Discussion 2
post91
cyberspace.pdf
Journal of Conflict & Security Law � Oxford University Press 2016; all rights reserved. For permissions, please e-mail: [email protected] doi:10.1093/jcsl/krw013 Advance Access published on 18 September 2016 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cyberspace, Terrorism and International Law
David P. Fidler*
Abstract
Governments have long worried about terrorists using the Internet to launch
cyberattacks, spread propaganda, recruit and radicalise individuals and raise
funds. However, the Islamic State’s exploitation of social media has caused a
crisis and generated questions about international law’s role in addressing terror-
ism in cyberspace. This article analyzes international law in connection with po-
tential terrorist cyberattacks and terrorist use of cyber technologies for other
purposes. International law is not well positioned to support responses to terrorist
cyberattacks, but the lack of such attacks to date undermines incentives for states
to develop international law against this threat. In terms of terrorists using the
Internet and social media for propaganda, radicalisation, recruiting and fundrais-
ing, the crisis caused by the Islamic State’s online activities has not created con-
sensus strong enough to support a prominent role for international law in
countering cyber-facilitated terrorism.
1. Introduction
The Internet’s global emergence has long produced worries about terrorism in
cyberspace. In the USA, President Bill Clinton feared terrorist cyberattacks
against critical infrastructure in the late 1990s,1 and, reacting to the San
Bernardino shootings in December 2015, politicians demanded action against
terrorist exploitation of social media.2 Despite two decades of concerns, states
have not developed much international law addressing terrorism in cyberspace. New developments, such as anxieties about terrorist use of encryption3 and
* James Louis Calamaras Professor of Law, Indiana University Maurer School of Law; Adjunct Senior Fellow for Cybersecurity, Council on Foreign Relations; and Chair, International Law Association Study Group on Cybersecurity, Terrorism, and International Law. [email protected]. Section 3 of this article draws on the ILA Study Group’s work.
1 Presidential Decision Directive/NSC-63 (The White House, Washington, 22 May 1998) 5http://fas.org/irp/offdocs/pdd/pdd-63.htm4 accessed 30 August 2016.
2 DP Fidler, ‘Cyber Policy after the Paris and San Bernardino Terrorist Attacks’ (Net Politics, 8 December 2015) 5http://blogs.cfr.org/cyber/2015/12/08/cyber-policy-after- the-paris-and-san-bernardino-terrorist-attacks/4 accessed 20 March 2016.
3 ‘Cyber-Security: The Terrorist in the Data’ The Economist (London, 29 November 2015) 5www.economist.com/news/briefing/21679266-how-balance-security-privacy-after-paris-at- tacks-terrorist-data4 accessed 20 March 2016.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Journal of Conflict & Security Law (2016), Vol. 21 No. 3, 475–493
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
military cyberattacks against terrorist online capabilities,4 are unlikely to gen-
erate new international law. Explaining this reality requires understanding that
certain terrorist uses of information and communication technologies (ICTs)
have not materialised, while others confound states in ways that produce little
consensus about how to respond.
This article analyzes the international legal landscape of terrorism in cyber-
space in order to explain how it emerged, what it includes and whether changing
international law in this context is appropriate and feasible. After considering preliminary issues for international law in the relationship between terrorism
and cyberspace (Section 2), the article examines international law in connection
with terrorists launching cyberattacks (Section 3). It then explores the interna-
tional legal implications of cyber-enabled terrorist activities, such as spreading
propaganda and radicalisation (Section 4). What emerges is a conundrum—pro-
spects for international law are least apparent where terrorism in cyberspace has
become a global crisis.
2. Terrorism, Cyberspace and International Law: Preliminary Considerations
After the Cold War, governments fretted that terrorists would weaponise nu-
clear, biological, chemical and cyber technologies. These concerns arose with
global technological dissemination and with shifts in terrorist motivations to-
ward inflicting large-scale death and damage on civilians. Within high-tech ter- rorism, cyber technologies are distinct because they are:
. more accessible, cheaper, less risky and more malleable than nuclear, bio- logical and chemical materials; and
. offer ways to attack across a spectrum of consequences, gather intelli- gence, communicate in planning and conducting operations, spread propa-
ganda, engage in ‘virtual’ criminal activities and raise financial resources.
These attributes have provoked questions about what ‘cyber terrorism’
means,5 questions that did not arise with terrorism involving weapons of mass
destruction (WMD). These questions converged with other controversies. States have not agreed on a definition of ‘terrorism’, opting to define criminal offences
in specific contexts as part of addressing terrorist threats.6 This outcome reflects
4 DP Fidler, ‘Send in the Malware: U.S. Cyber Command Attacks the Islamic State’ (Net Politics, 9 March 2016) 5http://blogs.cfr.org/cyber/2016/03/09/send-in-the-mal- ware-u-s-cyber-command-attacks-the-islamic-state/4 accessed 20 March 2016.
5 CA Theohary and JW Rollins, Cyberwarfare and Cyberterrorism: In Brief (Congressional Research Service, 27 March 2015) 5http://fas.org/sgp/crs/natsec/ R43955.pdf4 accessed 20 March 2016.
6 B Saul, Defining Terrorism in International Law (OUP 2008).
476 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
a desire by many states to retain discretion over what terrorism means and how
to respond to it. Governments have used this discretion in characterising oppos-
ition to their policies, legitimacy and power as terrorism—behaviour criticised
for repressing dissent, violating human rights and degrading prospects for demo-
cratic governance.7
The multifunctional nature of cyber technologies provides ammunition for
defining ‘cyber terrorism’ narrowly and broadly. States worried about the do-
mestic political consequences of Internet access tend to favor broad definitions
of cyber terrorism. Conversely, the legitimacy of many cyber activities supports
defining cyber terrorism narrowly—as terrorist attacks perpetrated through
ICTs. Spreading propaganda and radicalising people through social media by
the so-called Islamic State are cyber-enabled forms of terrorism that fall be-
tween these narrow and broad definitions. Islamic State propaganda can terror-
ise civilians by spreading fear through execution videos, incite terrorist violence
by radicalising people, and inspire support by depicting efforts to build the
caliphate.8
This relationship between terrorism and cyberspace means the range of inter-
national legal issues it touches is complex. Terrorists have always used new
technologies, but policymakers did not single out, for example, ‘mobile phone
terrorism’. The Internet’s impact has been more transformative. Similarly,
approaches to preventing terrorists from weaponising other technologies do
not work in the cyber context, which forces policy to pursue other strategies
to thwart terrorist interest in cyber weapons.
