Why States Need an International Law for Information Operations
40 Pages Posted: 17 Jan 2008 Last revised: 11 Apr 2015
Just as states have spent the last several years wrestling with the appropriate legal response to terror, they must now undertake a similar effort to deal with the burgeoning use of information operations (IO). IO involves the use of information technology, such as computer network attacks or psychological operations, to influence, disrupt, corrupt, usurp or defend information systems and the infrastructure they support. More than thirty states have developed IO capacities. But IO is also undoubtedly attractive to non-state actors like Al Qaeda, since the technology is mostly inexpensive, easy-to-use, and capable of deployment from virtually anywhere.
This Article assesses the ways in which international law, specifically the rules regulating the use of force and the law of war, currently applies to IO. Conventional wisdom suggests existing rules can cover IO by analogy. The conventional wisdom is only half-right. This Article explains why the existing rules govern IO, but challenges the unstated assumption that they do so appropriately. Translating existing rules into the IO context produces extensive uncertainty, risking unintentional escalations of conflict where forces have differing interpretations of what is permissible. Alternatively, such uncertainty may discourage the use of IO even if it might produce less harm than traditional means of warfare. Beyond uncertainty, the existing legal framework is insufficient and overly complex. Existing rules have little to say about the non-state actors that will be at the center of future conflicts. And where the laws of war do not apply, even by analogy, an overwhelmingly complex set of other international and foreign law rules purport to govern IO.
To remedy such deficiencies, this Article proposes a new legal framework, an international law for information operations (ILIO). By adopting an ILIO, states could alleviate the uncertainty and complexity of the status quo, reduce transaction costs for states fighting global terror, and lessen the collateral costs of armed conflict itself. This Article concludes with a review of some of the regulatory design questions facing an ILIO, but does not offer any specific rules. Rather, its ultimate aim is to convince states and scholars about the need for an ILIO in the first place.
Keywords: cyberwar, cyberterror, information operations, IO, information warfare, jus ad bellum, jus in bello, international humanitarian law, use of force, civilian distinction, perfidy, complexity, regulatory design, international law, estonia, denial of service attack, hactivists, computer network attack
JEL Classification: K19, K33, K39, K42
Suggested Citation: Suggested Citation