Editing Scenario 12: Cyber operations against computer data

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
  +
[[File:Data2.jpg|thumb|]]<!-- Photo free for commercial use, no attribution required, CC0 creative commons source: https://pixabay.com/en/code-html-digital-coding-web-1076536/ -->
[[File:Data2.jpg|thumb|© pinkeyes. Licensed from Shutterstock.]]
 
In the context of an armed conflict, one belligerent conducts a series of cyber operations against the datasets associated with the other belligerent. These include data used for military purposes, essential civilian datasets, and data serving the enemy’s propaganda. The analysis in this scenario considers the lawfulness of cyber operations designed to corrupt or delete various types of datasets under the law of armed conflict. It particularly focusses on the question whether data qualifies as an “object” for the purposes of the law of armed conflict and whether, as such, it comes within the definition of a military objective.
+
In the context of an armed conflict, one belligerent conducts a series of cyber operations against the datasets associated with the other belligerent. These include data used for military purposes, essential civilian datasets, and data serving the enemy’s propaganda. Analysis in this scenario considers the lawfulness of destruction of various types of datasets under the law of armed conflict. It particularly focusses on the question whether data qualifies as an “object” for the purposes of the law of armed conflict and whether, as such, it comes within the definition of a military objective.
   
 
== Scenario ==
 
== Scenario ==
Line 8: Line 8:
   
 
=== Facts ===
 
=== Facts ===
'''[F1]''' State A is involved in a non-international armed conflict against organized armed group G based in its territory. In addition to kinetic hostilities between the two belligerent parties, armed group G conducts a series of cyber operations as part of its military efforts (these are referred to below as incidents 1, 2, and 3):
+
State A is involved in a non-international armed conflict against organized armed group G based in its territory. In addition to kinetic hostilities between the two belligerent parties, armed group G conducts a series of cyber operations as part of its military efforts:
# Armed group G conducts a cyber operation against data stored in the computer network at State A’s central military command. The operation results in the deletion or corruption of all data stored in the network, which contained the identity, location, physical condition, staffing, and battle readiness of State A’s warships and military aircraft.
+
# Armed group G conducts a cyber operation against the computer network at State A’s central military command. The operation results in the destruction of all data stored in the network, which contained the identity, location, physical condition, staffing, and battle readiness of State A’s warships and military aircrafts.
# Armed group G conducts a cyber operation against data held by State A’s central registry office, a governmental authority maintaining digital records on all State A’s citizens concerning non-military purposes, including census taking, the provision of social benefits, voting, and taxation. The operation results in the deletion of all data held by the office.
+
# Armed group G conducts a cyber operation against State A’s central registry office, a governmental authority maintaining digital records on all State A’s citizens concerning non-military purposes, including census taking, the provision of social benefits, voting, and taxation. The operation results in the destruction of all data held by the office.
# Armed group G conducts a cyber operation against data stored on the servers of State A’s main press agency. As a result of the operation, all data on the servers of the press agency are deleted and its websites are populated instead with videos and texts calling on the supporters of the regime to resign and defect to the insurgents’ side.
+
# Armed group G conducts a cyber operation against State A’s main press agency. As a result of the operation, all data on the servers of the press agency are destroyed and its websites are populated instead with videos and texts calling on the supporters of the regime to resign and defect to the insurgents’ side.
   
 
=== Examples ===
 
=== Examples ===
* [[NotPetya (2017)]]
+
* [[NotPetya (mock ransomware)]] (2017)
* [[Operation Glowing Symphony (2016)]]
 
   
 
== Legal analysis ==
 
== Legal analysis ==
''For a general overview of the structure of analysis in this section, see [[Note on the structure of articles]].''
 
   
'''[L1]''' The legal analysis first considers whether the definition of military objectives under IHL applies to the situation described in the scenario. It then examines whether computer data qualifies as an “object” under IHL and whether operations against data must therefore be assessed with reference to the elements of that definition. The analysis outlines the two main approaches to that question and notes the extent to which the law is unsettled.
 
