Re-Thinking the Boundaries of Law in Cyberspace: A Duty to Hack?
Duncan B. Hollis
Temple University - James E. Beasley School of Law
April 12, 2014
in Cyberwar: Law & Ethics for Virtual Conflicts (J. Ohlin et al., eds., Oxford University Press, 2014 Forthcoming)
Temple University Legal Studies Research Paper No. 2014-16
Warfare and boundaries have a symbiotic relationship. Whether as its cause or effect, States historically used war to delineate the borders that divided them. Laws and borders have a similar relationship. Sometimes laws are the product of borders as when national boundaries delineate the reach of States’ authorities. But borders may also be the product of law; laws regularly draw lines between permitted and prohibited conduct or bound off required acts from permissible ones. Both logics are on display in debates over international law in cyberspace. Some characterize cyberspace as a unique, self-governing ‘space’ that requires its own borders and the drawing of tailor-made rules therein. For others, cyberspace is merely a technological medium that States can govern via traditional territorial borders with rules drawn ‘by analogy’ from pre-existing legal regimes.
This chapter critiques current formulations drawing law from boundaries and boundaries from law in cyberspace with respect to (a) its governance; (b) the use of force; and (c) international humanitarian law (IHL). In each area, I identify theoretical problems that exist in the absence of any uniform theory for why cyberspace needs boundaries. At the same time, I elaborate functional problems with existing boundary claims – particularly by analogy – in terms of their (i) accuracy, (ii) effectiveness and (iii) completeness. These prevailing difficulties on whether, where, and why borders are needed in cyberspace suggests the time is ripe for re-appraising the landscape.
This chapter seeks to launch such a re-thinking project by proposing a new rule of IHL – a Duty to Hack. The Duty to Hack would require States to use cyber-operations in their military operations whenever they are the least harmful means available for achieving military objectives. Thus, if a State can achieve the same military objective by bombing a factory or using a cyber-operation to take it off-line temporarily, the Duty to Hack requires that State to pursue the latter course. Although novel, I submit the Duty to Hack more accurately and effectively accounts for IHL’s fundamental principles and cyberspace’s unique attributes than existing efforts to foist legal boundaries upon State cyber-operations by analogy. Moreover, adopting the Duty to Hack could constitute a necessary first step to resolving the larger theoretical and functional challenges currently associated with law’s boundaries in cyberspace.
Number of Pages in PDF File: 53
Keywords: cyberspace, cyberwar, cybercrime, cyberthreats, cyber terrorism, cyber operations, international humanitarian law, law of armed conflict, use of force, tallinn, treaties, hack, internet, governance, boundaries, borders
JEL Classification: K00, K10, K33
Date posted: April 14, 2014 ; Last revised: July 3, 2014