Cyber Espionage and International Law
eBook - ePub

Cyber Espionage and International Law

  1. 248 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Cyber Espionage and International Law

About this book

The advent of cyberspace has led to a dramatic increase in state-sponsored political and economic espionage. This monograph argues that these practices represent a threat to the maintenance of international peace and security and assesses the extent to which international law regulates this conduct. The traditional view among international legal scholars is that, in the absence of direct and specific international law on the topic of espionage, cyber espionage constitutes an extra-legal activity that is unconstrained by international law. This monograph challenges that assumption and reveals that there are general principles of international law as well as specialised international legal regimes that indirectly regulate cyber espionage. In terms of general principles of international law, this monograph explores how the rules of territorial sovereignty, non-intervention and the non-use of force apply to cyber espionage. In relation to specialised regimes, this monograph investigates the role of diplomatic and consular law, international human rights law and the law of the World Trade Organization in addressing cyber espionage. This monograph also examines whether developments in customary international law have carved out espionage exceptions to those international legal rules that otherwise prohibit cyber espionage as well as considering whether the doctrines of self-defence and necessity can be invoked to justify cyber espionage. Notwithstanding the applicability of international law, this monograph concludes that policymakers should nevertheless devise an international law of espionage which, as lex specialis, contains rules that are specifically designed to confront the growing threat posed by cyber espionage.

