Difference between revisions of "Military objectives"

From International cyber law: interactive toolkit
Jump to navigation Jump to search
(→‎Definition of military objectives: incorporating edits LRB)
Line 22: Line 22:
 
! scope="col" style="background-color:#ffffaa;"| Data as a military objective
 
! scope="col" style="background-color:#ffffaa;"| Data as a military objective
 
|-
 
|-
|Since the binding definition of military objectives is limited to “objects”, it is of crucial importance [[Military objectives|whether data may qualify as an “object” and therefore a military objective]], particularly in respect of cyber operations that do not result in a physical effect. If data do not qualify as “objects”, then cyber operations against data would not be subject to the specific IHL rules governing targeting.
+
|The definition of military objectives and the prohibition of attacks on civilian objects are limited to “objects”. If the target of a cyber operation is not an “object”, then actions against it are not constrained by the rules of IHL that govern targeting. It is therefore of crucial importance '''whether data may qualify as an “object” and therefore be''' either '''a military objective''' subject to attack or a civilian object protected from attack, particularly with respect to cyber operations that do not result in a physical effect. If data does not qualify as an “object”, civilian datasets would enjoy little if any protection in times of armed conflict.
   
Two main views have emerged in this regard. On the one hand, some experts consider the notion “object” to be limited to something with physical properties that is visible and tangible in the real world.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, paras 5–6 (noting that the majority of experts considered that due to it being intangible, data does not fall within the ordinary meaning of the term object, which is “something visible and tangible”) (internal quotation marks deleted); but see Michael N Schmitt, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=83 The Notion of ‘Objects’ during Cyber Operations: A Riposte in Defence of Interpretive and Applicative Precision]’ (2015) 48 IsrLR 81, 93 (noting that although the “visible and tangible” criterion influenced the Tallinn Manual experts’ deliberations, it was not dispositive).</ref> This view is based on a textual interpretation of the term “object” and it finds further support in the 1987 ICRC commentary to the Additional Protocols.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, para 5 (“An ‘object’ is characterised in the ICRC Additional Protocols 1987 Commentary as something ‘visible and tangible’.”), citing Yves Sandoz, Christophe Swinarski and Bruno Zimmermann (eds), <i>[http://www.loc.gov/rr/frd/Military_Law/pdf/Commentary_GC_Protocols.pdf Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949]</i> (ICRC 1987), 633–34 paras 2007–08.</ref> On this view, cyber operations against data do not fall within the ambit of the relevant rules of IHL unless the operation in question results in some physical effect and/or a loss of functionality of the target system.<ref>[https://0-doi-org.lib.exeter.ac.uk/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, para 6.</ref>
+
Two main views have emerged in this regard. Some experts consider the notion “object” to be limited to something with physical properties that is visible and tangible in the real world.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, paras 5–6 (noting that the majority of experts considered that due to it being intangible, data does not fall within the ordinary meaning of the term object, which is “something visible and tangible”) (internal quotation marks deleted); but see Michael N Schmitt, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=83 The Notion of ‘Objects’ during Cyber Operations: A Riposte in Defence of Interpretive and Applicative Precision]’ (2015) 48 IsrLR 81, 93 (noting that although the “visible and tangible” criterion influenced the Tallinn Manual experts’ deliberations, it was not dispositive).</ref> This view rests on a textual interpretation of the term “object” and finds further support in the 1987 ICRC commentary to the Additional Protocols.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, para 5 (“An ‘object’ is characterised in the ICRC Additional Protocols 1987 Commentary as something ‘visible and tangible’.”), citing Yves Sandoz, Christophe Swinarski and Bruno Zimmermann (eds), <i>[http://www.loc.gov/rr/frd/Military_Law/pdf/Commentary_GC_Protocols.pdf Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949]</i> (ICRC 1987), 633–34 paras 2007–08.</ref> According to this view, cyber operations against data do not fall within the ambit of the relevant rules of IHL unless the operation in question results in some physical effect and/or a loss of functionality of the target system or network.<ref>[https://0-doi-org.lib.exeter.ac.uk/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, para 6.</ref>
   
