International humanitarian law (jus in bello)
National positions[edit | edit source]
"International humanitarian law (IHL) (including the principles of humanity, necessity, proportionality and distinction) applies to cyber activities within an armed conflict.
Australia considers that, if a cyber activity rises to the same threshold as that of a kinetic 'attack' (or act of violence) under IHL, the rules governing such attacks during armed conflict will apply to those kinds of cyber activities. Applicable IHL rules will also apply to cyber activities in an armed conflict that do not constitute or rise to the level of an 'attack', including the principle of military necessity and the general protections afforded to the civilian population and individual civilians with respect to military operations.
The IHL principle of proportionality prohibits the launching of an attack which may be expected to cause incidental loss of civilian life, injury to civilians, damage to civilian objects, or a combination thereof, which would be excessive in relation to the concrete and direct military advantage anticipated.
The IHL principle of military necessity states that a combatant is justified in using those measures, not forbidden by international law, which are indispensable for securing complete submission of an enemy at the soonest moment. The principle cannot be used to justify actions prohibited by law, as the means to achieve victory are not unlimited.
The IHL principle of distinction seeks to ensure that only legitimate military objects are attacked. Distinction has two components. The first, relating to personnel, seeks to maintain the distinction between combatants and non-combatants or military and civilian personnel. The second component distinguishes between legitimate military targets and civilian objects.
All Australian military capabilities are employed in line with approved targeting procedures. Cyber activities are no different. Australian targeting procedures comply with the requirements of IHL and trained legal officers provide decision-makers with advice to ensure that Australia satisfies its obligations under international law and its domestic legal requirements."
"International humanitarian law (IHL) is fairly equipped to answer many of the questions associated with new technologies, including ICTs. There is no doubt that IHL applies to States use of ICTs during an armed conflict. The fact that a specific weapon has been invented after the development of humanitarian law does not exempt it from regulation. Quoting from the ICJ Advisory Opinion on the Legality of the Threat or Use of Nuclear Weapons, excluding cyber operations from IHL scope of application “would be incompatible with the intrinsically humanitarian character of the legal principles in question which permeates the entire law of armed conflict and applies to al1 forms of warfare and to al1 kinds of weapons, those of the past, those of the present and those of the future.”
IHL applies to situations amounting to armed conflict independently of its classification as such by the parties. For IHL, it does not matter whether the armed conflict is lawful or not, because its objective is to minimize human suffering and provide a minimum level of protection to civilians in any scenario of hostilities. Hence, the recognition that international humanitarian law applies to the cyberspace does not in any way endorse its militarization or legitimize cyberwarfare, but only ensures a minimum level of protection if an armed conflict arises.
There are two instances where IHL might apply to cyber activities. First, if they are carried out as part of an ongoing armed conflict, contributing to conventional operations conducted by the parties. Second, if the cyber activities themselves cross the threshold of violence to be characterized as an armed conflict.
Of particular importance, the 2015 GGE report has noted the established international legal principles, including, where applicable, the principles of humanity, necessity, proportionality and distinction.
For Brazil, the IHL principle of precaution is also applicable to the use of ICTs by States, meaning that parties must “take all feasible precautions in the choice of means and methods of attack with a view to avoiding, and in any event minimizing, incidental loss of civilian life, injury to civilians and damage to civilian objects”."
"In making the assessment of necessity, distinction, proportionality and precaution, parties must take into consideration the particularities of the cyberspace, such as the interconnectivity between military and civilian networks. The principle of distinction determines that cyberattacks must target military objectives and must not be indiscriminate. In case of doubt whether a cyber infrastructure that is normally dedicated to civilian purposes is being used to make an effective contribution to military action, it shall be presumed not to be so used.
While holding the view that IHL applies to cyberspace, there are issues that deserve further reflection, such as the definition of cyberattack for the purposes of article 49 of AP I; the consideration of civilian data as a civilian object that entails protection under IHL; and when a civilian acting in the cyberspace might be considered as taking direct part in hostilities.
In any event, where IHL is silent or ambiguous, the “Martens clause” remains applicable, ensuring that, in cases not covered by existing rules, “civilians and combatants remain under the protection and authority of the principles of international law derived from established custom, from the principles of humanity and from the dictates of public conscience”."
"[...] the Czech Republic recognizes that International humanitarian law (IHL) applies to cyber operations during armed conflicts, on the understanding that this neither encourages the militarization of cyberspace, nor legitimizes cyber warfare, just as IHL does not legitimize any other form of warfare.