Trusted by 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Hart Publishing
Year
2018
Print ISBN
9781509945016
Edition
1
eBook ISBN
9781782257363
Topic
Law
Subtopic
International Law
Index
Law
1
Defining Cyber Espionage
1.Introduction
The objective of this monograph is to identify the international legal rules applicable to cyber espionage and to assess the extent to which they prohibit or constrain this activity. In order to guide our analysis of these rules, it is first necessary to develop a working definition of the concept of cyber espionage.
To date, states have failed to agree a definition of espionage let alone cyber espionage within international law. However, with the permeation of cyberspace into nearly all aspects of modern life, states have increasingly adopted cyber security policies that are designed to tackle the threats that emanate from this environment. In formulating these policies, states have offered definitions of key concepts and terms associated with cyberspace. Given the prevalence of cyber espionage within contemporary international relations, it is unsurprising that cyber espionage features prominently in many of these policies and most provide a definition of this concept.1
While national definitions exhibit diversity, definitional patterns appear and key features of cyber espionage can be extracted.2 In short, definitions of cyber espionage comprise four constitutive elements: the (i) non-consensual (ii) copying (iii) of confidential information (iv) that is resident in or transiting through cyberspace.
Identifying these elements provides a useful starting point when formulating a definition of cyber espionage. Yet, in order to pin down exactly what type of activity cyber espionage describes and thus the type of conduct that will be subject to international legal analysis throughout this monograph, it is necessary to drill down further into these features and unpack their content.
2.The Intelligence Community
Maintaining national security is one of the most important objectives of the state and it is for this reason that states dedicate huge amounts of resources to collecting information concerning the activities of foreign actors. Indeed, ‘virtually every state has an intelligence service that seeks to collect information on potential adversaries’,3 whether it be ‘through a consolidated service or a separate foreign service’.4
The ‘intelligence cycle’ is the name given by the Intelligence Community (IC) to describe the process of intelligence production. In its entirety, the intelligence cycle consists of five distinct stages; (i) planning and direction; (ii) collection; (iii) analysis and processing; (iv) production; and (v) dissemination. In short, ‘[i]ntelligence can be divided into two basic categories: collection and analysis’.5 These two broad stages distinguish information from intelligence – information that has been collected only becomes intelligence once it has been analysed.6
This monograph examines the application of international law to the collection (as opposed to the analysis) of information. The IC collects information from a variety of different sources7 and intelligence officers prefer to produce intelligence on the back of information that is collected from all available sources (referred to as ‘all source intelligence’).8 For heuristic purposes, a dichotomy can be drawn between information that is collected from human sources and information that is obtained through the interception of electronic signals. Moreover, these sources can be designated as open or closed.
2.1.Sources of Information Collection
Information collected from human sources is known as human intelligence and this concept is usually abbreviated to HUMINT. HUMINT is defined as:
[T]he collection of information by a trained HUMINT collector … from people and their associated documents and media sources to identify elements, intentions, composition, strength, dispositions, tactics, equipment, personnel and capabilities. It uses human sources as a tool and a variety of collection methods, both passively and actively, to gather information.9
For many years HUMINT represented the ‘primary source of intelligence’.10 Yet, as states dedicated more resources to protecting their confidential information and as their counter-espionage capabilities improved, obtaining access to human sources proved increasingly difficult. Additionally, HUMINT had the potential to produce unreliable information because human informants could act as double agents and deliberately feed their handlers false information or, instead, they could simply misunderstand events and relay inaccurate information.
In light of the problems associated with HUMINT and as the technological revolution gathered momentum, signals intelligence – usually acronymised to SIGINT – emerged as a particularly prominent method for collecting information, either as a stand-alone source or being used to verify or supplement HUMINT. The major advantage of SIGINT is that it allows direct access to information and thus minimises the potential for information to be deliberately or inadvertently misrepresented.
SIGINT derives from the interception of signals and is divided into two subfields: communications intelligence (COMMINT) and electronic intelligence (ELINT). COMMINT describes the acquisition of ‘foreign communications passed by radio, wire, or other electromagnetic means’11 which, put simply, means the collection of electronic signals that include speech or text. ELINT involves the collection of ‘foreign, non-communications, electromagnetic radiations emanating from other than atomic detonation sources’12 which, in essence, involves the collection of electronic signals that do not relate to personal communications.
New subcategories of SIGINT continue to be developed by the IC, usually in response to technological innovations. For example, imagery intelligence (IMINT) is the product of information that is collected through the use of visual photography, infrared, lasers, multispectral sensors and radar.
Cyberspace describes a ‘global domain within the information environment consisting of the interdependent network of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers’.13 Cyberspace is used to store huge quantities of information and it also acts as an essential communicative device. Unsurprisingly, the IC now regularly conducts operations in cyberspace to acquire information and cyber intelligence (CYINT) has therefore emerged as an important subcategory of SIGINT.
2.2.Open and Closed Sources
Information can be acquired from open and closed sources. ‘Open source’ describes information that is publicly available and this typically includes information that is contained in speeches, official documents, newspaper reports, technical and professional journals, company websites and online databases.14
Open source information is abundant in liberal democracies given that they are political systems predicated upon the principles of freedom of information and freedom of expression. Obviously, even in liberal democracies, state and non-state actors keep certain types of information secret. Indeed, in most liberal democracies freedom of information regimes exempt the state from providing public access to confidential information where necessary to meet a legitimate aim. In the UK, for example, the state can refuse to disclose secret information that relates to its military activities or where it involves communications with foreign governments.15 Moreover, liberal democracies invariably implement legal rules restricting the right to freedom of expression where necessary to suppress criminal or dangerous activities. In order to avoid the sanctions incurred upon breach of these rules, malicious non-state actors such as terrorists and criminals go to great lengths to conceal their activities and communications.
Consequently, states seek information from foreign actors that is not publicly available, namely, information from closed sources.16 This form of information collection is referred to as espionage or, colloquially, spying, and with those engaging in this practice being known as spies. Thus, ‘espionage is one aspect of a nation’s intelligence work, encompassing the government’s efforts to acquire classified or other protected information’.17 ‘Most governments rely on a range of information being gathered to guide their actions. This is not the same as espionage. Espionage is the process of obtaining information that is not normally publicly available.’18
Over the years, much has been written as to when information can be regarded as publicly available, and with the emergence of the Internet this debate has become much more intense. This point was presciently recognised by McDougal, Lasswell and Reisman in 1973:
A further difficultly lies in the fact that the line between lawful intelligence gathering and espionage is thin, and may, in fact, ultimately be irreparably perforated by technological innovations.19
Although this is not the place to enter into the complex debate as to when information can be regarded as publicly available in the Internet Age, it is generally accepted that information is not publicly available (that is, it is private and confidential) in those circumstances where the actor that exercises control over the information ‘reasonably expects privacy’.20 In the cyber context, shielding electronic information behind a password-protected firewall is a strong indicator that the actor in control of that information regards it as confidential, as would the encryption of data. As this monograph progresses, we will see that reasonable expectations of privacy extend to metadata as well as content data, where metadata refers to ‘all other information about a communication other than the content; the where, when, who, how long, and how’.21
3.Cyber Espionage: The Copying of Confidential Data
Cyber espionage describes the use of cyber operations to copy22 confidential data that is resident in or transiting through cyberspace, even if it is not read or analysed.23 By focusing upon the copying of data, this definition emphasises that cyber espionage does not affect the availability or integrity of data or the networks and systems upon which that data resides. If a cyber operation results in data being lost or damaged, or otherwise affects the functionality of computer networks and systems, such an operation is properly classified as a cyber attack.24 As cyber attacks produce destructive effects they engage different international legal rules than acts of cyber espionage, which are exploitative in nature.25
Moreover, by defining cyber espionage as the copying of confidential data, this means that other operations and activities that are adjunct to cyber espionage fall outside the scope of this monograph and will not be the focus of international legal analysis. For example, this monograph is not concerned with the role of international law in regulating how information is used once it has been copied, such as where copied information is used to exert influence over the victim state or where stolen trade secrets are passed to domestic companies in order to confer upon them a competitive advantage.
4.Close and Remote Access Cyber Espionage
Cyber espionage can b...

Table of contents

  1. Cover
  2. Title Page
  3. Acknowledgements
  4. Table of Contents
  5. Table of Cases
  6. Table of Instruments
  7. Introduction
  8. 1. Defining Cyber Espionage
  9. 2. Cyber Espionage and International Peace and Security
  10. 3. Cyber Espionage and the Rules of Territorial Sovereignty, Non-Intervention and the Non-Use of Force
  11. 4. Cyber Espionage and Diplomatic and Consular Law
  12. 5. Cyber Espionage and International Human Rights Law
  13. 6. Economic Cyber Espionage and the World Trade Organization
  14. 7. Cyber Espionage and the Existence of Customary International Law Exceptions
  15. 8. Cyber Espionage and the Doctrines of Self-Defence and Necessity
  16. Conclusion
  17. Bibliography
  18. Index
  19. Copyright Page

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Cyber Espionage and International Law by Russell Buchan in PDF and/or ePUB format, as well as other popular books in Law & International Law. We have over 1.5 million books available in our catalogue for you to explore.