On the other hand, other experts view data as falling within the notion of “object” under IHL. They consider that the remarks on visibility and tangibility in the ICRC commentary were meant to distinguish between concrete things (for instance, a bridge) and abstract notions (for instance, civilian morale).<ref>Heather A Harrison Dinniss, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=41 The Nature of Objects: Targeting Networks and the Challenge of Defining Cyber Military Objectives]’ (2015) 48 IsrLR 39, 44; Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 67–68.</ref> Accordingly, data are analogous to the former category of concrete things because they are likewise susceptible to being attacked and destroyed.<ref>Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 73.</ref> This interpretation brings civilian datasets within the protection of IHL, thus fostering a central value of IHL, namely, the protection of civilians and civilian objects.<ref>Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 77–80; see also [https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], rule 100, para 7 (criticizing the majority position for “running counter to the principle … that the civilian population enjoys general protection from the effects of hostilities”).</ref> Given that, on this view, data qualifies as an “object”, cyber operations against data must, unless a specific exception can be identified, be justified by reference to the definition of military objectives.
+
Alternatively, other experts view data as falling within the notion of “object” under IHL. They consider that the remarks on visibility and tangibility in the ICRC commentary were meant to distinguish between concrete things (for instance, a bridge) and abstract notions (for instance, civilian morale).<ref>Heather A Harrison Dinniss, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=41 The Nature of Objects: Targeting Networks and the Challenge of Defining Cyber Military Objectives]’ (2015) 48 IsrLR 39, 44; Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 67–68.</ref> Accordingly, data is analogous to the former category of concrete things because it is likewise susceptible to being attacked and destroyed.<ref>Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 73.</ref> As a result, data will be either a military objective or a civilian object; if the latter, it remains protected from attack and from excessive incidental harm, in accordance with IHL’s central value of protection of civilians and civilian objects.<ref>Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 77–80; see also [https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], rule 100, para 7 (criticizing the majority position for “running counter to the principle … that the civilian population enjoys general protection from the effects of hostilities”).</ref> According to this view, cyber operations against data do trigger the IHL rules of distinction and military objectives and any cyber operation against data that constitutes an attack may only be directed against data that meets the definition of military objective.
 
|}<section end=Data />
 
|}<section end=Data />
   

Revision as of 14:53, 25 January 2019

Definition of military objectives

Military objectives

The principle of distinction, one of the foundational precepts of IHL, requires that the parties to an armed conflict must at all times distinguish between civilian objects and military objectives and may, accordingly, only direct their operations against military objectives.[1] The customary definition of military objectives is found in Article 52(2) of Additional Protocol I:

In so far as objects are concerned, military objectives are limited to those objects which by their nature, location, purpose or use make an effective contribution to military action and whose total or partial destruction, capture or neutralization, in the circumstances ruling at the time, offers a definite military advantage.

The formal scope of application of the Protocol is limited to international armed conflicts (IACs).[2] However, an identical definition of military objectives is found in treaties applicable in non-international armed conflicts (NIACs).[3] Moreover, certain non-party States to the Protocol accept the customary nature of the definition.[4] Accordingly, the ICRC has characterized the definition of military objectives as a norm of customary international law applicable in both IACs and NIACs.[5]

Relevant rules of IHL apply to kinetic operations as well as to cyber operations.[6]

Qualification of data as a military objective under IHL

Data as a military objective
The definition of military objectives and the prohibition of attacks on civilian objects are limited to “objects”. If the target of a cyber operation is not an “object”, then actions against it are not constrained by the rules of IHL that govern targeting. It is therefore of crucial importance whether data may qualify as an “object” and therefore be either a military objective subject to attack or a civilian object protected from attack, particularly with respect to cyber operations that do not result in a physical effect. If data does not qualify as an “object”, civilian datasets would enjoy little if any protection in times of armed conflict.

