Editing National position of Estonia (2021)

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 2: Line 2:
 
This is the national position of Estonia on international law applicable to cyberspace. The position<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021.]</ref> has been submitted by Estonia and included within the official UNGGE compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States.<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021.]</ref> The compendium has been publicly released in August 2021.<ref>[https://www.un.org/disarmament/group-of-governmental-experts/ UNODA, Group of Governmental Experts on Advancing responsible State behaviour in cyberspace in the context of international security]</ref>
 
This is the national position of Estonia on international law applicable to cyberspace. The position<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021.]</ref> has been submitted by Estonia and included within the official UNGGE compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States.<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021.]</ref> The compendium has been publicly released in August 2021.<ref>[https://www.un.org/disarmament/group-of-governmental-experts/ UNODA, Group of Governmental Experts on Advancing responsible State behaviour in cyberspace in the context of international security]</ref>
   
==[[Applicability of international law]]==
+
==Applicability of international law==
<section begin=EE_2021 applicability />
 
 
"Estonia reiterates that existing international law applies in cyberspace. The rights and obligations set out in international law, including the UN Charter in its entirety, customary international law, international humanitarian and human rights law, apply to the use of ICTs by states. This means that international law applies to relations between states in cyberspace as it does in conventional domains of state interaction. To promote peace and stability in cyberspace and prevent conflict, it is necessary to have clear rules of responsible state behaviour in place.
 
"Estonia reiterates that existing international law applies in cyberspace. The rights and obligations set out in international law, including the UN Charter in its entirety, customary international law, international humanitarian and human rights law, apply to the use of ICTs by states. This means that international law applies to relations between states in cyberspace as it does in conventional domains of state interaction. To promote peace and stability in cyberspace and prevent conflict, it is necessary to have clear rules of responsible state behaviour in place.
   
Line 10: Line 9:
 
States should strive to deepen a common understanding of how international law applies in cyberspace, alongside its possible implications and legal consequences. It is important to analyse how existing rules apply before discussing the need for any new agreement. Estonia sees notions for a new legally binding instrument as premature. From our perspective, current legal measures are sufficient to offer guidance on responsible state behaviour in cyberspace.
 
States should strive to deepen a common understanding of how international law applies in cyberspace, alongside its possible implications and legal consequences. It is important to analyse how existing rules apply before discussing the need for any new agreement. Estonia sees notions for a new legally binding instrument as premature. From our perspective, current legal measures are sufficient to offer guidance on responsible state behaviour in cyberspace.
   
The 2013 and 2015 GGEs made substantive progress in terms of discussions on relevant legal rules and principles. In order to maintain peace and stability and promote an open, secure, peaceful and accessible cyberspace, we reiterate the following non-exhaustive elements: international law, including the UN Charter in its entirety, applies to state conduct in cyberspace, noting the principles of humanity, necessity, proportionality and distinction as well as respect for human rights and fundamental freedoms; states must meet their international obligations regarding internationally wrongful acts attributable to them under international law; states must not use proxies to commit internationally wrongful acts using ICTs, and should seek to ensure that their territory is not used by non-state actors to commit such acts; states must observe, among other principles of international law, sovereignty, sovereign equality, the settlement of disputes by peaceful means and non-intervention in the internal affairs of other States; the inherent right of States to take measures consistent with international law and as recognized in the Charter."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 23-24.</ref><section end=EE_2021 applicability />
+
The 2013 and 2015 GGEs made substantive progress in terms of discussions on relevant legal rules and principles. In order to maintain peace and stability and promote an open, secure, peaceful and accessible cyberspace, we reiterate the following non-exhaustive elements: international law, including the UN Charter in its entirety, applies to state conduct in cyberspace, noting the principles of humanity, necessity, proportionality and distinction as well as respect for human rights and fundamental freedoms; states must meet their international obligations regarding internationally wrongful acts attributable to them under international law; states must not use proxies to commit internationally wrongful acts using ICTs, and should seek to ensure that their territory is not used by non-state actors to commit such acts; states must observe, among other principles of international law, sovereignty, sovereign equality, the settlement of disputes by peaceful means and non-intervention in the internal affairs of other States; the inherent right of States to take measures consistent with international law and as recognized in the Charter."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 23-24.</ref>
   
==[[Sovereignty]]==
+
==Sovereignty==
 
<section begin=EE_2021 sovereignty />
 
<section begin=EE_2021 sovereignty />
 
{| class="wikitable"
 
{| class="wikitable"
Line 26: Line 25:
 
The violation of sovereignty through cyber means can breach international law, and therefore may give the victim state the right to take measures, including countermeasures. Views on what constitutes a breach of sovereignty in cyberspace differ. Malicious cyber operations can be complex, cross several jurisdictions and may not always produce physical effects on targeted infrastructure."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 24-25.</ref><section end=EE_2021 sovereignty />
 
The violation of sovereignty through cyber means can breach international law, and therefore may give the victim state the right to take measures, including countermeasures. Views on what constitutes a breach of sovereignty in cyberspace differ. Malicious cyber operations can be complex, cross several jurisdictions and may not always produce physical effects on targeted infrastructure."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 24-25.</ref><section end=EE_2021 sovereignty />
   