Despite the implications of terrorism’s relationship with cyberspace, the applic-
able international law consists mainly of rules not developed for the challenges
ICTs present. These legacy rules mean terrorist use of ICTs does not occur in a
legal void. However, the trajectory of terrorism in cyberspace casts harsh light on
international law and forces policymakers to ask whether they need to develop it
to address terrorism in cyberspace effectively. Reform would confront challenges,
including disagreements about how to define terrorism, lack of consensus on what
key legal principles mean, and political competition over issues—such as Internet
governance—not specific to terrorism. These challenges limit what might be pos-
sible in making international law more responsive to terrorism in cyberspace.
3. Cyberattacks by Terrorists and International Law
Preventing, protecting against and responding to terrorist attacks preoccupy
counter-terrorism policy. The same is true for potential terrorist use of ICTs
7 Office of the UN High Commission for Human Rights, Human Rights, Terrorism, and Counter-Terrorism (Fact Sheet No 32, 2008) 5www.ohchr.org/Documents/ Publications/Factsheet32EN.pdf4 accessed 20 March 2016.
8 C Winter, The ‘Virtual’ Caliphate: Understanding Islamic State’s Propaganda Strategy (Quillium Foundation 2015).
Cyberspace, Terrorism and International Law 477
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
to attack cyber-enabled infrastructure, facilities or services. Fear of terrorist
cyberattacks has grown as dependence on ICTs deepened and as the skills
and means to launch such attacks disseminated.9 However, terrorists have not
shown much interest in, or abilities to undertake, cyberattacks. Whatever else
explains this state of affairs, international law deserves no credit for it.
Despite years of concern, states have adopted few international instruments
addressing cyberattacks by terrorists. In countering conventional and WMD
terrorism, states negotiated treaties that define terrorist offences, require parties
to criminalise and exercise jurisdiction over the offences, and engage in law
enforcement cooperation.10 Most of these treaties apply to conventional terror-
ism, but some cover attacks involving biological, chemical and nuclear agents
that have rarely or not yet occurred.11 Of the multilateral treaties, only two on
civil aviation (which are not in force) expressly include cyberattacks.12 The only
regional terrorism agreement mentioning cyber comes from the Association of
South East Asian Nations (ASEAN). It encourages cooperation on various
forms of terrorism, including cyber terrorism,13 but the ASEAN agreement
does not include cyberattacks as a criminal offence. Similarly, United Nations
(UN) Security Council decisions that impose binding counter-terrorism duties
do not mention cyberattacks.14
Existing international law on terrorism does not apply well to possible
cyberattacks by terrorists. States could interpret certain multilateral treaties to
apply to such attacks,15 but this approach produces limited coverage under
agreements designed for noncyber forms of terrorism. Regional treaties often
use the offences defined in the multilateral agreements,16 which extends this
9 D Paletta, ‘FBI Director Sees Increasing Terrorist Interest in Cyberattacks against U.S.’ Wall Street Journal (New York City, 22 July 2015) 5www.wsj.com/articles/fbi- director-sees-increasing-terrorist-interest-in-cyberattacks-against-u-s-14376192974 accessed 20 March 2016.
10 UN, International Instruments Related to the Prevention and Suppression of International Terrorism (UN 2008).
11 International Convention for the Suppression of Terrorist Bombings (adopted 15 December 1997, entered into force 23 May 2001) 2149 UNTS 256; International Convention for the Suppression of Acts of Nuclear Terrorism (adopted 13 April 2005, not yet entered into force) 2445 UNTS 89.
12 Protocol Supplemental to the Convention for the Suppression of Unlawful Seizure of Aircraft (10 September 2010) ICAO Doc 9959; Convention on the Suppression of Unlawful Acts Relating to International Civil Aviation (adopted 10 September 2010, not yet entered into force) ICAO Doc 9960.
13 ASEAN Convention on Counter Terrorism (13 January 2007)5www.asean.org/news/ item/asean-convention-on-counter-terrorism4 accessed 20 March 2016.
14 UNSC Res 1373 (28 September 2001) UN Doc S/RES/1373; UNSC Res 1540(28 April 2004) UN Doc S/RES/1540; UNSC Res 2178 (24 September 2014) UN Doc S/RES/ 2178.
15 B Saul and K Heath, ‘Cyber Terrorism’ in N Tsagourias and R Buchan (eds), Research Handbook on International Law and Cyberspace (Edward Elgar 2015) 147–67.
16 See, for example, ASEAN Convention on Counter Terrorism (n 13).
478 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
patchwork coverage into regional contexts. Security Council resolutions are
broad enough to cover terrorist cyberattacks. However, neither the Security
Council nor its Counter-Terrorism Committee (CTC)17 has focused much on
the threat of such attacks.
While cyberattacks could qualify as offences in some treaties, cyber technol-
ogies raise challenges different from terrorism involving conventional weapons
or WMD agents. The treaties apply a criminal law approach, which requires
identifying those responsible for terrorist offences. Although identifying perpet- rators of conventional terrorism can be difficult, attribution in the cyber context
is more challenging.18 For example, the Islamic State’s so-called ‘Cyber
Caliphate’ claimed responsibility for attacking a French television station,
which French officials asserted was terrorism.19 France later indicated Russian
hackers were to blame—at which point attribution remained unclear, as did
whether the incident was terrorism.20
A second feature of cyber technologies is the range of consequences they
permit attacks to achieve—from disruption to destruction. Offences in antiter- rorism treaties typically require the act in question to result in, or be intended to
produce, injury, death or serious property damage.21 These thresholds create the
potential for terrorists to engage in cyberattacks underneath them and not
commit a terrorist offence. The Cyber Caliphate claimed responsibility for tem-
porarily disrupting social media channels of US Central Command. The US
Government dismissed the incident as ‘cyber vandalism’.22 The USA would
never classify a biological attack by terrorists on its military as ‘bio vandalism’,
even if the attack only caused temporary, limited disruption. This incident
17 Security Council Counter-Terrorism Committee5www.un.org/en/sc/ctc/4accessed 20 March 2016.
18 N Tsagourias, ‘Cyber Attacks, Self-Defence and the Problem of Attribution’ (2012) 17(2) J Conflict & Secur L 229. On the topic of attribution in cyberspace, see K Mač ák, ‘Decoding Article 8 of the International Law Commission’s Articles on State Responsibility: Attribution of Cyber Operations by Non-State Actors’ (in this volume) J Conflict & Secur L.
19 A Chrisafis and S Gibbs, ‘French Media Groups to Hold Emergency Meeting after ISIS Cyber-Attack’ The Guardian (London, 9 April 2015) 5www.theguardian.com/ world/2015/apr/09/french-tv-network-tv5monde-hijacked-by-pro-isis-hackers4 ac- cessed 20 March 2016.
