|Since the binding definition of military objectives is limited to “objects”, it is of crucial importance [[Military objectives|whether data may qualify as an “object” and therefore a military objective]], particularly in respect of cyber operations that do not result in a physical effect. If data do not qualify as “objects”, then cyber operations against data would be unconstrained by IHL and civilian datasets would be left unprotected by IHL in times of armed conflict.
Two main views have emerged in this regard. On the one hand, some experts consider the notion “object” to be limited to something with physical properties that is visible and tangible in the real world.<ref>Tallinn Manual 2.0, commentary to rule 100, para. 5–6 (noting that the majority of experts considered that due to it being intangible, data does not fall within the ordinary meaning of the term object, which is “something visible and tangible”) (internal quotation marks deleted); but see
M Schmitt, ‘The Notion of ‘Objects’ during Cyber Operations: A Riposte in Defence of Interpretive and Applicative Precision’ (2015) 48 Isr L Rev 81, 93 (noting that although the “visible and tangible” criterion influenced the Tallinn Manual experts’ deliberations, it was not dispositive).</ref> This view is based on a textual interpretation of the term “object” and it finds further support in the 1987 ICRC commentary to the Additional Protocols.<ref>Tallinn Manual 2.0, commentary to rule 100, para. 5 (“An ‘object’ is characterised in the ICRC Additional Protocols 1987 Commentary as something ‘visible and tangible’.”), citing Y Sandoz, C Swinarski and B Zimmermann (eds), <i>Commentary on the Additional Protocols of 8 June 1977 to the Geneva Conventions of 12 August 1949</i> (ICRC 1987), 633–34 paras 2007–08.</ref> On this view, cyber operations against data do not fall within the ambit of IHL unless the operation in question results in some physical effect and/or a loss of functionality of the target system.<ref>Tallinn Manual 2.0, commentary to rule 100, para. 6.</ref>
On the other hand, other experts view data as falling within the notion of “object” under IHL. They consider that the remarks on visibility and tangibility in the ICRC commentary were meant to distinguish between concrete things (for instance, a bridge) and abstract notions (for instance, civilian morale).<ref>
HA Harrison Dinniss, ‘The Nature of Objects: Targeting Networks and the Challenge of Defining Cyber Military Objectives’ (2015) 48 Isr L Rev 39, 44; K Mačák, ‘Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law’ (2015) 48 Isr L Rev 55, 67–68.</ref> Accordingly, data are analogous to the former category of concrete things because they are likewise susceptible to being attacked and destroyed.<ref> K Mačák, ‘Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law’ (2015) 48 Isr L Rev 55, 73.</ref> This interpretation brings civilian datasets within the protection of IHL, thus fostering a central value of IHL, namely, the protection of civilians and civilian objects.<ref> K Mačák, ‘Military Objectives 2.0: The Case for Interpreting Computer Data as Objects under International Humanitarian Law’ (2015) 48 Isr L Rev 55, 77–80; see also Tallinn Manual 2.0, rule 100, para. 7 (criticizing the majority position for “running counter to the principle … that the civilian population enjoys general protection from the effects of hostilities”).</ref> Given that, on this view, data qualifies as an “object”, cyber operations against data must, unless a specific exception can be identified, be justified by reference to the definition of military objectives.
|}<section end=Data />