It is essential to underline that IHL does not promote the militarisation of cyberspace. On the contrary, it reduce its lawful military use by creating limits and requiring for all used means and methods to be employed in accordance with its rules; including the principles of humanity and distinction and the principle of proportionality."
|If a situation amounts to an armed conflict and cyber operations are carried out during that conflict, international humanitarian law applies to these cyber operations as it does to all operations with a nexus to armed conflict in general.|
"Estonia believes that international humanitarian law sets boundaries for states' activities in conflict, protecting civilian persons and infrastructure, and acting as a constraint, not a facilitator of conflict.
In our view, international humanitarian law provides the necessary rules constraining states’ conduct in conflict that also extend to cyber operations. Its applicability does not lead to the militarisation of cyberspace.
Armed conflicts today and in the future may involve offensive cyber capabilities. Therefore, it is vital that the use of such capabilities would be subject to obligations deriving from international humanitarian law, including taking into account such considerations as humanity, necessity, proportionality and distinction.
"International humanitarian law only applies to cyber operations when such operations are part of, or amount to, an armed conflict. Most so far known cyberattacks have not been launched in the context of an armed conflict or met the threshold of armed conflict. At the same time, when cyber means are used in the context of a pre-existing armed conflict, as has been done in many current conflicts, there is no reason to deny the need for the protections that international humanitarian law provides. This includes that cyber means and methods of warfare must be used consistently with the principles of distinction, proportionality and precautions, as well as the specific rules flowing from these principles. When assessing the capacity of cyber means and methods to cause prohibited harm, their foreseeable direct and indirect effects shall be taken into account. Constant care shall be taken to ensure the protection of civilians and civilian objects, including essential civilian infrastructure, civilian services and civilian data.
The unique characteristics of cyberspace, such as interconnectedness and anonymity, may affect how international humanitarian law is interpreted and applied with regard to certain cyber means and methods warfare. The related problems can nevertheless mostly be solved on the basis of existing rules. New technologies do not render the existing rules of international humanitarian law meaningless or necessarily require new legal regulation. Furthermore, while international humanitarian law is lex specialis in an armed conflict, it does not override other areas of international law, such as human rights law, which may continue to apply throughout the conflict."
In an armed conflict situation, cyberspace is an area of confrontation in its own right linked to other areas of confrontation. The offensive cyber capability implemented in the theatres of engagement of the French armed forces is controlled by means of a doctrine and a framework for use in accordance with which it is required to comply with international humanitarian law (IHL).
"Germany reiterates its view that IHL applies to cyber activities in the context of armed conflict. The fact that cyberspace as a domain of warfare was unknown at the time when the core treaties of IHL were drafted does not exempt the conduct of hostilities in cyberspace from the application of IHL. As for any other military operation, IHL applies to cyber operations conducted in the context of an armed conflict independently of its qualification as lawful or unlawful from the perspective of the ius ad bellum.
An international armed conflict – a main prerequisite for the applicability of IHL in a concrete case – is characterized by armed hostilities between States. This may also encompass hostilities that are partially or totally conducted by using cyber means. Germany holds the view that cyber operations of a non-international character, e.g. of armed groups against a State, which reach a sufficient extent, duration, or intensity (as opposed to acts of limited impact) may be considered a non-international armed conflict and thereby also trigger the application of IHL.
At the same time, cyber actions can become part of an ongoing armed conflict. In order to fall within the ambit of IHL, the cyber operation must show a sufficient nexus with the armed conflict, i.e. the cyber operation must be conducted by a party to the conflict against its opponent and must contribute to its military effort.
Cyber operations between a non-State actor and a State alone may provoke a non-international armed conflict. However, this will only seldom be the case due to the level of intensity, impact and extent of hostilities required. Thus, activities such as a large-scale intrusion into foreign cyber systems, significant data theft, the blocking of internet services and the defacing of governmental channels or websites will usually not singularly and in themselves bring about a non-international armed conflict."
"The basic principles governing the conduct of hostilities, including by cyber means, such as the principles of distinction, proportionality, precautions in attack and the prohibition of unnecessary suffering and superfluous injury, apply to cyber attacks in international as well as in non-international armed conflicts.