 
=== Cyber operations during armed conflicts and the legal definition of military objectives ===
 
=== Cyber operations during armed conflicts and the legal definition of military objectives ===
 
{{#lst:Military objectives|Definition}}
 
{{#lst:Military objectives|Definition}}
'''[L2]''' The central legal issue in the present scenario is whether the deletion or corruption of the specific types of data identified in incidents 1–3 would be lawful under IHL. The present scenario occurs in the context of a NIAC between State A’s government forces and organized armed group G. In accordance with the principle of distinction, only military objectives may be targeted during armed conflict. The definition of military objectives applies in the same manner in an IAC as in a NIAC, for the reasons detailed above. It would thus equally apply to cyber operations executed in the context of the armed conflict between State A and armed group G. Determining the lawfulness of these operations in the present scenario turns predominantly on the question whether data can be considered a military objective.
+
The present scenario takes place in the context of a NIAC between State A’s governmental forces and organized armed group G. However, as far as the definition of military objectives is concerned, the same analysis would apply also in an IAC, for the reasons detailed above. The definition applies in principle also to cyber operations executed in the context of the armed conflict to which State A and armed group G are parties. However, the central legal issue in this scenario lies in the question whether the destruction of the specific types of data in incidents 1–3 would be lawful under IHL. This turns predominantly on the question whether cyber operations against data during an armed conflict must be justified vis-à-vis the definition of military objectives.
   
 
=== Qualification of data as a military objective under IHL ===
 
=== Qualification of data as a military objective under IHL ===
 
{{#lst:Military objectives|Data}}
 
{{#lst:Military objectives|Data}}
'''[L3]''' The incidents in this scenario serve to highlight the differences between the two main approaches described above.
+
Incidents in this scenario serve to highlight the differences between the two main approaches described above.
 
 
'''[L4]''' Firstly, for those who hold the view that data are not an “object” for the purposes of IHL, there is little difference between all three incidents. According to that view, because data is not an object, cyber operations directed against the data are not governed by the IHL rules regulating targeting, which include the definition of military objectives. Consequently, for those who hold this view, the deleting or corrupting any of the three datasets would be lawful—at least as regards the IHL rule of distinction. In other words, none of the operations conducted by armed group G in incidents 1–3 would amount to a violation of the rule of distinction. Instead, the legality of the manipulation of the data would be considered in light of other rules applying to military operations in general, such as the duty to take “constant care” to “spare the civilian population, civilians and civilian objects”.<ref>Art 57(1) [https://ihl-databases.icrc.org/ihl/INTRO/470 AP I].</ref>
+
For those who hold the view that data are not an “object” for the purposes of IHL, there is little difference between all three incidents. According to that view, because data is not an object, attacks against the relevant datasets do not need to be justified by reference to the definition of military objectives. Consequently, for those who hold this view, the destruction of all three datasets would be lawful under IHL. In other words, none of the operations conducted by armed group G in incidents 1–3 would amount to a violation of IHL. It should be noted that, particularly with regard to incident 2, this interpretation amounts to condoning an operation that is “extraordinarily disruptive to civilian life”,<ref>MN Schmitt, ‘International Cyber Norms: Reflections on the Path Ahead’ (2018) 111 Netherlands’ Military Law Review 12, 17.</ref> so much so that if the same effect was brought about through kinetic means, it would qualify as a war crime in IACs<ref>See Rome Statute, Art. 8(2)(b)(ii).</ref> and possibly also in NIACs.<ref>Cf. N Zamir, ‘Distinction Matters: Rethinking the Protection of Civilian Objects in Non-International Armed Conflicts’ (2015) 48 Isr Law Rev 111, 117–18.</ref>
   
