National position of Estonia (2019): Difference between revisions

From International cyber law: interactive toolkit
Jump to navigation Jump to search
Content added Content deleted
(Created page with "''This page is under construction.'' ==Introduction== This is the national position of Estonia on international law applicable to cyberspace operations. It was expressed in T...")
 
Line 5: Line 5:


==List of topics==
==List of topics==
The Estonian national position addresses the following topics: Sovereignty, Due Diligence, Attribution, Self-Defence, Collective Self-Defence, Countermeasures, Collective Countermeasures, and Diplomatic response to malicious cyber activities.
The Estonian national positions deals with ...

==General Statement==
<section begin=EE general statement />
According to the Estonian official national position, existing international law applies to cyberspace. In particular, rights and obligations of international law including the UN Charter when states use IT and communication technologies. Estonia holds the view that what States can do or can do not in cyberspace should be found in the existing regime of international law. <ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref><section end==EE general statement />

==Sovereignty==
<section begin=EE sovereignty />
According to the Estonian position, sovereignty entails not only rights, but also obligations. Therefore, States are responsible for their activities in cyberspace when they amount to internationally wrongful acts just like they are responsible for any other activity based on international treaties or customary international law. <ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref><section end=EE sovereignty />


==Due diligence==
==Due diligence==
<section begin=EE due diligence />
<section begin=EE due diligence />
States have to make reasonable efforts to ensure that their territory is not used to adversely affect the rights of other states. Such easonable efforts are relative to national capacity as well as availability, and the accessibility of information. Meeting this expectation encompasses taking all feasible measures in order to end the ongoing malicious cyber activity. States should strive to develop means to offer support when requested by the injured state in order to identify, attribute or investigate malicious cyber operations.<ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref><section end=EE due diligence />
States have to make reasonable efforts to ensure that their territory is not used to adversely affect the right of other states. They should strive to develop means to offer support when requested by the injured state in order to identify, attribute or investigate malicious cyber operations. This expectation depends on national capacity as well as availability, and accessibility of information. These efforts must be undertaken considering the capacities of different states to be able to control such operations that exploit their infrastructure or systems. Meeting this expectation should encompass taking all feasible measures, rather than achieving concrete results. <ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref><section end=EE due diligence />

==Attribution==
<section begin=EE attribution />
Estonia holds the view that States own the right to attribute cyber operations both individually and collectively according to international law. What is required from the attributing state is not absolute certainty but what is reasonable. When assessing malicious cyber operations, technical information, political context, established behavioral patterns and other relevant indicators are considered. <ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref> <section end=EE attribution />

==Self Defence==
<section begin=EE self defence />
Estonia declares that States have the right to react to malicious cyber operations, including using diplomatic response, but also countermeasures, and, if necessary, the inherent right of self defence. Cyber operations which cause injury or death to persons or damage or destruction of objects could amount to a use of force or armed attack under the UN Charter. <ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref> <section end=EE self defence />

==Countermeasures==
<section begin=EE countermeasures />
Among other options for collective response, Estonia supports the use of countermeasures as a mean to lawfully respond to international wrongful acts perpetrated through cyberspace. Moreover, Estonia is furthering the position that states which are not directly injured may apply countermeasures to support the state directly affected by a malicious cyber operation. The countermeasures applied should follow the principle of proportionality and other principle established within the international customary law. <ref>[https://www.president.ee/en/meedia/press-releases/15243-president-of-estonia-international-law-applies-also-in-cyber-space/index.html President of Estonia: international law applies also in cyber space, 29 May 2019]</ref>
<section end=EE countermeasures />


== Appendixes ==
== Appendixes ==

Revision as of 15:27, 4 March 2021

This page is under construction.

Introduction

This is the national position of Estonia on international law applicable to cyberspace operations. It was expressed in Tallinn on 29 May 2019 by the President of Estonia, Kersti Kaljulaid.[1]

List of topics

The Estonian national position addresses the following topics: Sovereignty, Due Diligence, Attribution, Self-Defence, Collective Self-Defence, Countermeasures, Collective Countermeasures, and Diplomatic response to malicious cyber activities.

General Statement

According to the Estonian official national position, existing international law applies to cyberspace. In particular, rights and obligations of international law including the UN Charter when states use IT and communication technologies. Estonia holds the view that what States can do or can do not in cyberspace should be found in the existing regime of international law. [2]

Sovereignty

According to the Estonian position, sovereignty entails not only rights, but also obligations. Therefore, States are responsible for their activities in cyberspace when they amount to internationally wrongful acts just like they are responsible for any other activity based on international treaties or customary international law. [3]

Due diligence

States have to make reasonable efforts to ensure that their territory is not used to adversely affect the right of other states. They should strive to develop means to offer support when requested by the injured state in order to identify, attribute or investigate malicious cyber operations. This expectation depends on national capacity as well as availability, and accessibility of information. These efforts must be undertaken considering the capacities of different states to be able to control such operations that exploit their infrastructure or systems. Meeting this expectation should encompass taking all feasible measures, rather than achieving concrete results. [4]

Attribution

Estonia holds the view that States own the right to attribute cyber operations both individually and collectively according to international law. What is required from the attributing state is not absolute certainty but what is reasonable. When assessing malicious cyber operations, technical information, political context, established behavioral patterns and other relevant indicators are considered. [5]

Self Defence

Estonia declares that States have the right to react to malicious cyber operations, including using diplomatic response, but also countermeasures, and, if necessary, the inherent right of self defence. Cyber operations which cause injury or death to persons or damage or destruction of objects could amount to a use of force or armed attack under the UN Charter. [6]

Countermeasures

Among other options for collective response, Estonia supports the use of countermeasures as a mean to lawfully respond to international wrongful acts perpetrated through cyberspace. Moreover, Estonia is furthering the position that states which are not directly injured may apply countermeasures to support the state directly affected by a malicious cyber operation. The countermeasures applied should follow the principle of proportionality and other principle established within the international customary law. [7]


Appendixes

See also

Notes and references

Bibliography and further reading