And where humans tread, trouble follows. Cyberspace is no exception. In fact, this column exists only by the grace of this trouble. The trouble to which I am referring? Cyberstalking. Bank account theft. Disruption of securities trading markets. Outright warfare between two sovereign countries. And other malicious acts that are too numerous to mention.
What do humans do when there is trouble? Write rules. Unfortunately, the rules of cyber conduct can be difficult to pin down, much like religion. This difficulty, however, did not stop NATO’s cyber defense center from trying to craft its own set of rules for the world to follow. The results of their four-year effort? The Tallinn Manual* (named after a city in Estonia, recipient of the first publicly-known target of politically motivated cyberattacks, in April 2007).
The Tallinn Manual argues that “existing law broadly applies to cyberspace.” With this one bold conclusion, those operating in the world of cyberspace now have their rules of conduct. Simple as that. Next?
A recent analysis in The Economist posits that “such rules would be helpful if law-abiding countries went to war (Sweden against Canada, for example).” But doubts about the Tallinn rules run rampant. Why? Quite simply, those launching the cyberattacks are unlikely to pay attention to any such rules. Countries like North Korea, for example, might rather play by their own rules.
Alas, war in cyberspace will be conducted by man’s rules. Or depending on the man, by the Devil’s rules.
*”The Tallinn Manual on the International Law applicable to Cyber Warfare”. Cambridge, 2013.("Word Law in Dictionary" image: Jeroen van Oostrom/FreeDigitalPhotos.net)