Germany defines a cyber attack in the context of IHL as an act or action initiated in or through cyberspace to cause harmful effects on communication, information or other electronic systems, on the information that is stored, processed or transmitted on these systems or on physical objects or persons. The occurrence of physical damage, injury or death to persons or damage or destruction to objects comparable to effects of conventional weapons is not required for an attack in the sense of art. 49 para. 1 Additional Protocol I to the Geneva Conventions. However, the mere intrusion into foreign networks and the copying of data does not constitute an attack under IHL."
"I’ll start by stating the obvious: the law of armed conflict and its fundamental principles generally apply to cyber operations conducted in the context of an armed conflict. Indeed, “the right of belligerents to adopt means of injuring the enemy is not unlimited” even in the cyber domain.
Israel is a party to the four Geneva Conventions and other treaties governing particular aspects of conduct in armed conflict and is also bound by applicable customary law. Israel—like the United States and others—is not a party to the First and Second Additional Protocols to the four Geneva Conventions and is not bound by them as a matter of treaty law. However, we see the following as consistent with the relevant customary law and the Additional Protocols."
"International humanitarian law is also applicable to cyber operations.
In situations of armed conflict, the methods and means of warfare used by the parties to the conflict are subject to regulations under international humanitarian law. This extends to cyber operations implemented by the parties to the conflict. Several principles under international humanitarian law, including the principle of humanity, necessity, proportionality and distinction, are also applicable to acts in cyberspace. In paragraph 28(d) of the 2015 GGE report, those principles are referred to as "established international legal principles." This reference, considered together with the fact that this report affirms the applicability of existing international law, can be interpreted to affirm the applicability of those principles. Meanwhile, Article 49 of the Additional Protocol I to the Geneva Conventions stipulates: "'Attacks' means acts of violence against the adversary, whether in offence or in defence." The Government of Japan understands that cyber operations that may cause the destruction or neutralization of military targets, for example, may also constitute "attacks" under international humanitarian law, depending on the circumstances.
In principle, the existence of an "armed conflict" is a prerequisite for the application of international humanitarian law. Under the Geneva Conventions, there is no particular definition of an "armed conflict," and therefore, whether or not a certain incident constitutes an "armed conflict" needs to be decided on a case-by-case basis, taking into account a number of elements, such as the manner of the actual attack and the intent of each party to the incident, in a comprehensive manner. If the effects of cyber operations are taken into consideration, the conduct of cyber operations alone may reach the threshold of an "armed conflict."
As affirming the applicability of international humanitarian law to cyber operations contributes to the regulation of methods and means of warfare, the argument that doing so will lead to the militarization of cyberspace is groundless. For example, cyber operations during armed conflict that cause physical damage or loss of functionality to medical institutions may constitute a violation of international humanitarian law16 and therefore should be appropriately regulated. On the other hand, modes of combat in cyberspace are different from those in traditional domains. Therefore, how international humanitarian law regarding, for example, the scope of combatants applies to cyberspace should be further discussed." 
"Kenya notes that there is a strong body of International Law which can be applied in the context of ICTs including Human Rights Law based on the Universal Declaration of Human Rights, International Humanitarian Law (recognizing that, unfortunately, not only can ICTs become a source of conflict, but they are increasingly both used and developed during conflicts between States) and Customary International Law. All these laws should be studied and analyzed in a fair, open, peace-loving and balanced manner in order to adopt a utilitarian body of International Law that guides the use of information and communication technology in the context of international security." 
"A key component of IHL is international law on neutrality. Neutrality requires that states which are not party to an armed conflict refrain from any act from which involvement in the conflict may be inferred or acts that could be deemed in favour of a party to the conflict. In its relations with parties to the armed conflict the neutral state is required to treat all parties equally in order to maintain its neutrality. A state may not, for example, deny access to its IT systems to one party to the conflict but not to the other. In its response to the above-mentioned advisory report by the AIV/CAVV, the government noted that, ‘In an armed conflict involving other parties, the Netherlands can protect its neutrality by impeding the use by such parties of infrastructure and systems (e.g. botnets) on Dutch territory. Constant vigilance, as well as sound intelligence and a permanent scanning capability, are required here.’"
"In situations of armed conflict, international humanitarian law applies to cyber activities. A cyber activity may constitute an “attack” for the purposes of international humanitarian law where it results in death, injury, or physical damage, including loss of functionality, equivalent to that caused by a kinetic attack. All cyber “attacks” must comply with the principles of military necessity, humanity, proportionality and distinction."
|International humanitarian law applies to cyber operations in connection with an armed conflict.|
"International humanitarian law (IHL) applies in the event of an armed conflict. Whether an (international or non-international) armed conflict exists will depend on the specific circumstances.