==[[Prohibition of intervention]]==
+
==Prohibition of intervention==
 
<section begin=EE_2021 prohibition of intervention />
 
<section begin=EE_2021 prohibition of intervention />
 
{| class="wikitable"
 
{| class="wikitable"
Line 38: Line 37:
 
When discussing if a cyber operation constitutes an unlawful intervention into the external or internal affairs of another state, the element of coercion is a key factor. The possibility for a cyber operation to constitute an unlawful intervention in the functions that form a part of a state’s domaine réservé has found acceptance among states, including Estonia, especially regarding the rights and obligations deriving from the principle of state sovereignty. States’ domaine réservé according to the ICJ includes the “choice of a political, economic, social, and cultural system, and the formulation of foreign policy.” Stemming from that, cyber operations that aim to force another nation to act in an involuntary manner or to refrain from acting in a certain manner, and target the other nation’s domaine réservé (e.g. national democratic processes such as elections, or military, security or critical infrastructure systems) could constitute such an intervention."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 25.</ref><section end=EE_2021 prohibition of intervention />
 
When discussing if a cyber operation constitutes an unlawful intervention into the external or internal affairs of another state, the element of coercion is a key factor. The possibility for a cyber operation to constitute an unlawful intervention in the functions that form a part of a state’s domaine réservé has found acceptance among states, including Estonia, especially regarding the rights and obligations deriving from the principle of state sovereignty. States’ domaine réservé according to the ICJ includes the “choice of a political, economic, social, and cultural system, and the formulation of foreign policy.” Stemming from that, cyber operations that aim to force another nation to act in an involuntary manner or to refrain from acting in a certain manner, and target the other nation’s domaine réservé (e.g. national democratic processes such as elections, or military, security or critical infrastructure systems) could constitute such an intervention."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 25.</ref><section end=EE_2021 prohibition of intervention />
   
==[[Use of force]]==
+
==Use of force==
 
<section begin=EE_2021 use of force />
 
<section begin=EE_2021 use of force />
 
{| class="wikitable"
 
{| class="wikitable"
Line 52: Line 51:
 
A cyber operation that targets critical infrastructure and results in serious damage, injury or death, or a threat of such an operation, would be an example of use of force."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 25-26.</ref><section end=EE_2021 use of force />
 
A cyber operation that targets critical infrastructure and results in serious damage, injury or death, or a threat of such an operation, would be an example of use of force."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 25-26.</ref><section end=EE_2021 use of force />
   
==[[Due diligence]]==
+
==Due diligence==
 
<section begin=EE_2021 due diligence />
 
<section begin=EE_2021 due diligence />
 
{| class="wikitable"
 
{| class="wikitable"
Line 66: Line 65:
 
Estonia is at the position that the obligation of due diligence requires consideration of the technical, political and legal capacities of a state. In addition, due diligence is related to taking action by applying all lawful and feasible measures in order to halt an ongoing malicious cyber operation. States should strive to develop means to offer support, when requested by the injured state, to identify or attribute malicious cyber operations. These actions could for example include warning, cooperating and sharing relevant data pertaining to an incident, investigating the incident and prosecuting the perpetrators, assisting the victim state(s) or accepting assistance. The necessary measures depend on the incident and are applied on a case-by-case basis."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 26.</ref><section end=EE_2021 due diligence />
 
Estonia is at the position that the obligation of due diligence requires consideration of the technical, political and legal capacities of a state. In addition, due diligence is related to taking action by applying all lawful and feasible measures in order to halt an ongoing malicious cyber operation. States should strive to develop means to offer support, when requested by the injured state, to identify or attribute malicious cyber operations. These actions could for example include warning, cooperating and sharing relevant data pertaining to an incident, investigating the incident and prosecuting the perpetrators, assisting the victim state(s) or accepting assistance. The necessary measures depend on the incident and are applied on a case-by-case basis."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 26.</ref><section end=EE_2021 due diligence />
   
==[[International humanitarian law (jus in bello)|International humanitarian law (''jus in bello'')]]==
+
==International humanitarian law (''jus in bello'')==
 
<section begin=EE_2021 IHL />
 
<section begin=EE_2021 IHL />
 
{| class="wikitable"
 
{| class="wikitable"
Line 80: Line 79:
 
Armed conflicts today and in the future may involve offensive cyber capabilities. Therefore, it is vital that the use of such capabilities would be subject to obligations deriving from international humanitarian law, including taking into account such considerations as humanity, necessity, proportionality and distinction.<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 26-27.</ref><section end=EE_2021 IHL />
 
Armed conflicts today and in the future may involve offensive cyber capabilities. Therefore, it is vital that the use of such capabilities would be subject to obligations deriving from international humanitarian law, including taking into account such considerations as humanity, necessity, proportionality and distinction.<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 26-27.</ref><section end=EE_2021 IHL />
   
==[[International human rights law]]==
+
==International human rights law==
 
<section begin=EE_2021 international human rights law />
 
<section begin=EE_2021 international human rights law />
 
{| class="wikitable"
 
{| class="wikitable"
Line 98: Line 97:
 
