Skip to main content
Login | Suomeksi | På svenska | In English

Application of the Non-Intervention Principle to Low-Intensity Cyber Operations

Show simple item record 2015-12-07T07:00:25Z 2015-12-07T07:00:25Z 2015-12-07
dc.title Application of the Non-Intervention Principle to Low-Intensity Cyber Operations en
ethesis.discipline Kansainvälinen oikeus fi
ethesis.discipline International law en
ethesis.discipline Folkrätt sv
ethesis.faculty Faculty of Law en
ethesis.faculty Juridiska fakulteten sv
ethesis.faculty Oikeustieteellinen tiedekunta fi
ethesis.faculty.URI Helsingfors universitet sv University of Helsinki en Helsingin yliopisto fi
dct.creator Adamson, Liisi
dct.issued 2015
dct.language.ISO639-2 eng
dct.abstract Present work focuses on the non-intervention principle and low-intensity cyber operations. More specifically, its main question is, whether the principle of non-intervention applies to low-intensity cyber operations and if it does, is the legal framework of non-intervention principle an effective way to regulate peacetime low-intensity cyber operations. Information Age and the rapid development of ICTs have provided hostile actors the opportunity to exploit the advantages cyberspace offers. Fear for the largely unknown has fostered a rich academic debate around the applicability of the use of force and LOAC. Yet, all of the information operations we have seen thus far have remained under the Article 2(4) threshold and that will most likely be the trend also in the future. Low-intensity cyber operations, meaning those that do not produce any damage or the damage caused is insignificant, can affect severely the everyday functioning of a heavily technology dependent State. They are inexpensive, easy to deploy, effective and can be used during peacetime with the added benefit of attacker anonymity. Thus, understanding the international law framework covering such operations is of outmost importance. The thesis first looks at the concept of sovereignty in relation to cyberspace, since the non-intervention principle derives from the notion of sovereignty. Due to cyberspace’s intangible nature, two main misconceptions have arisen. Firstly, cyberspace is often mistakenly found to be part of the global commons. Secondly, cyberspace is often seen as a domain, where States cannot assert their authority. Whilst addressing those two misconceptions, it is concluded that neither of those arguments is particularly true. States can exercise sovereignty and assert authority over the information infrastructure located in their territory. Theoretical framework of the non-intervention principle sets forth that the principle has a dual legal basis. Grounded on the one hand in treaty law and on the other hand customary international law, the principle was most clearly delineated by the UN from 1960s to 1980s. Generally, the non-intervention principle is said to consist of two elements: coercion and intervention that affects the internal or external affairs of the State. It is established that the nature of coercion has changed over time. That is also what this present work is grounded in. Cyber operations represent the next step in the evolution of States’ interventionist means. Whilst applying the international law framework of non-intervention principle to low-intensity cyber operations it becomes clear that the standards applied within the framework are too high to effectively regulate such offensive operations. The scope of States’ margin of appreciation regarding domaine réservé has been significantly reduced and the level of coercion needed to effectively apply the non-intervention principle does not correspond to today’s security environment. States are increasingly using cyber operations to achieve their strategic goals. From Estonia in 2007 to Sony in 2014 the interventionist means of States have grown to be less intensive, yet more penetrating, long-term and effective. A vivid example is cyber espionage, which is often disregarded in the discourse as a matter that is already resolved. Yet, as the cyber means grow more effective, cyber espionage through low-intensity cyber operations becomes more penetrative and the line between violation of sovereignty and non-intervention principle becomes clouded. In order for a cyber operation to breach the non-intervention principle, it must have a coercive nature and not be categorised as mere intrusion. The examples of State-on-State cyber operations show that none of the known cyber attacks has crossed the UN Charter Article 2(4) threshold. Instead they could be seen as unlawful interventions if extensive interpretation is applied. That leads to the second question of the present work: is the non-intervention principle effective in tackling the low-intensity cyber operations? Whereas the framework of the non-intervention principle is valid and relevant, the standards applied therein, developed close to three decades ago, do not adequately consider the changed security landscape of the 21st century. While the security threats become more penetrative and invasive, yet the interventionist means become low-intensity, the international community must look for feasible solutions for the technology future to come. en
dct.language en
ethesis.language English en
ethesis.language englanti fi
ethesis.language engelska sv
ethesis.thesistype pro gradu -tutkielmat fi
ethesis.thesistype master's thesis en
ethesis.thesistype pro gradu-avhandlingar sv
dct.identifier.ethesis E-thesisID:f786f72e-b203-413a-a31c-cff13cc90455
ethesis-internal.timestamp.reviewStep 2015-11-03 15:12:26:717
dct.identifier.urn URN:NBN:fi:hulib-201512073885
dc.type.dcmitype Text

Files in this item

Files Size Format View
Thesis_Helsinki_Adamson.pdf 1.193Mb PDF

This item appears in the following Collection(s)

Show simple item record