This specialised regime of international law, also called jus in bello, governs actions, including cyber operations, when they are conducted in connection with an armed conflict.
International humanitarian law aims to minimise the human suffering caused by armed conflict. It thus regulates and limits cyber operations during armed conflicts, just as it regulates and limits the use of any other weapons, means and methods of warfare in an armed conflict.
IHL does not legitimise the use of force in cyberspace. Any use of force by States – either by digital or by conventional means – remains governed by the Charter of the United Nations and the relevant rules of customary international law, also called jus ad bellum. Of particular relevance is the prohibition against the use of force. International disputes must be settled by peaceful means, in cyberspace as in all other domains.
The general rules for legitimate military targets are the same regardless of whether conventional or digital means are used. A cyber operation conducted in connection with an armed conflict must be assessed according to its consequences, and may qualify as an attack under international humanitarian law. ‘Attack’ is a key concept of international humanitarian law, and is understood to mean ‘acts of violence against the adversary, whether in offence or defence’. Cyber attacks during armed conflicts are subject to the same restrictions and regulations under international humanitarian law as conventional attacks, including the principles of humanity, military necessity, proportionality and distinction. The concept of attack is particularly relevant to the rules and principles on the selection of targets and precautions. Attacks against civilians or civilian objects are for example prohibited.
Under IHL, medical services must be protected and respected, including when carrying out cyber operations during armed conflict. IHL also prohibits attacking, destroying, removing or rendering useless objects indispensable to the survival of the population, including through cyber means and methods of warfare. ‘Objects indispensable to the survival of the civilian population’ include ICT infrastructure for food production or drinking water installations."
"International Humanitarian Law (IHL) applies in the context of cyber operations carried out as part of an armed conflict (whether international or non-international).
In such circumstances, the planning of and carrying on of cyber operations must be done in conformity with the principles governing the conduct of hostilities, namely distinction, proportionality, necessity and precaution.
"Singapore’s view is that in times of armed conflict, the relevant principles of international humanitarian law (“IHL”) would apply to the belligerents’ use of cyberspace. Some examples of such principles would include those of humanity, necessity, proportionality and distinction.
The principle of proportionality requires a State to refrain from launching a cyber operation which may be expected to cause incidental loss of civilian life, injury to civilians, damage to civilian objects, or a combination thereof, which would be excessive in relation to the concrete and direct military advantage anticipated.
In keeping with the principle of distinction, cyber operations undertaken in the context of armed conflicts have to distinguish between legitimate military objectives and civilian objects. Only legitimate military objectives may be targeted."
"Switzerland considers international law to be applicable to cyberspace, which includes the application of IHL in the context of armed conflicts. Switzerland's foreign policy priorities include ensuring respect as well as strengthening and promoting IHL. Switzerland is well known for its neutrality, humanitarian tradition and role as depositary of the Geneva Convention. This position paper therefore addresses IHL issues in greater depth.
IHL is applicable once an international or non-international armed conflict de facto exists. It is applicable in any armed conflict and to all parties to a conflict. IHL addresses the realities of war without considering the reasons for or the legality of the use of force. It does not deal with the legality of war, nor does it legitimise the use of force between states. The purpose of IHL is to regulate the conduct of hostilities and to protect victims of armed conflict, in particular by restricting the use of certain means and methods of warfare. The ICJ clearly stated that the established principles and rules of IHL apply to “all forms of warfare and to all kinds of weapons, those of the past, those of the present and those of the future”.
This is applicable to cyberspace in the same way as for traditional and new operational spaces (outer space, airspace, land, maritime space, electromagnetic space, information space). IHL is therefore the main body of international law governing cyber operations that have a connection with an armed conflict. Implementing IHL effectively contributes to ensuring international security. Existing IHL, particularly its fundamental principles, places important limits on the execution of cyber operations in armed conflicts."
"[..]in addition to the provisions of the UN Charter, the application of international humanitarian law to cyber operations in armed conflicts provides both protection and clarity. When states are engaged in an armed conflict, this means that cyber operations can be used to hinder the ability of hostile groups such as Daesh to coordinate attacks, and in order to protect coalition forces on the battlefield. But like other responsible states, this also means that even on the new battlefields of cyber space, the UK considers that there is an existing body of principles and rules that seek to minimise the humanitarian consequences of conflict."