Public authorities have a duty to respect and protect the freedom of expression and the freedom to seek, receive and impart information. Estonia is a proponent of transparency in government processes – transparency is essential in order for citizens to be able to trust the e-services provided to them. In addition, the development of e-government solutions in the public sector has to go hand in hand with safeguarding the privacy of citizens and the security of their data.<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 27.</ref><section end=EE_2021 international human rights law />
 
Public authorities have a duty to respect and protect the freedom of expression and the freedom to seek, receive and impart information. Estonia is a proponent of transparency in government processes – transparency is essential in order for citizens to be able to trust the e-services provided to them. In addition, the development of e-government solutions in the public sector has to go hand in hand with safeguarding the privacy of citizens and the security of their data.<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 27.</ref><section end=EE_2021 international human rights law />
   
==[[State responsibility]]==
+
==State responsibility==
 
<section begin=EE_2021 state responsibility />
 
<section begin=EE_2021 state responsibility />
 
{| class="wikitable"
 
{| class="wikitable"
Line 114: Line 113:
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref><section end=EE_2021 state responsibility />
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref><section end=EE_2021 state responsibility />
   
==[[Attribution]]==
+
==Attribution==
 
<section begin=EE_2021 attribution />
 
<section begin=EE_2021 attribution />
 
{| class="wikitable"
 
{| class="wikitable"
Line 130: Line 129:
 
Attribution is closely related to the availability of information of the malicious cyber operation. Following the various necessary assessments, public statements on attribution can be made, with the aim of increasing accountability in cyberspace and emphasising the importance of adhering to international law obligations and norms of responsible state behaviour."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref><section end=EE_2021 attribution />
 
Attribution is closely related to the availability of information of the malicious cyber operation. Following the various necessary assessments, public statements on attribution can be made, with the aim of increasing accountability in cyberspace and emphasising the importance of adhering to international law obligations and norms of responsible state behaviour."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref><section end=EE_2021 attribution />
   
==[[Peaceful settlement of disputes]]==
+
==Peaceful settlement of disputes==
 
<section begin=EE_2021 peaceful settlement of disputes />
 
<section begin=EE_2021 peaceful settlement of disputes />
 
{| class="wikitable"
 
{| class="wikitable"
Line 144: Line 143:
 
The obligation to seek peaceful settlement of disputes does not preclude a state’s inherent right for self-defence in response to an armed attack, the right for taking lawful countermeasures, or other lawful action."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 29.</ref><section end=EE_2021 peaceful settlement of disputes />
 
The obligation to seek peaceful settlement of disputes does not preclude a state’s inherent right for self-defence in response to an armed attack, the right for taking lawful countermeasures, or other lawful action."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 29.</ref><section end=EE_2021 peaceful settlement of disputes />
   
==[[Retorsion]]==
+
==Retorsion==
 
<section begin=EE_2021 retorsion />
 
<section begin=EE_2021 retorsion />
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref>
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref>
Line 158: Line 157:
 
These measures could, for example include the expulsion of diplomats or applying restrictive measures to officials of a third country such as asset freezes or travel bans. One example of such a mechanism would be the European Union’s cyber sanctions regime and cyber diplomacy toolbox, which offer an array of measures that could be taken as a response to malicious cyber operations."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 29.</ref><section end=EE_2021 retorsion />
 
These measures could, for example include the expulsion of diplomats or applying restrictive measures to officials of a third country such as asset freezes or travel bans. One example of such a mechanism would be the European Union’s cyber sanctions regime and cyber diplomacy toolbox, which offer an array of measures that could be taken as a response to malicious cyber operations."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 29.</ref><section end=EE_2021 retorsion />
   
==[[Countermeasures]]==
+
==Countermeasures==
 
<section begin=EE_2021 countermeasures />
 
<section begin=EE_2021 countermeasures />
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref>
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref>
Line 172: Line 171:
 
In order to take countermeasures in response to a malicious cyber operation violating international law, the operation in question must have been attributed to a state."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 29-30.</ref><section end=EE_2021 countermeasures />
 
In order to take countermeasures in response to a malicious cyber operation violating international law, the operation in question must have been attributed to a state."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 29-30.</ref><section end=EE_2021 countermeasures />
   
==[[Self-defence|Self-defence, armed attack and use of force]]==
+
==Self-defence, armed attack and use of force==
 
<section begin=EE_2021 self-defence, armed attack and use of force />
 
<section begin=EE_2021 self-defence, armed attack and use of force />
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref>
 
"In order to enforce state responsibility, states maintain all rights to respond to malicious cyber operations in accordance with international law. If a cyber operation is unfriendly or violates international law obligations, injured states have the right to take measures such as retorsions, countermeasures or, in case of an armed attack, the right to self-defence. These measures can be either individual or collective. The main aim of reactive measures in response to a malicious cyber operation is to ensure responsible state behaviour in cyberspace and the peaceful use of ICTs."<ref>[https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021], 28.</ref>
Please note that all contributions to International cyber law: interactive toolkit are considered to be released under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) (see International cyber law: interactive toolkit:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!
Cancel Editing help (opens in new window)