Two main views have emerged in this regard. Some experts consider the notion “object” to be limited to something with physical properties that is visible and tangible in the real world.[7] This view rests on a textual interpretation of the term “object” and finds further support in the 1987 ICRC commentary to the Additional Protocols.[8] According to this view, cyber operations against data do not fall within the ambit of the relevant rules of IHL unless the operation in question results in some physical effect and/or a loss of functionality of the target system or network.[9]

Alternatively, other experts view data as falling within the notion of “object” under IHL. They consider that the remarks on visibility and tangibility in the ICRC commentary were meant to distinguish between concrete things (for instance, a bridge) and abstract notions (for instance, civilian morale).[10] Accordingly, data is analogous to the former category of concrete things because it is likewise susceptible to being attacked and destroyed.[11] As a result, data will be either a military objective or a civilian object; if the latter, it remains protected from attack and from excessive incidental harm, in accordance with IHL’s central value of protection of civilians and civilian objects.[12] According to this view, cyber operations against data do trigger the IHL rules of distinction and military objectives and any cyber operation against data that constitutes an attack may only be directed against data that meets the definition of military objective.

Appendixes

See also

Notes and references

  1. Art 48 AP I; ICRC CIHL Study, rule 7.
  2. Art 1 AP I.
  3. See, eg, Amended Protocol II to the CCW, Article 2(6); Second Protocol to the Hague Convention for the Protection of Cultural Property, Article 1(f).
  4. See, eg, Brian Egan, Legal Adviser, Department of State, “Remarks to the American Society of International Law: International Law, Legal Diplomacy, and the Counter-ISIL Campaign” (1 April 2016), 242 (“In particular, I’d like to spend a few minutes walking through some of the targeting rules that the United States regards as customary international law applicable to all parties in a NIAC: … Insofar as objects are concerned, military objectives are those objects which by their nature, location, purpose or use make an effective contribution to military action and whose total or partial destruction, capture or neutralization, in the circumstances ruling at the time, offers a definite military advantage.”).
  5. ICRC CIHL Study, rule 8.
  6. Tallinn Manual 2.0, rule 80 (“Cyber operations executed in the context of an armed conflict are subject to the law of armed conflict.”).
  7. Tallinn Manual 2.0, commentary to rule 100, paras 5–6 (noting that the majority of experts considered that due to it being intangible, data does not fall within the ordinary meaning of the term object, which is “something visible and tangible”) (internal quotation marks deleted); but see Michael N Schmitt, ‘The Notion of ‘Objects’ during Cyber Operations: A Riposte in Defence of Interpretive and Applicative Precision’ (2015) 48 IsrLR 81, 93 (noting that although the “visible and tangible” criterion influenced the Tallinn Manual experts’ deliberations, it was not dispositive).
  8. Tallinn Manual 2.0, commentary to rule 100, para 5 (“An ‘object’ is characterised in the ICRC Additional Protocols 1987 Commentary as something ‘visible and tangible’.”), citing Yves Sandoz, Christophe Swinarski and Bruno Zimmermann (eds), Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949 (ICRC 1987), 633–34 paras 2007–08.
  9. Tallinn Manual 2.0, commentary to rule 100, para 6.
  10. Heather A Harrison Dinniss, ‘The Nature of Objects: Targeting Networks and the Challenge of Defining Cyber Military Objectives’ (2015) 48 IsrLR 39, 44; Kubo Mačák, ‘Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law’ (2015) 48 IsrLR 55, 67–68.
  11. Kubo Mačák, ‘Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law’ (2015) 48 IsrLR 55, 73.
  12. Kubo Mačák, ‘Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law’ (2015) 48 IsrLR 55, 77–80; see also Tallinn Manual 2.0, rule 100, para 7 (criticizing the majority position for “running counter to the principle … that the civilian population enjoys general protection from the effects of hostilities”).

Bibliography and further reading