'''[L5]''' On the second view, according to which data may be an “object” under IHL, the lawfulness of the relevant operations would have to be assessed with reference to the elements of the definition of military objectives. In this regard, the data targeted in incident 1 would likely qualify as a legitimate target of attack under IHL. This is because datasets stored in a military network and consisting of information on military assets belonging to the adversary are inherently military in nature. In addition, these datasets “contribute to the execution of the enemy’s operations or otherwise directly support the military activities of the enemy”.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, para 15.</ref> As such, they make an effective contribution to the adversary’s military action by their nature, fulfilling the first prong of the definition under Article 52(2) AP I.<ref>Yoram Dinstein (ed), ''[https://doi.org/10.1017/CBO9781316389591 The Conduct of Hostilities under the Law of International Armed Conflict]'' (3rd edn, CUP 2016) 110-11 [295-96].</ref>
+
On the second view, according to which data may be an “object” under IHL, the lawfulness of the relevant operations would have to be assessed with reference to the requirements imposed by the definition of military objectives. In this regard, incident 1 would likely qualify as lawful under IHL. This is because datasets stored in a military network and consisting of information on military assets belonging to the adversary are inherently military in nature. In addition, these datasets “contribute to the execution of the enemy’s operations or otherwise directly support the military activities of the enemy”.<ref>Tallinn Manual 2.0, commentary to rule 100, para. 15.</ref> As such, they make an effective contribution to the adversary’s military action by their nature, fulfilling the first prong of the definition under Article 52(2) AP I.<ref><!--[ADD REF] ICRC COMMENTARY AROUND PARA 2020--></ref>
   
'''[L6]''' By denying the government armed forces immediate access to the information about their own military assets, the insurgents impede the government’s military action, likely forcing State A’s armed forces to allocate resources towards the restoration of the lost information and away from the military operations. The destruction of the data would thus offer a definite military advantage “in the circumstances ruling at the time”, satisfying the second prong of the definition under Article 52(2) AP I.<ref>Yoram Dinstein (ed), ''[https://doi.org/10.1017/CBO9781316389591 The Conduct of Hostilities under the Law of International Armed Conflict]'' (3rd edn, CUP 2016) 106-09 [284-91].</ref>
+
By denying the governmental armed forces immediate access to the information about their own military assets, the insurgents impede the military action of the government. State A’s armed forces will likely have to allocate resources towards the restoration of the lost information, thus potentially creating a window of opportunity for the rebels. Should this be the case “in the circumstances ruling at the time”, as prescribed by Article 52(2) AP I, the second prong of the definition under that provision would also be met.
   
'''[L7]''' In contrast, the data targeted by the cyber operation in incident 2 would likely be a civilian object and therefore not liable to attack in accordance with IHL. Datasets used and kept for strictly non-military purposes only do not meet the definition of military objective: they do not make an effective contribution to military action by nature, location, purpose or use. As civilian objects, they are therefore are protected from attack during armed conflict. As noted, this analysis fosters the protection of essential civilian datasets and, consequently, it aligns with the object and purpose of the relevant legal norms.<ref>Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55, 77–80.</ref>
+
By contrast, the cyber operation at the basis of incident 2 would likely be prohibited under IHL. This is because datasets used and kept for strictly non-military purposes only cannot be described as making an effective contribution to military action. As such, they do not qualify as military objectives under IHL and they must therefore be seen as civilian objects, which are protected from being attacked during armed conflict. As noted, this analysis fosters the protection of essential civilian datasets and, consequently, it aligns with the object and purpose of the relevant legal norms.<ref><!--[ADD REF]--></ref>
   
'''[L8]''' Incident 3 is the most complex of the analysed operations. Ordinarily, the activities of a civilian press agency, even if operated by the government in the context of an ongoing NIAC, do not contribute towards any belligerent’s military action. Exceptionally, specific media reports might effectively contribute to the enemy’s operational picture, and as such, depriving the enemy of them might offer a definite military advantage.<ref>[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0], commentary to rule 100, para 29.</ref> Accordingly, in these exceptional situations, the data containing such reports would qualify as a legitimate military objective. However, the deletion of <i>all</i> data belonging to a press agency and its replacement with the insurgents’ propaganda would most likely go beyond such a narrow goal and therefore, the cyber operation would appear to be a case of unlawful targeting of a protected civilian object.
+
Incident 3 is the most complex of the analysed operations. Ordinarily, the activities of a civilian press agency, even if operated by the government in the context of an ongoing NIAC, do not contribute towards any belligerent’s military action. Exceptionally, specific media reports might effectively contribute to the enemy’s operational picture, and as such, depriving the enemy of them might offer a definite military advantage.<ref>Tallinn Manual 2.0, commentary to rule 100, para. 29.</ref> Accordingly, in these exceptional situations, the data containing such reports would qualify as a legitimate military objective. However, the deletion of <i>all</i> data belonging to a press agency and its replacement with the insurgents’ propaganda would most likely go beyond such a narrow goal and therefore, the cyber operation would appear to be a case of unlawful targeting of a protected civilian object.
   
