Americas Articles Defense & Security

Insights on International Law and Human Security at the UNIDIR CS23

  • June 26, 2023 |
  • Zainab Yasin,
Image Credit: UNIDIR via YouTube
Insights on International Law and Human Security at the UNIDIR CS23

The day-to-day progress in the technological and cyber domain has brought unprecedented advancements while simultaneously raising concerns over cyber stability, states’ sovereignty and human security. The multidimensional use of cyberspace requires a deep dive into the legal aspect. On 03 March 2023, United Nations Institute for Disarmament Research (UNIDIR) held a Cyber Stability Conference (CS23) at the United Nations (UN) Headquarters to analyse the legalisation of cyberspace through the prism of the UN Charter, the very first source of international law that states agreed on being applicable in cyberspace. CS23 focused specifically on how international law applies to the Information and Communications Technology (ICT) environment. The conference served a twofold purpose: to increase transparency and to deepen the understanding of how international law at the intersection of technology and law applies in the cyber realm.

Almost 25 years have passed since the first resolution on ICT-Security was adopted. Subsequently, intergovernmental processes have been established, and progress has been achieved via several iterations of the Groups of Governmental Experts (GGE) and Open-Ended Working Group (OEWG). These efforts are devoted to proving that cyberspace is not a lawless space. As stated by Izumi Nakamitsu during the CS23, “the UN Charter and other international laws are the basis for states’ shared commitment to preventing conflict and maintaining international peace and security, cyberspace is not an exception. The Charter and the obligations therein must equivocally guide state action in this domain.”

The benefits of cyberspace come with risks to human security. Malicious cyber activities blur the line between war and peace, posing risks to societies, critical infrastructure and services. These can also result in the incidental loss of civilian life, injury to civilians or damage to civilian objects. Perpetrators, comprising state or non-state actors, aim to achieve financial or political gains, support battlefield operations, or manipulate public opinion. Their actions compromise individual security and impact international security at large. Considering the use of force in cyberspace, it is important to assess if the use of force is expected to cause death, damage or injury. Even if the damage is not physical or tangible, then it is essential to question if this behaviour is prohibited in international law, is done in legitim or self-defence, or could be attributed to a certain state or not. The protection of persons and objects via the application of international law in cyberspace is accredited in the GGE reports of 2013, 2015, and 2021.

To tackle the attribution problem, strong coordination and cooperation among the member states could lead to an accurate tracing of Internet Protocol (IP) addresses back to the source and origin of the attack.

Within the rubric of international law, there are a range of challenging issues, such as the application of International Humanitarian Law (IHL) or the Law of War and International Human Rights Law (IHRL). IHL and IHRL are complementary bodies of international law. They both protect the lives and dignity of individuals, however, from different perspectives (IHL is applicable only in situations of armed conflicts). CS23 (Panel II) carried out a discussion on self-defence in cyberspace under Article 51 of the UN Charter to demonstrate the human right to self-defence.

Pakistan also took part in the flagship Conference of UNIDIR, delivering its stance on the peaceful settlement of disputes, one of the four thematic areas covered, alongside the use of armed force in cyberspace, armed attack and self-defence in cyberspace, and the role and powers of the UN Security Council (UNSC). Mohammad Aamir Khan, the representative of Pakistan, presented the following points during the Conference:

  • Pakistan agrees with the peaceful settlement of disputes and opposes the militarisation of cyberspace and the use of ICTs for destructive purposes. The state advocates that the principles of sovereign equality of nations, non-use of force and non-interventionism, as enshrined in the UN Charter, should continue to apply in cyberspace.
  • A few observations over the principles of the UN Charter, the 1970 UN Declaration of Friendly Relations, the 1982 Manila Declaration on the Peaceful Settlement of Disputes and the ICJ in the Nicaragua case were made. Firstly, there is no direct obligation for states to choose a particular measure for a given dispute. Secondly, states are not obliged to address a dispute through a mechanism that is not consented to by all parties. And lastly, states are required to refrain from any action which may aggravate a situation endangering international peace and security.
  • It is fundamental to acknowledge the divergence between cyberspace and the physical world. The traditional frameworks of international law, including those related to states’ responsibility, peaceful settlement of disputes, sovereignty and non-intervention, were established keeping in view the physical world. Therefore, it may not be accurately applicable in the context of cyberspace.
  • Cyberspace is borderless and fraught with challenges like anonymity and other political and technical impediments in the way of establishing a mechanism to attribute cyberattacks to their concrete perpetrators precisely. Without resolving the challenges of attribution, enforcing international law and IHL in cyberspace, including the establishment of a mechanism for the peaceful settlement of disputes in cyberspace, will remain unachievable.
  • There are, however, two drawbacks: Cyber security has not really entered into the Security Council’s agenda, even though the topic of states’ use of ICTs was introduced to the UN agenda more than 20 years ago, and action on several decisions under the charter six depends largely on the agreement of the permanent five members of the Security Council.
  • There should be a formulation of a legally binding instrument that will establish clear standards, regulations, dispute settlement and enforcement mechanisms. It will define cyberspace usage and make it binding for states to ensure that the domestic internet infrastructure shall not be used for destructive purposes.

The conference focused on the core legal principles and thresholds in cyberspace through the prism of the UN Charter. It was stated during CS23 that the creation of customary rules requires two elements: general state practices and opinion theories. No state has officially qualified any harmful ICT act as a breach of Article 2(4) of the UN Charter. States suffering from different cyber acts tend not to use the language of international law even in situations which could have been hypothetically qualified as a breach of rules. On the other hand, there is a lack of uniformity among states as they face problems in building a mutual opinion and consensus.

Given the range of differences and views among the member states, it is crucial to undertake an incremental, focused and step-by-step approach and to enhance the levels of knowledge, awareness and capacity in all countries, particularly the developing and small countries for whom the entire question of cyber security and ICT security is relatively a new domain. Additionally, to tackle the attribution problem, strong coordination and cooperation among the member states could lead to an accurate tracing of Internet Protocol (IP) addresses back to the source and origin of the attack.

Zainab Yasin

Zainab Yasin is a graduate of National Defence University, Islamabad. She serves as a Research Assistant at CSCR, and is passionate about analyzing diplomatic relations, world politics and cyberspace.

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Lost Password