20 J Lichfield, ‘TV5Monde Hack: “Jihadist Cyber Attack on French TV State Could Have Russian Link” ’ The Independent (London, 10 June 2015) 5www.independent. co.uk/news/world/europe/tv5monde-hack-jihadist-cyber-attack-on-french-tv-station- could-have-russian-link-10311213.html4 accessed 20 March 2016.
21 The draft Comprehensive Convention on International Terrorism reflects this pattern by defining offences as acts that cause death or seriously bodily injury, serious damage to property, or property damage that causes major economic loss. UNGA ‘Letter dated 3 August 2005 from the Chairman of the Sixth Committee addressed to the President of the General Assembly’ (12 August 2005) UN Doc A/59/894, app II (hereinafter Draft Comprehensive Convention).
22 US Department of Defense, ‘CENTCOM Acknowledges Social Media Sites “Compromised”’ (12 January 2015) 5www.defense.gov/news/newsarticle. aspx?id¼123956&source¼GovDelivery4 accessed 20 March 2016.
Cyberspace, Terrorism and International Law 479
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
highlights the range of consequences cyber technologies make possible and dif-
ferent perceptions about cyberattacks.
These consequences and perceptions raise questions whether certain cyberat-
tacks, such as corrupting or deleting stored data without destroying physical
property, qualify as damage in antiterrorism treaties. Such questions implicate
treaty interpretation and could generate disagreements about applying these
treaties to cyberattacks and prevent their use in responding to cyberattacks by
terrorists (assuming attribution was feasible). These problems might counsel
developing a treaty designed to address what cyber technologies enable terror-
ists to do.
Whether customary international law offers guidance with respect to terror-
ism has proved controversial. The Special Tribunal for Lebanon held customary
international law recognises a crime of international terrorism,23 the elements of
which could encompass terrorist cyberattacks.24 However, this ruling has been
criticised.25 In addition, finding evidence the decision affected state behaviour is
difficult, suggesting state practice does not support the tribunal’s reading of
custom. Hence, the tribunal’s crime of international terrorism does not provide
a strong basis in international law for addressing terrorist cyberattacks.
Beyond international law on terrorism, states could respond to terrorist
cyberattacks by applying treaties on cybercrime, transnational organised
crime, extradition and mutual legal assistance. Relying on such instruments
would run counter to state preferences for distinguishing terrorism from other
crimes. Existing cybercrime treaties are largely regional in membership with
limited numbers of parties. The Council of Europe’s Convention on
Cybercrime has the largest number of parties, but only 48 countries, predomin-
antly European, have joined.26 The UN Convention against Transnational
Organized Crime has 186 parties,27 but this regime has not focused on or
deterred cybercrime. Extradition agreements and mutual legal assistance trea-
ties (MLATs) are mainly bilateral, making their application to terrorist cyberat-
tacks dependent on the politics of bilateral relations. MLATs are difficult to use
23 Special Tribunal for Lebanon (Interlocutory Decision on the Applicable Law) STL- 11-01/I (16 February 2011).
24 ibid, para 85. 25 See, for example, B Saul, ‘Legislating from a Radical Hague: The United Nations
Tribunal for Lebanon Invents an International Crime of Transnational Terrorism’ (2011) 24(3) Leiden J Intl L 677.
26 Convention on Cybercrime (23 November 2001) Council of Europe Treaty Series No 185; Convention on Cybercrime Status (as of 16 March 2016) 5http://conventions.coe. int/Treaty/Commun/ChercheSig.asp?NT¼185&CM¼1&DF¼20/02/2015&CL¼ENG4 accessed 20 March 2016.
27 UN Convention against Transnational Organized Crime (15 November 2000, entered into force 29 September 2003) 2225 UNTS 209; UN Convention against Transnational Organized Crime: Status of Ratification (as of 16 March 2016)5https://treaties.un.org/ Pages/ViewDetails.aspx?src¼TREATY&mtdsg_no¼XVIII-12&chap- ter¼18&lang¼en4 accessed 20 March 2016.
480 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
effectively against crimes involving digital evidence,28 which would happen with
investigating terrorist cyberattacks.
In terms of new treaty law, countries have been negotiating the proposed
Comprehensive Convention on International Terrorism since the latter half of
the1990s,29 a period corresponding to the rise of worries about terrorist cyberat-
tacks. The offence defined in the draft text is broad enough to be applicable to
cyberattacks.30 However, negotiations have not concluded after nearly 20 years,
and the possibility of terrorist cyberattacks has not catalyzed conclusion of these talks, which remain deadlocked over issues having nothing to do with
cyberspace.
Strategies used to keep dangerous materials away from terrorists have no
counterparts when cyberattacks are the concern. States developed treaties to
protect nuclear materials in transport31 and to mark plastic explosives32 as coun-
ter-terrorism measures, and nonproliferation agreements on nuclear, biological
and chemical weapons are considered helpful in keeping WMD materials away
from terrorists. Similarly, the Security Council mandated that UN Member States prevent terrorists from acquiring WMD materials.33 Transposing this ap-
proach to the cyber context is not promising. Unlike physical materials subject
to antiterrorism protections, cyber weapons are software code.
Attempts to block exports of certain surveillance technologies and intrusion
software to repressive governments on human rights grounds demonstrate the
difficulties and controversies that arise with restricting access to digital informa-
tion.34 Similar problems emerged with policy on handling exploitable flaws in
software not identified by the vendor or users.35 Preventing terrorists from get- ting access to such ‘zero day’ vulnerabilities is difficult because the vulnerabil-
ities are simply information rather than material that can be physically
controlled. The best way to prevent access is to disclose and patch vulnerabilities
as they are discovered, but disclosure does not always happen because undis-
closed vulnerabilities have law enforcement, intelligence and military value.36
28 AK Woods, Data Beyond Borders: Mutual Legal Assistance in the Internet Age (Global Network Initiative, January 2015) 5http://csis.org/files/attachments/ GNI%20MLAT%20Report.pdf4 accessed 20 March 2016.
29 UNGA Res 51/210 ‘Measures to Eliminate International Terrorism’ (17 December 1996) UN Doc A/RES/51/210.
30 Draft Comprehensive Convention (n 21). 31 Convention on the Physical Protection of Nuclear Material (adopted 26 October 1979,
entered into force 8 February 1987) 1456 UNTS 124. 32 Convention on the Marking of Plastic Explosives for the Purpose of Detection
(adopted 1 March 1991, entered into force 21 June 1998) 2122 UNTS 359. 33 Resolution 1540 (n 14). 34 Wassenaar Arrangement, List of Dual-Use Goods and Technologies and Munitions
List, WA-LIST (13) 1 (4 December 2013); K Zetter, ‘Why an Arms Control Pact Has Security Experts Up in Arms’ Wired (New York City, 24 June 2015) 5www.wired. com/2015/06/arms-control-pact-security-experts-arms/4 accessed 20 March 2016.