"IHL applies to operations in cyberspace conducted in the furtherance of hostilities in armed conflict just as it does to other military operations.
IHL seeks to limit the effects of armed conflict - it protects persons who are not, or who are no longer, participating in hostilities, and limits the methods and means of warfare employed by the belligerents."
"IHL seeks to limit the effects of armed conflict and it is not therefore correct that its applicability to cyber operations in armed conflict would encourage the militarisation of cyberspace."
"A cyber operation is capable of being an ‘attack’ under IHL where it has the same or similar effects to kinetic action that would constitute an attack. Where an operation in cyberspace amounts to an ‘attack’, the principles of distinction, proportionality, humanity and military necessity apply in the same way as they do to an attack by any other means. Those responsible for planning, deciding upon, or executing attacks necessarily have to reach decisions on the basis of their assessment of the information from all sources which is reasonably available to them at the relevant time. All relevant rules of IHL must be observed when planning and conducting operations whether by cyber or other means – the complexity of cyber operations is no excuse for a lower standard of protection to be afforded to civilians and civilian objects."
"In the context of an armed conflict, the law of armed conflict applies to regulate the use of cyber tools in hostilities, just as it does other tools. The principles of necessity and proportionality limit uses of force in self-defense, and would regulate what may constitute a lawful response under the circumstances. There is no legal requirement that the response to a cyber armed attack take the form of a cyber action, as long as the response meets the requirements of necessity and proportionality."
"Turning to cyber operations in armed conflict, I would like to start with the U.S. military’s cyber operations in the context of the ongoing armed conflict with the Islamic State of Iraq and the Levant (ISIL). As U.S. Defense Secretary Ashton Carter informed Congress in April 2016, U.S. Cyber Command has been asked “to take on the war against ISIL as essentially [its] first major combat operation […] The objectives there are to interrupt ISIL command-and-control, interrupt its ability to move money around, interrupt its ability to tyrannize and control population[s], [and] interrupt its ability to recruit externally.
The U.S. military must comply with the United States’ obligations under the law of armed conflict and other applicable international law when conducting cyber operations against ISIL, just as it does when conducting other types of military operations during armed conflict. To the extent that such cyber operations constitute “attacks” under the law of armed conflict, the rules on conducting attacks must be applied to those cyber operations. For example, such operations must only be directed against military objectives, such as computers, other networked devices, or possibly specific data that, by their nature, location, purpose, or use, make an effective contribution to military action and whose total or partial destruction, capture, or neutralization, in the circumstances ruling at the time, offers a definite military advantage. Such operations also must comport with the requirements of the principles of distinction and proportionality. Feasible precautions must be taken to reduce the risk of incidental harm to civilian infrastructure and users. In the cyber context, this requires parties to a conflict to assess the potential effects of cyber activities on both military and civilian infrastructure and users.
Not all cyber operations, however, rise to the level of an “attack” as a legal matter under the law of armed conflict. When determining whether a cyber activity constitutes an “attack” for purposes of the law of armed conflict, States should consider, among other things, whether a cyber activity results in kinetic or non-kinetic effects, and the nature and scope of those effects, as well as the nature of the connection, if any, between the cyber activity and the particular armed conflict in question.
Even if they do not rise to the level of an “attack” under the law of armed conflict, cyber operations during armed conflict must nonetheless be consistent with the principle of military necessity. For example, a cyber operation that would not constitute an “attack,” but would nonetheless seize or destroy enemy property, would have to be imperatively demanded by the necessities of war. Additionally, even if a cyber operation does not rise to the level of an “attack” or does not cause injury or damage that would need to be considered under the principle of proportionality in conducting attacks, that cyber operation still should comport with the general principles of the law of war."
"It is also longstanding DoD policy that U.S. forces will comply with the law of war “during all armed conflicts however such conflicts are characterized and in all other military operations.” Even if the law of war does not technically apply because the proposed military cyber operation would not take place in the context of armed conflict, DoD nonetheless applies law-of-war principles. This means that the jus in bello principles, such as military necessity, proportionality, and distinction, continue to guide the planning and execution of military cyber operations, even outside the context of armed conflict."
