Dr. Ken Brown

Abstract

This report critically examines the widely accepted contention that extant international law applies to cyberspace. Specially, it evaluates how current interpretations of the principles on the use of force and nonintervention apply to the domain and whether this reflects state behaviors. By analyzing the provisions in light of three major cyber events – Estonia (2007), Stuxnet (2009-2010), and the 2016 US presidential election – the article finds that the law contains serious gaps and is inconsistent with state practice. Thus, despite scholars’ claims to the contrary, a legal vacuum exists. To address this lacuna, the article argues that the US and like minded nations, supported by scholarly research, should engage in a purposeful effort to develop a new legal paradigm that is tailored to the domain and consistent with state practice. By looking to other historical efforts, such as those focused on international law relating to the sea, civil air transportation, and terrorism, the article draws important lessons on how best to build a new paradigm that, over time, would greatly improve the legal framework.

See below for full report