35 P Stockton and M Golabek-Goldman, ‘Curbing the Market for Cyber Weapons’ (2013) 32 Yale L & Policy Rev 101; M Fidler, ‘Regulating the Zero-Day Vulnerability Trade: A Preliminary Analysis’ (2015) 11(2) J L & Pol Inform Soc 405.
Cyberspace, Terrorism and International Law 481
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
Further, software vulnerabilities, malware to exploit them, and skills to launch
cyberattacks are globally distributed and accessible to terrorists.
Counter-terrorism policies also emphasise protecting societies from terrorist
attacks, especially critical infrastructure. Cybersecurity thinking similarly stres-
ses ‘hardening the target’, especially cyber-enabled critical infrastructure,
against cyberattacks regardless of the source37—an ‘all hazards’ protection strat-
egy.38 Governments can often pursue this objective without international law
because most critical infrastructure is within their territorial jurisdictions.
However, the need for critical infrastructure protection is producing interna-
tional cooperation and international law. Regional organisations, such as
ASEAN, the European Union (EU), and the Organization of American
States (OAS),39 and security regimes, such as the North Atlantic Treaty
Organization (NATO),40 promote cooperation on critical infrastructure protec-
tion. Within treaties that address critical infrastructure sectors—such as civil
aviation,41 maritime transport42 and nuclear safety43—international organisa-
tions are paying more attention to cybersecurity. States in different geographical
and political contexts are using international legal instruments to increase pro-
tection of cyber-enabled critical infrastructure.44 These activities are recent, so
they are not responsible for the lack of terrorist cyberattacks. Whether these
36 D Sanger, ‘Obama Lets N.S.A. Exploit Some Internet Flaws, Officials Say’ New York Times (New York City, 13 April 2014).
37 National Institute of Standards and Technology, Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0 (12 February 2014) 5www.nist.gov/cyberfra- mework/upload/cybersecurity-framework-021214.pdf4.
38 DP Fidler, ‘Whither the Web? International Law, Cybersecurity, and Critical Infrastructure Protection’ (October 2015) Georgetown J Intl Aff 8.
39 CH Heinl, ‘Regional Cyber Security: Towards a Resilient ASEAN Cyber Security Regime’ (2013) RSIS Working Paper No 263; European Commission, ‘Critical Infrastructure’ 5http://ec.europa.eu/dgs/home-affairs/what-we-do/policies/crisis-and- terrorism-critical-infrastructure/index_en.htm4 accessed 20 March 2016; OAS, ‘Critical Infrastructure Protection Programs: Cyber Security’ 5www.oas.org/en/sms/ cicte/programs_cyber.asp4 accessed 20 March 2016.
40 M Edwards (ed), Critical Infrastructure Protection, NATO Science for Peace and Security Series 116 (IOS Press 2014).
41 R Benjamin, ‘Meeting a Global Threat with a Global Response: Aviation’s Collaborative and Multidisciplinary Actions on Cybersecurity’ (Autumn 2015) Cyber Secur Rev 38.
42 International Maritime Organization, ‘Maritime Security’ 5www.imo.org/en/ MediaCenre/HotTopics/priacy/Pages/default.aspx4 accessed 20 March 2016.
43 International Atomic Energy Agency, Nuclear Security Plan 2014-2017 (3 August 2013) GOV/2013/42-GC(57)/19.
44 Council Directive 2008/114/EC of 8 December 2008 on the Identification and Designation of European Critical Infrastructure and the Assessment of the Need to Improve Their Protection [2008] OJ L/345/75; Shanghai Cooperation Organization, Agreement on Cooperation in the Field of International Information Security (16 June 2009) 5https:// ccdcoe.org/sites/default/files/documents/SCO-090616-IISAgreement.pdf4 accessed 20 March 2016; African Union, Convention on Cyber Security and Personal Data Protection (27 June 2014) EX.CL/846(XXV).
482 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
efforts produce better cybersecurity and, thus, deter attacks on critical infra-
structure remains to be seen.
Counter-terrorism policies underscore the need for resilience—the ability to
identify terrorist attacks, control the damage and recover. Cybersecurity policy
also highlights resilience as critical, and resilience informs development of na-
tional computer incident or emergency response teams and cooperation among
them. However, cooperation on cyber resilience before or after an incident
happens without international legal obligations, which mirrors international
law on terrorism. Apart from obligations on law enforcement cooperation,
antiterrorism treaties do not include duties to provide assistance to parties at-
tacked by terrorists. This state of affairs also reflects the lack of legal obligations
on states to assist countries hit by natural disasters.45 Discussion of a duty to
assist countries experiencing cyberattacks has framed the duty as a nonbinding,
or ‘soft law’, responsibility.46
This analysis of counter-terrorism activities from antiterrorism treaties to
post-attack resilience demonstrates international law is not well developed re-
garding terrorist cyberattacks. Thus, international law is a nonfactor in explain-
ing why terrorists have not engaged in such attacks. Options for strengthening
international law against terrorist cyberattacks exist, including clarification of
the applicability of certain antiterrorism treaties, protection of cyber-enabled
critical infrastructure, and negotiation of a treaty on terrorist cyberattacks.
However, the absence of attacks weakens incentives for states to tackle this
threat. International law on terrorism has largely developed through states
reacting to terrorist violence. This pattern casts doubt on whether states
would develop international law in the absence of terrorist cyberattacks. The
most promising options arise where developing international law would pay
dividends against cyber incidents regardless of their source. Strengthening
cybersecurity in critical infrastructure would protect against intrusions by ter-
rorists, spies, militaries and criminals. Unlike the disinterest terrorists have
demonstrated, criminals, military forces and intelligence agencies pose clear
dangers in cyberspace, providing incentives for states to use international law
to advance ‘all hazards’ strategies for improving cybersecurity in the public and
private sectors.
After the 9/11 attacks, states realised the reactive nature of counter-terrorism
policy and law was insufficient, which led to emphasis on preventing terrorist
violence. Some efforts focused on preventing incitement to terrorism (Section
4), while others sought to interdict terrorist plots before attacks happened.
Preventive strategies generated controversies under international human
rights law. Governments argued that stopping attacks required heightened
45 DP Fidler, ‘Disaster Relief and Governance after the Indian Ocean Tsunami: What Role for International Law?’ (2005) 6 Melbourne J Intl L 458.
46 D Hollis and T Maurer, ‘A Red Cross for Cyberspace’ Time (New York City, 18 February 2015) 5http://time.com/3713226/red-cross-cyberspace/4 accessed 20 March 2016.