'''[L9]''' However, it has been suggested that this prima facie conclusion is difficult to square with the fact that States frequently engage in psychological operations, which may include cyber operations of this kind.<ref>Michael N. Schmitt, ‘[https://puc.overheid.nl/mrt/doc/PUC_248137_11/ International Cyber Norms: Reflections on the Path Ahead]’ (2018) 111 Netherlands’ Military Law Review 12, 16–17.</ref> On that basis, the view interpreting data as an “object” under IHL has been described as “over inclusive”.<ref>Michael Schmitt, ‘[https://puc.overheid.nl/mrt/doc/PUC_248137_11/ International Cyber Norms: Reflections on the Path Ahead]’ (2018) 111 Netherlands’ Military Law Review 12, 17.</ref> Nevertheless, a possible response to such criticism is that through the longstanding, general, and unopposed practice of States, a permissive norm of customary law has emerged, which specifically permits psychological operations and dissemination of propaganda directed at the civilian population, as long as such operations do not violate any other applicable rule of IHL.<ref>For instance, it is impermissible to direct an attack against a media outlet such as a TV station merely on the basis that the outlet was used to spread propaganda. The destruction of the TV station in such circumstances would not offer the “concrete and direct” military advantage required by IHL for it to qualify as a military objective. Accordingly, attacking media outlets by reference to their propaganda purpose alone is contrary to IHL. See ICTY, [https://www.icty.org/x/file/Press/nato061300.pdf Final Report to the Prosecutor by the Committee Established to Review the NATO Bombing Campaign Against the Federal Republic of Yugoslavia] (2000) ILM 1257, para. 76.</ref> On the basis of this interpretation, the cyber operation against the data held by State A’s press agency in incident 3 qualifies as permitted under IHL, even if the starting point of the analysis is that data constitute an “object” for the purposes of IHL.
+
However, it is difficult to square this prima facie conclusion with the fact that States frequently engage in psychological operations of this kind.<ref>MN Schmitt, ‘International Cyber Norms: Reflections on the Path Ahead’ (2018) 111 Netherlands’ Military Law Review 12, 16–17.</ref> This may be perceived as a sign that the view interpreting data as an “object” under IHL is “over inclusive”.<ref>MN Schmitt, ‘International Cyber Norms: Reflections on the Path Ahead’ (2018) 111 Netherlands’ Military Law Review 12, 17.</ref> Nevertheless, a better view is that through the longstanding, general, and unopposed practice of States, a permissive norm of customary law has emerged, which specifically permits psychological operations and dissemination of propaganda directed at the civilian population, irrespective of the means through which such operations may be conducted. On the basis of this interpretation, the cyber operation against State A’s press agency in incident 3 qualifies as permitted under IHL, even if the starting point of the analysis is that data constitute an “object” for the purposes of IHL.
   
 
In sum, the law is unsettled as to the qualification of computer data under the targeting rules of IHL. Accordingly, States’ views aligning with one or the other of the approaches detailed above are needed in order to facilitate legal certainty in this area.<ref>Cf. MN Schmitt and S Watts, ‘The Decline of International Humanitarian Law <i>Opinio Juris</i> and the Law of Cyber Warfare’ (2015) 50 Texas ILJ 189, 230–31 (arguing that States should commit to clear views on IHL regulation of cyber operations); K Mačák, ‘From Cyber Norms to Cyber Rules: Re-engaging States as Law-makers’ (2017) 30 Leiden JIL 877, 896 (arguing that States should be more forthcoming in expressing opinions on the interpretation of existing international law to cyber issues). </ref> In the meantime, the following table serves to highlight the points of difference between the two dominant interpretive approaches:
'''[L10]''' It must be stressed that the analysis above assumed that, in all three incidents, the data was deliberately targeted—i.e., its manipulation was the objective of the operation in question. However, there are at least two types of scenarios where the manipulation of data would be analysed differently, even if such manipulation was regarded as an “attack”. First, it may be that the target of the attack is not the data yet the operation foreseeably results in its incidental manipulation. Second, it may be that the operation in question is not a targeting operation because its objective is not the destruction or neutralization of a certain object but rather something else (for example, gaining access to a system or collecting intelligence about its weaknesses), yet the operation nevertheless foreseeably results in the incidental deletion or corruption of data. In both of these cases, whether the data qualifies as an “object” has no bearing on the permissibility of the attack under the rule of distinction. At the same time, if one takes the position that the data constitutes an “object”, the manipulation must be considered as collateral damage and will therefore have to be assessed and acted upon as the rules on precautions and proportionality require.
 
