in Hostilities: A Critical Analysis´, Harvard National Security Journal (2010) 21-24.
  13. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 34.
  14. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 33-35.
  15. Emily Crawford, ´Virtual Battlegrounds: Direct Participation in Cyber Warfare´ ( I/S: A Journal of Law and Policy Vol. 9:1 2013)12; Crit.: Yoram Dinstein (ed), Non-International Armed Conflicts (CUP 2014), 61-62.
  16. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 45, 70
  17. ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law (ICRC 2009) 72.
  18. Ministry of Defense of France, International Law Applied to Operations in Cyberspace, 9 September 2019, 15.
  19. Ministry of Defense of France, International Law Applied to Operations in Cyberspace, 9 September 2019, 15.
  20. Federal Government of Germany, On the Application of International Law in Cyberspace, March 2021, 8.
  21. United Kingdom Foreign, Commonwealth & Development Office, Application of international law to states’ conduct in cyberspace: UK statement, 3 June 2021

Bibliography and further reading[edit | edit source]