Cyberspace, Terrorism and International Law 483
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
surveillance to identify terrorist communications, networks and operations. For
human rights advocates, expanded surveillance risked violating privacy and the
freedoms of opinion, expression and association.47 Disclosure of surveillance
programs by Edward Snowden heightened these concerns and prompted efforts
to protect human rights against expansive surveillance.48 Human rights contro-
versies surrounding counter-terrorism surveillance have not dissipated because
new attacks, such as those in Paris and San Bernardino in 2015, repeatedly roil
these waters. Government interest in surveillance applies equally to the desire to prevent terrorist cyberattacks, but this desire does not produce equilibrium be-
tween political demand for expansive surveillance and human rights opposition
to it.
The lack of terrorist cyberattacks keeps some issues in the realm of specula-
tion, including those related to the use of force. Conventional terrorism sparked
debates about when actual or anticipated terrorist violence triggers a state’s
right to use force in self-defense.49 Inserting terrorist cyberattacks into these
debates does not resolve controversies about, for example, the ‘armed attack’ threshold, the preventive use of force against terrorist groups, and whether
states have the right to use force against terrorists located in countries unable
or unwilling to deal with them.
4. Cyber-Enabled Terrorist Activities and International Law
Before the Islamic State emerged, governments understood terrorists used cyberspace to communicate, spread propaganda, radicalise, recruit and fun-
draise.50 In addressing terrorist use of the Internet, states identified the need
to improve surveillance of communications, facilitate intelligence and law en-
forcement cooperation, prevent incitement to terrorism, and stop terrorist re-
cruiting and fundraising. However, the Islamic State’s unprecedented use of the
Internet and social media has seriously challenged counter-terrorism policy and
international law.
The Islamic State has taken cyber-enabled strategies and tactics farther than any previous terrorist group, which is why its behaviour in cyberspace has
become a counter-terrorism crisis. This crisis suggests that policy and law,
47 UNHRC Report of the Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression (16 May 2011) UN Doc A/HRC/17/27.
48 UN GA Res 68/167 ‘The Right to Privacy in the Digital Age’ (18 December 2013) UN Doc A/RES/68/167; UNGA The Right to Privacy in the Digital Age: Report of the Office of the UN High Commissioner for Human Rights’ (30 June 2014) UN Doc A/ HRC/27/37.
49 C Tams, ‘The Use of Force against Terrorists’ (2009) 20(2) European J Intl L 359–97; D Bethlehem, ‘Principles Relevant to the Scope of a State’s Right of Self-Defense Against an Imminent or Actual Armed Attack by Nonstate Actors’ (2012) 106(4) American J Intl L 770.
50 UN Office on Drugs and Crime, The Use of the Internet for Terrorist Purposes (UN 2012).
484 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
including international law, crafted before the Islamic State became a threat,
failed to prevent the group from making cyberspace a strategic asset. This failure
prompts the need for new approaches, but, at present, more disagreement than
consensus exists among states—and even within states—on how to cope with the
crisis.
In international law, the Islamic State’s cyber-enabled activities have least
battered the rules on suppression of terrorist financing. Under treaty law and
binding Security Council mandates, states have obligations to stop the financing
of terrorism.51 However, the Islamic State’s finances rely primarily on funds
generated within territories it controls, such as taxes, oil revenues and criminal
schemes (eg ransom kidnapping, selling looted antiquities).52 Although the
system to suppress terrorist financing limits the Islamic State’s ability to move
large sums through formal channels, the Islamic State has managed to fund
itself. The system is not necessarily broken,53 but it has limitations when terror-
ists have funding not vulnerable to foreign and global financial mechanisms.54
After 9/11 and other terrorist attacks, counter-terrorism policies began to
target incitement of terrorism as a problem the Internet exacerbates. In May
2005, the Council of Europe adopted a treaty that requires parties to criminalise
provocation to commit offences defined in the multilateral antiterrorism trea-
ties.55 In Resolution 1624 (2005) adopted in September 2005, the Security
Council encouraged (but did not mandate) UN Member States to prohibit in-
citement to commit terrorism, prevent incitement and deny safe-haven to per-
sons guilty of incitement.56
This emphasis on incitement provoked human rights concerns.57 Human
rights advocates worried governments would define ‘terrorism’ broadly in im-
plementing Resolution 1624 (2005), repress speech and association, and violate
51 International Convention for the Suppression of the Financing of Terrorism (adopted 9 December 1999, entered into force 10 April 2002) 2178 UNTS 197; Resolution 1373 (n 14).
52 A Swanson, ‘How the Islamic State Makes Its Money’ Washington Post (Washington, DC, 18 November 2015) 5www.washingtonpost.com/news/wonk/wp/2015/11/18/how- isis-makes-its-money/4 accessed 20 March 2016.
53 The Security Council has repeatedly reinforced the importance of countering terrorist financing. See, for example, UNSC Res 2253 (17 December 2015 ) UN Doc S/RES/ 2253.
54 For analysis on terrorist financing with information on the Islamic State, see Financial Action Task Force, Emerging Terrorist Financing Risks (October 2015) 5www.fatf- gafi.org/publications/methodsandtrends/documents/emerging-terrorist-financing-risks. html4 accessed 20 March 2016.
55 Convention on the Prevention of Terrorism (16 May 2005), Council of Europe Treaty Series No 196.
56 UNSC Res (14 September 2005) UN Doc S/RES/1624; UNCTC, ‘Global Survey of the Implementation by Member States of Security Council Resolution 1624 (2005)’ (9 January 2012) UN Doc S/2012/16. See also Resolution 2178 (n 14).
57 See, for example, UNHRC ‘Report of the Special Rapporteur on the Promotion and Protection of Human Rights and Fundamental Freedoms While Countering Terrorism’, (22 February 2016) UN Doc A/HRC/31/65, paras 23–24.
Cyberspace, Terrorism and International Law 485
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
privacy. Resolution 1624 (2005) does not link ‘incitement to terrorism’ to the
offences in multilateral antiterrorism treaties, as the Council of Europe’s treaty
does. In that respect, Resolution 1624 (2005) highlights the lack of a definition of
‘terrorism’ in international law and agitates criticisms of expansive counter-ter-
rorism policies infringing on rights and liberties protected by international law.
Social media’s explosive development after Resolution 1624 (2005) made this
tension between counter-terrorism and human rights worse. Founded in 2004,
Facebook became open to anyone with an email address in 200658 and Twitter
came online in 2006.59 Since establishment, these and other platforms grew to
serve billions of users and expanded ways to share information, communicate
and associate. However, social media became a law enforcement and national
security concern because the platforms provided cheap, accessible, versatile and
globally distributed capabilities for terrorist communications, recruitment, rad-
icalisation and propaganda.