 
'''[L11]''' In sum, the law is unsettled as to the qualification of computer data under the targeting rules of IHL. Accordingly, States’ views aligning with one or the other of the approaches detailed above are needed in order to facilitate legal certainty in this area.<ref>Cf. Michael N. Schmitt and Sean Watts, ‘[https://heinonline.org/HOL/P?h=hein.journals/tilj50&i=217 The Decline of International Humanitarian Law <i>Opinio Juris</i> and the Law of Cyber Warfare]’ (2015) 50 TexIntlLJ 189, 230–31 (arguing that States should commit to clear views on IHL regulation of cyber operations); Kubo Mačák, ‘[https://doi.org/10.1017/S0922156517000358 From Cyber Norms to Cyber Rules: Re-engaging States as Law-makers]’ (2017) 30 LJIL 877, 896 (arguing that States should be more forthcoming in expressing opinions on the interpretation of existing international law to cyber issues). </ref> In the meantime, the following table serves to highlight the points of difference between the two dominant interpretive approaches:
 
 
{| class="wikitable mw-collapsible"
 
{| class="wikitable mw-collapsible"
 
!
 
!
Line 50: Line 45:
 
|-
 
|-
 
|'''Incident 1 (cyber operations against military datasets)'''
 
|'''Incident 1 (cyber operations against military datasets)'''
| rowspan="3" |Because data is not an “object” for the purposes of IHL, it does not need to fulfil the criteria of a military objective for an operation against it to be lawful under IHL. Accordingly, provided that other applicable rules of IHL are complied with, all of these cyber operations would be permissible under IHL.
+
| rowspan="3" |Because data is not an “object” for the purposes of IHL, it does not need to fulfil the criteria of a military objective for an operation against it to be lawful under IHL. Accordingly, all of these cyber operations are permissible under IHL.
 
|Permissible insofar as the dataset fulfils both prongs of the definition of military objectives
 
|Permissible insofar as the dataset fulfils both prongs of the definition of military objectives
 
|-
 
|-
Line 61: Line 56:
   
 
== Checklist ==
 
== Checklist ==
  +
*
* Does the situation qualify as either an [[international armed conflict]] or a [[non-international armed conflict]]?
 
* Are the rules of targeting applicable to cyber operations?
 
* Is data considered to qualify as an “[[Military objectives#Qualification of data as a military objective under IHL|object]]” for the purposes of IHL?
 
* Does the cyber operation target datasets constituting [[military objectives]] only?
 
* Does the cyber operation target essential civilian datasets?
 
* Does the cyber operation target non-essential civilian datasets?
 
* If the cyber operation is not targeted at the data, yet it foreseeably results in its manipulation, does the manipulation accord with the rules on precautions and proportionality?
 
   
 
== Appendixes ==
 
== Appendixes ==
   
 
=== See also ===
 
=== See also ===
  +
* [[Legal review of cyber weapons]]
 
  +
* [[Attribution]]
 
* [[Military objectives]]
 
* [[Military objectives]]
* [[Scenario 10: Cyber weapons review]]
 
* [[Scenario 13: Cyber operations as a trigger of the law of armed conflict]]
 
   
 
=== Notes and references ===
 
=== Notes and references ===
Line 81: Line 69:
   
 
=== Bibliography and further reading ===
 
=== Bibliography and further reading ===
  +
* [TBC]
* William H Boothby, ''[http://opil.ouplaw.com/view/10.1093/law/9780199696611.001.0001/law-9780199696611 The Law of Targeting]'' (OUP 2012).
 
*Yoram Dinstein (ed), ''[https://doi.org/10.1017/CBO9781316389591 The Conduct of Hostilities under the Law of International Armed Conflict]'' (CUP 2016).
 