"The 2015 GGE report recognized the applicability of the established jus in bello principles of humanity, necessity, proportionality, and distinction in cyberspace. The applicability of the jus in bello more broadly to States’ use of ICTs has been reaffirmed by a large number of Member States.
The United States recognizes that cyber activities in the context of an armed conflict may in certain circumstances constitute an “attack” for purposes of the application of the jus in bello rules that govern the conduct of hostilities, including the principles of humanity, necessity, proportionality, and distinction recognized in the 2015 GGE report.
The United States has also elaborated on how these principles would apply to cyber capabilities under an armed conflict. For example, the principle of distinction requires that only legitimate military objectives be made the object of attack. In the context of cyber capabilities used in armed conflict, the principle of distinction requires that only legitimate military objectives be made the object of attack.
The principle of proportionality prohibits attacks that may be expected to cause incidental loss to civilian life, injury to civilians, or damage to civilian objects which would be excessive in relation to the concrete and direct military advantage anticipated. In the cyber context, this rule would require parties to a conflict to assess the potential effects of cyber activities on both military and civilian infrastructure and users, including shared physical infrastructure (such as a dam or a power grid) that would affect civilians. In addition to the potential physical damage that a cyber activity may cause, such as death or injury that may result from effects on critical infrastructure, parties must assess the potential effects of a cyber attack on civilian objects that are not military objectives, such as private, civilian computers that hold no military significance but may be networked to military objectives.
In addition, when using cyber capabilities in armed conflict, States must comply with their obligations under international humanitarian law related to the protection of medical personnel and facilities. For example, medical personnel and facilities must not be knowingly attacked or unnecessarily prevented from discharging their proper functions, and parties to a conflict must take feasible precautions to reduce the risk of incidental harm to the civilian population and other protected persons and objects, including medical personnel and facilities.
The United States has specifically addressed how its international humanitarian law obligations apply to cyberspace operations in the context of armed conflict in the Department of Defense’s Law of War Manual, reflecting a commitment to ensure that U.S. legal obligations are understood and respected by its military. Several other States have taken similar steps to share their views on how international humanitarian law applies and / or address cyber specifically in their military manuals."
Appendixes[edit | edit source]
See also[edit | edit source]
Notes and references[edit | edit source]
- Australian Government, Australia's position on how international law applies to State conduct in cyberspace
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 22.
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 23.
- Richard Kadlčák, Statement of the Special Envoy for Cyberspace and Director of Cybersecurity Department of the Czech Republic, 11 February 2020, 4
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 26-27.
- International law and cyberspace - Finland's national position
- Ministry of Defense of France, International Law Applied to Operations in Cyberspace, 9 September 2019, 12.
- Federal Government of Germany, On the Application of International Law in Cyberspace, March 2021, 7.
- Federal Government of Germany, On the Application of International Law in Cyberspace, March 2021, 8.
- Roy Schöndorf, Israel’s Perspective on Key Legal and Practical Issues Concerning the Application of International Law to Cyber Operations, 8 December 2020.
- Ministry of Foreign Affairs of Japan, Basic Position of the Government of Japan on International Law Applicable to Cyber Operations, 16 June 2021, 6-7
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 54.
- Government of the Kingdom of the Netherlands, Appendix: International law in cyberspace, 26 September 2019 , 5.
- The Application of International Law to State Activity in Cyberspace, 1 December 2020, 4.
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 74-75.
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 77.
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 85.
- Federal Department of Foreign Affairs, Switzerland's position paper on the application of international law in cyberspace, May 2021, 8-9
- Attorney General Jeremy Wright:Cyber and International Law in the 21st Century, 23 May 2018
- United Kingdom Foreign, Commonwealth & Development Office, Application of international law to states’ conduct in cyberspace: UK statement, 3 June 2021
- United Kingdom Foreign, Commonwealth & Development Office, Application of international law to states’ conduct in cyberspace: UK statement, 3 June 2021
- United Kingdom Foreign, Commonwealth & Development Office, Application of international law to states’ conduct in cyberspace: UK statement, 3 June 2021
- Harold Hongju Koh, International Law in Cyberspace, 18 September 2012, 5
- Brian J. Egan, International Law and Stability in Cyberspace, 10 November 2016 8-10.
- Hon. Paul C. Ney, Jr., DOD General Counsel Remarks at U.S. Cyber Command Legal Conference, 2 March, 2020
- Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States, UNODA, A/76/136, August 2021, 138.