These worries were not unfounded, as the Islamic State’s use of social media
to radicalise individuals demonstrates.60 However, law enforcement and na-
tional security rationales also informed how governments elastically define ter-
rorism. Human rights principles were under pressure from both democratic
governments trying to balance counter-terrorism with individual rights and au-
thoritarian governments uninterested in protecting rights. Social media compa-
nies found themselves squeezed by Islamic State abuse of their services,
demands from governments to curb such abuse, and their commitments to priv-
acy and free expression for customers. Policy discussions about the Islamic State’s use of social media focus on ‘coun-
ter content’ and ‘counter narrative’ approaches. Counter-content strategies seek
to identify and remove terrorist online propaganda and activity. Counter-
narrative policies disseminate information that challenges Islamic State
propaganda, disrupts use of social media to radicalise individuals and offers
alternative messages to those that provide the Islamic State attention and ad-
herents. Counter-content and counter-narrative approaches represent ways to
combat incitement to terrorism, including radicalisation and recruitment.
In terms of international law, counter-narrative approaches create few, if any,
problems because they promote more speech rather than less. International law
poses no barriers to governments developing or supporting counter-narrative
campaigns against the Islamic State. However, counter-narrative efforts have
struggled to demonstrate strategic value. Too often they are fragmented, unco-
ordinated, of questionable impact, and unable to match the scale, speed, and
58 S Phillips, ‘A Brief History of Facebook’ The Guardian (London, 25 July 2007) 5www.theguardian.com/technology/2007/jul/25/media.newmedia4 accessed 20 March 2016.
59 Twitter, ‘Twitter Milestones’ 5https://about.twitter.com/company/press/milestones4 accessed 20 March 2016.
60 JM Berger, ‘How ISIS Games Twitter’ The Atlantic (Washington, DC, 16 June 2014) 5www.theatlantic.com/international/archive/2014/06/isis-iraq-twitter-social-media- strategy/372856/4 accessed 20 March 2016.
486 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
substance of Islamic State propaganda and radicalisation efforts. What role
international law could play to improve counter-narrative activities is not
clear. Creating obligations for governments to engage in counter-narrative cam-
paigns would run headlong into critiques that government-led counter-messa-
ging lacks legitimacy with the people counter-narrative efforts are intended to
reach.61
Counter-content strategies generate issues under international law. First, gov-
ernment demands that social media companies located in other countries
remove content replay jurisdictional problems experienced in other cyberspace
contexts.62 Second, counter-terrorism demands from governments for content
removal raise questions about what ‘terrorist content’ or ‘terrorist activity’
means when states have no agreed definition of terrorism.63 Third, counter-con-
tent strategies implicate international law that protects freedom of opinion, ex-
pression and association from government interference.64 Countries do not
agree on what these obligations mean or how they apply, and even European
democracies and the USA differ on when governments can limit expression.
Fourth, limits on governmental power to restrict expression might encourage
‘outsourcing’ censorship through nonbinding mechanisms involving government
requests for companies to remove content.65 Fifth, counter-content strategies
provide repressive governments with cover for censorship based on broad def-
initions of terrorism unrelated to threats from the Islamic State or other terrorist
groups.66
Questions about the effectiveness of counter-content and counter-narrative
strategies also arise in connection with the Islamic State’s use of social media.
While each story has unique features, social media appears as a common feature
61 Criticism of the US Government’s counter-narrative efforts has been harsh. G Harris and C Kang, ‘Obama Shifts Online Strategy on ISIS’ New York Times (New York City, 9 January 2016) A8.
62 DG Post, In Search of Jefferson’s Moose: Notes on the State of Cyberspace (OUP 2009).
63 US companies complained about proposed legislation designed to facilitate reporting online ‘terrorist activity’ to the US Government because, among other things, the legislation did not define ‘terrorist activity’. Internet Association, Reform Government Surveillance, and Internet Infrastructure Coalition, ‘Letter to US Senate Majority and Minority Leaders Concerning Section 603 of the Intelligence Authorization Bill for Fiscal Year 2016’ (5 August 2015) 5http://internetassociation. org/wp-content/uploads/2015/08/080515-Joint-Letter-on-Section-603.pdf4 accessed 20 March 2016.
64 International Covenant on Civil and Political Rights (adopted 16 December 1966, entered into force 23 March 1976) 999 UNTS 171.
65 S Craig and E Llanso, ‘Pressuring Platforms to Censor Content is Wrong Approach to Combatting Terrorism’ (Center for Democracy and Technology, 5 November 2015) 5https://cdt.org/blog/pressuring-platforms-to-censor-content-is-wrong-approach-to- combatting-terrorism/4 accessed 20 March 2016.
66 Freedom House, ‘Freedom on the Net 2015’ 5https://freedomhouse.org/sites/default/ files/FOTN%202015%20Full%20Report.pdf4 accessed 20 March 2016.
Cyberspace, Terrorism and International Law 487
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
in radicalisation and recruitment efforts. In Resolution 2178 (2014) addressing
foreign fighters traveling to join the Islamic State, the Security Council urged
UN Member States to take measures and cooperate ‘to prevent terrorists from
exploiting technology . . . to incite support for terrorist acts’.67 One year after the
resolution’s adoption, the foreign fighter problem was worse,68 suggesting coun-
ter-content and counter-narrative actions had not helped reduce this threat.
Policymakers usually stress that addressing the Islamic State’s online activities
must comply with international human rights law. However, the scale, brazen-
ness and impact of these activities have provoked concerns that human rights
limitations on surveillance and counter-content strategies impede effective re-
sponses to, protection against and prevention of cyber-enabled terrorism. With
other terrorist groups, such as al-Shabaab in Somalia, Boko Haram in Nigeria
and al Qaeda in the Islamic Maghreb, exploiting social media, pressure for
robust surveillance and the ability to take down online terrorist content
mounts as dangers from cyber-facilitated extremism grow. The gap between
what international human rights law mandates and how states conduct coun-
ter-terrorism has, typically, cast harsh light on counter-terrorism practices rather
than human rights law. However, with cyber-enabled terrorism, the law is under
increased scrutiny and pressure.
Escalating controversies about encryption underscore this development.
Following Snowden’s disclosures, technology companies began to incorporate
stronger encryption in their services. This move triggered law enforcement and
intelligence concerns that strengthened encryption would harm efforts to
combat terrorists and criminals. Encryption would cause the Internet to ‘go
dark’ for law enforcement and intelligence authorities. The private sector
push for encryption continued as the Islamic State emerged. Although Islamic
State-directed or -inspired attacks in Paris and San Bernardino in 2015 did not
involve encrypted communications, these attacks renewed the encryption dis-
pute as counter-terrorism became an urgent priority in the USA and Europe. The UN Special Rapporteur on freedom of opinion and expression connected
encryption with international law. He argued government restrictions on, or
interference with, encryption must meet the legality, legitimate objective, ne-
cessity and proportionality requirements human rights law establishes under the
right to freedom of opinion and expression.69 According to the Special
Rapporteur, encryption provides ‘the privacy and security necessary for the
exercise of the right to freedom of opinion and expression in the digital age’.70
However, making encryption critical to the enjoyment of human rights does
not answer concerns that stronger encryption threatens to prevent law
67 Resolution 2178 (n 14) para 17. 68 US Department of Homeland Security, Final Report of the Task Force on Combating
Terrorist and Foreign Fighter Travel (September 2015). 69 UNHRC ‘Report of the Special Rapporteur on the Promotion and Protection of the
Right to Freedom of Opinion and Expression’ (22 May 2015) UN Doc A/HRC/29/32 para 56.
70 ibid.
488 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
enforcement or intelligence officials from getting access to encrypted commu-
nications—even when such officials satisfy all legal and human rights criteria. In
February 2016, US Government efforts to compel Apple Inc to provide assist-
ance in unlocking an iPhone owned by one of the San Bernardino terrorists
triggered national and international debates about the promise and perils of
encryption in many contexts, including efforts to counter cyber-facilitated ter-
rorism.71 Although anchored in US law, the Apple litigation has significant im-
plications for law enforcement officials, intelligence agencies and human rights
advocates around the world.72
From a counter-terrorism perspective, the questions raised by this controversy
might become moot because terrorists are unlikely to rely on encryption pro-
vided by companies compelled by governments to provide keys for decryption.
Encryption software not subject to lawful orders of the American or European
governments exists and will continue to develop and be available to terrorists.
The more terrorists operate in cyberspace through encryption, the more coun-
ter-terrorism efforts face disadvantages. This trajectory creates incentives for
counter-terrorism officials to develop new ways to fulfill their responsibilities.73
In the USA, experts have argued that law enforcement and intelligence agencies
need access to communication metadata as part of counter-acting strong encryp-
tion.74 Others have asserted that law enforcement and intelligence officials will
have ample unencrypted data to access because of, for example, the develop-
ment of the ‘Internet of Things’.75 Both approaches would encounter opposition
within international law, as seen in human rights reactions to Snowden’s disclos-
ures of metadata collection by the US and UK governments for counter-terror-
ism purposes and in privacy advocacy for encryption.
Terrorist use of cyber communications relates to problems in international
law beyond encryption. In investigating possible terrorist crimes, counter-terror-
ism officials might want access to communications serviced by a company in
another country. The traditional way governments obtain foreign-located
71 E Lichtbau and K Benner, ‘Apple Fights Order to Unlock San Bernardino Gunman’s iPhone’ New York Times (New York City, 18 February 2016) A1.
72 H Farrell, ‘Called Out: The Global Consequences of Apple’s Fight with the FBI’ Foreign Affairs Snapshot (Washington, DC, 7 March 2016) 5www.foreignaffairs. com/articles/united-states/2016-03-07/called-out4 accessed 20 March 2016.
73 A Segal and A Grigsby, ‘How to Break the Deadlock over Data Encryption’ Washington Post (Washington, DC, 13 March 2016)5www.washingtonpost.com/opin- ions/how-to-break-the-deadlock-over-data-encryption/2016/03/13/e677fb78-d110- 11e5-88cd-753e80cd29ad_story.html4 accessed 20 March 2016.
74 PH Howell, ‘Former NSA Chief Says U.S. Can Get Around Encryption with Metadata, Argues against Backdoors’ (The Daily Dot, 5 January 2016) 5www.daily- dot.com/politics/michael-hayden-encryption-debate-clinton-bush/4 accessed 20 March 2016.
75 Berkman Center for Internet & Society, ‘Don’t Panic: Making Progress on the ‘Going Dark’ Debate’ (1 February 2016) 5https://cyber.law.harvard.edu/pubrelease/dont- panic/Dont_Panic_Making_Progress_on_Going_Dark_Debate.pdf4 accessed 20 March 2016.
Cyberspace, Terrorism and International Law 489
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
information is through MLATs. However, MLATs are not working well in con-
texts involving requests for digital information needed to investigate criminal
activities. The convergence of two factors often compounds this problem—the
dominance of US companies as global providers of cyber services and restric-
tions US law imposes on US companies sharing content data with foreign gov-
ernments. Efforts are underway to identify ways to reform MLATs.76 Experts
have proposed changes to US law to facilitate greater sharing of information by
companies in response to requests from foreign governments,77 and these ideas
have informed US–UK negotiations on reforming their MLAT.78
In December 2015, the CTC held a technical and a special meeting on
‘Preventing Terrorists from Exploiting the Internet and Social Media to
Recruit Terrorists and Incite Terrorist Acts, While Respecting Human Rights
and Fundamental Freedoms’.79 These meetings signaled the Islamic State’s use
of cyberspace has become a global crisis, which the Security Council has placed
on the CTC’s agenda. The meetings emphasised the need for cooperation guided
by the understanding that ‘the UN Charter and international human rights law
form the basis for effective preventive and counter-terrorism measures’.80
What the CTC meetings failed to answer is why the UN Charter, Security
Council resolutions on terrorism, international human rights law and other
bodies of international law, did not prevent the Islamic State’s online onslaught,
are not protecting countries from cyber-enabled terrorism and are not facilitat-
ing effective responses. The meetings did not reveal much consensus on pro-
posals for preventing terrorist exploitation of social media while respecting
human rights. Instead, the meetings highlighted ‘fault lines’ about how to re-
spond to the Islamic State’s exploitation of the Internet and social media, includ-
ing tensions in the following areas:
Strategic considerations
. Friction between support for government-led strategies and preferences for multi-stakeholder approaches.
76 Woods (n 28). 77 J Daskal and AK Woods, ‘Cross-Border Data Requests: A Proposed Framework’
(Lawfare, 24 November 2015) 5www.lawfareblog.com/cross-border-data-requests- proposed-framework4 accessed 20 March 2016.
78 E Nakashima and A Peterson, ‘The British Want to Come to America—with Wiretap Orders and Search Warrants’ Washington Post (4 February 2016) 5www.washington- post.com/world/national-security/the-british-want-to-come-to-america–with-wiretap- orders-and-search-warrants/2016/02/04/b351ce9e-ca86-11e5-a7b2-5a2f824b02c9_story. html4 accessed 20 March 2016.
79 CTC 5www.un.org/en/sc/ctc/news/2015-11-18_CTED_SpecialMeeting_ICT.html4 ac- cessed 20 March 2016. The author attended these meetings.
80 UN News Centre, ‘In Special Meeting, UN Weighs Measures to Prevent Terrorists from Exploiting the Internet, Social Media’ (17 December 2015) 5www.un.org/apps/ news/printnews.asp?nid¼528504 accessed 20 March 2016.
490 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
. Interest in more counter-terrorism regulation of cyberspace, amidst warn- ings from human rights advocates about empowering governments to act
under expansive notions of ‘terrorism’.
. Identification of the need for global trust in fighting terrorism in cyber- space, against the backdrop of disagreements among governments—and
between the public and private sectors—over Internet governance, cyber-
security, privacy and freedom of expression.
. Interest in addressing online terrorism as a threat on its own terms, versus assertions that attacking the ‘root causes’ of terrorism is the only way to
mitigate this problem.
Role of the USA and US companies
. Recognition of the importance of the USA, complicated by concerns that strict US protection of freedom of speech, other restrictive federal laws,
and the dominance of US social media companies inhibit international
cooperation.
. Frustration with US social media companies, countered by claims the companies are acting appropriately with all stakeholders.
Counter-content and counter-messaging approaches
. Gaps among governments, and between governments and companies, about what criteria should guide taking down online content on counter-
terrorism grounds.
. Interest in more effective counter-messaging campaigns, versus skepticism collaboration in this area can be cohesive, consistent, or achieve the scale
and speed needed to have strategic impact against the Islamic State.
Law enforcement issues
. Consensus that MLATs need reform to support countering online terrorist activities, but without clear direction on how reform moves forward.
. Statements from law enforcement officials that encryption threatens their efforts against terrorism and crime, versus support for encryption from
civil society and companies.
Cyberspace, Terrorism and International Law 491
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
These, and other, fault lines indicate that agreement on new policy and legal
directions, initiatives, and instruments will be difficult to achieve and sustain as
the CTC begins to address terrorist use of the Internet and social media.81
In February 2016, a new front opened in efforts against the Islamic State’s
online activities. The USA acknowledged conducting offensive military cyberat-
tacks against the Islamic State. President Obama instructed US Cyber
Command (CYBERCOM) to use its offensive capabilities against the Islamic
State after the terrorist violence in San Bernardino.82 CYBERCOM is targeting
the Islamic State’s use of the Internet and social media to spread propaganda,
radicalise and recruit, and its use of cyber technologies to command and control
military operations in Iraq and Syria.83 These cyberattacks now form part of
military activities against the Islamic State the US Government argues are jus-
tified under international law.84 Further, the law of armed conflict guides US
military action against the Islamic State, meaning the Obama administration
believes the cyber weapons and attacks comply with it.
In addition to their significance in the armed conflict with the Islamic State,
these cyberattacks increase the prospects that counter-terrorism strategies will
now include offensive cyber operations against terrorist online activities, includ-
ing in contexts not involving armed conflict. How states will handle cyberattacks
against terrorist online capabilities outside armed conflict under international
law is not clear, especially because such attacks might not constitute armed
attacks, uses of force, or coercive acts that violate the principle of noninterven-
tion. The CYBERCOM attacks might be the precursor of growing state use of
cyber coercion in counter-terrorism strategies frustrated by the limitations
imposed on, and ineffectiveness of, surveillance, counter-messaging, counter–
counter and law enforcement cooperation efforts.
81 One activity the CTC’s Executive Directorate is pursuing involves partnering with ICT4Peace, a nongovernmental organisation, to understand cyber-enabled terrorism, ‘particularly how industry is responding to terrorist use of ICTs, identify good prac- tices, notably in the area of self- regulation, and potentially engage industry repre- sentatives in shaping a voluntary trust building mechanism such as a code of conduct to help mitigate the use of ICT products and services by terrorist groups’. ICT4Peace, ‘UN and ICT4Peace Launch Project to Counter use of ICTs for Terrorist Purposes in Cooperation with the Private Sector’ (12 February 2016) 5http://ict4peace.org/un- and-ict4peace-launch-project-to-counter-use-of-icts-for-terrorist-purposes-in-cooper- ation-with-the-private-sector/4 accessed 20 March 2016.
82 WJ Hennigan, ‘Pentagon Wages Cyberwar against Islamic State’ Los Angeles Times (Los Angeles, 29 February 2016) 5www.latimes.com/nation/la-fg-isis-cyber-20160228- story.html4 accessed 20 March 2016.
83 Fidler, ‘Send in the Malware’ (n 4). 84 S Preston, ‘Remarks on the Legal Framework for the United States’ Use of Military
Force Since 9/11’ (Annual Meeting of the American Society of International Law, 10 April 2015) 5www.defense.gov/News/Speeches/Speech-View/Article/606662/the- legal-framework-for-the-united-states-use-of-military-force-since-9114 accessed 20 March 2016.
492 David P. Fidler
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
5. Conclusion
This international legal analysis of terrorism in cyberspace reveals a conundrum.
Plausible options for international legal action concerning terrorist cyberattacks
exist, but, because such attacks have not occurred, states lack incentives to
strengthen proactively the contribution international law can make. Options,
especially improving cybersecurity in critical infrastructure, have appeal because
they are ‘all hazards’ strategies against cyber intrusions. By contrast, credible
options for international legal activities regarding terrorist exploitation of the
Internet and social media are lacking, even though this problem has become a
crisis and countries, companies, and civil society have incentives to mitigate it.
This difficult context, which shows no signs of abating, might heighten interest in
incorporating offensive cyberattacks in strategies to counter cyber-facilitated
terrorism.
Faced with this situation, it is tempting to conclude that counter-terrorism in
cyberspace should focus on the root causes of this problem. With the Islamic
State, its success in cyberspace flows from what it has achieved on the ground in
Syria, Iraq and elsewhere.85 Until the Islamic State’s material power in ‘real
space’ is degraded, efforts to combat its cyber-enabled activities will not have
sustainable impact. Given the disaster the Islamic State has been for the Middle
East and global politics, this conclusion provides no comfort for those interested
in international law’s contributions to human affairs.
85 The Islamic State’s presence on Twitter exploded in conjunction with the territorial gains it made in 2014. JM Berger and J Morgan, ‘The ISIS Twitter Census: Defining and Describing the Population of ISIS Supporters on Twitter’ (2015) Brookings Institution, Analysis Paper No 20, 17.
Cyberspace, Terrorism and International Law 493
at :: on D ecem
ber 20, 2016 http://jcsl.oxfordjournals.org/
D ow
nloaded from
Copyright of Journal of Conflict & Security Law is the property of Oxford University Press / USA and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use.