*Heather A Harrison Dinniss, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=41 The Nature of Objects: Targeting Networks and the Challenge of Defining Cyber Military Objectives]’ (2015) 48 IsrLR 39.
 
*Noam Lubell, ‘Lawful Targets in Cyber Operations: Does the Principle of Distinction Apply?’ (2013) 89 Int’l L Studies 252.
 
*Kubo Mačák, ‘[https://doi.org/10.1017/S0922156517000358 From Cyber Norms to Cyber Rules: Re-engaging States as Law-makers]’ (2017) 30 LJIL 877.
 
*Kubo Mačák, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=57 Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law]’ (2015) 48 IsrLR 55.
 
*Noam Neuman, ‘Challenges in the Interpretation and Application of the Principle of Distinction During Ground Operations in Urban Areas’ (2018) 51 VJTL 807.
 
*Marco Roscini, ''Cyber Operations and the Use of Force in International Law'' (OUP 2014).
 
*Yves Sandoz, Christophe Swinarski and Bruno Zimmermann (eds), ''[http://www.loc.gov/rr/frd/Military_Law/pdf/Commentary_GC_Protocols.pdf Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949]'' (ICRC 1987).
 
*Michael N. Schmitt, ‘[https://puc.overheid.nl/mrt/doc/PUC_248137_11/ International Cyber Norms: Reflections on the Path Ahead]’ (2018) 111 Netherlands’ Military Law Review 12.
 
*Michael N Schmitt, ‘[https://heinonline.org/HOL/P?h=hein.journals/israel48&i=83 The Notion of ‘Objects’ during Cyber Operations: A Riposte in Defence of Interpretive and Applicative Precision]’ (2015) 48 IsrLR 81.
 
*Michael N Schmitt (ed), ''[https://doi.org/10.1017/9781316822524 Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations]'' (CUP 2017).
 
*Michael N. Schmitt and Sean Watts, ‘[https://heinonline.org/HOL/P?h=hein.journals/tilj50&i=217 The Decline of International Humanitarian Law ''Opinio Juris'' and the Law of Cyber Warfare]’ (2015) 50 TexIntlLJ 189.
 
*Silja Vöneky, ‘[http://opil.ouplaw.com/view/10.1093/law:epil/9780199231690/law-9780199231690-e1375 Analogy in International Law]’, in R Wolfrum (ed), ''Max Planck Encyclopedia of Public International Law'' (OUP 2008).
 
 
<!--
 
<!--
 
* MN Schmitt (ed), ''Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations'' (CUP 2017)
 
* MN Schmitt (ed), ''Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations'' (CUP 2017)
Line 101: Line 76:
   
 
=== Contributions ===
 
=== Contributions ===
* Scenario by: [[People#Editorial_board|Taťána Jančárková]] & [[People#Editorial_board|Kubo Mačák]]
+
* Scenario by: [[People|Taťána Jančárková]] & [[People|Kubo Mačák]]
* Analysis by: [[People#Editorial_board|Kubo Mačák]]
+
* Analysis by: [[People|Kubo Mačák]]
  +
* Reviewed by: [TBC]
* Reviewed by: [[People#Peer_reviewers|Laurie Blank]]; [[People#Peer_reviewers|Gary Corn]]; [[People#Peer_reviewers|Ori Pomson]]; [[People#Peer_reviewers|Michael Schmitt]]
 
   
{| class="wikitable"
 
|+
 
|Previous: [[Scenario 11: Sale of surveillance tools in defiance of international sanctions|Scenario 11: Surveillance tools]]
 
|Next: [[Scenario 13: Cyber operations as a trigger of the law of armed conflict|Scenario 13: Armed conflict]]
 
|}
 
 
[[Category:Computer data]]
 
[[Category:Computer data]]
 
[[Category:Distinction]]
 
[[Category:Distinction]]
Line 116: Line 86:
 
[[Category:Object]]
 
[[Category:Object]]
 
[[Category:Targeting]]
 
[[Category:Targeting]]
[[Category:Scenario]]
 
Please note that all contributions to International cyber law: interactive toolkit are considered to be released under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) (see International cyber law: interactive toolkit:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!
Cancel Editing help (opens in new window)

Template used on this page: