International Committee of the Red Cross
Humanitarium Conference Series

Cyberwarfare, Ethics, and International Humanitarian Law
A workshop and panel
Geneva, Switzerland
21-22 May 2014

Purpose

The event is an academic workshop on the ethics of cyberwarfare, especially how it challenges existing international humanitarian law (IHL). During the one-and-a-half days of meeting, we will have several experts deliver briefings on a range of topics, including: foundational norms related to casus belli, attribution, perfidy, discrimination, noncombatant privilege, and more.

The workshop will be followed by an open panel in the evening to share our discussion and findings with the broader public.

Structure

The workshop will be a closed, invitational-only meeting with about 20-30 participants, conducted under The Chatham House Rule to promote free discussions. Unlike traditional academic workshops, at least in the US, this will truly be a working meeting, not merely a series of lectures. Modeled after “wargaming” exercises, each working session will begin with a 15-minute briefing about a particular issue, followed by an hour-long open discussion. The discussion will be moderated to ensure it stays focused and productive, as well as explore specific scenarios and positions.

“Wargaming” here simply means a free discussion or analysis of hypothetical but plausible scenarios by experts to study different response-options—teasing out ethical, policy, and legal dilemmas. The expert briefings prior to each session will “push” the context needed by participants to cross-pollinate their areas of expertise, and the open discussion that follows will “pull” new synergies from the participants in real-time analysis of scenarios and issues.

Prior to the working sessions, presenters will give a background briefing on how cyberwarfare implicated IHL, as well as offer case studies (e.g., Stuxnet) and possible future scenarios to have in mind as the rest of the workshop proceeds.

The goal is to draw out expert insights into the issues and identify further points of contention and issues as we continue this line of research.

Working Agenda

Day 1 (21 May 2014) ——

0830-0900:   Registration

0900-0930:   Introductory remarks and participant introductions

0930-1000:   Background #1: IHL and cyberwarfare backgrounder

• Overview of relevant IHL rules and principles that may be challenged by cyberwar. Later briefings in the workshop will explore those friction points in more depth.

1000-1030:   Background #2: Case studies and future scenarios

• To have specific scenarios in mind as we discuss the issues, this is an overview of some notable examples and possible future examples of cyberattacks, incl. Stuxnet, Estonia, Georgia, cyberespionage, patriotic hackers, hacktivists, and others.

1030-1045:   Coffee and networking break

1045-1100:   Briefing #1: Jus ad bellum

• Guiding questions include: Could – and if so, in which circumstances – a cyberattack count as “use of force”, and more precisely as an armed attack in the meaning of Article 51 of the UN Charter, justifying an armed military response?

1100-1200:   Moderated, open discussion of briefing

1200-1400:   Lunch

1400-1415:   Briefing #2: Attribution & Repression

• Guiding questions include: Given anonymity in cyberattacks, attribution is often made extremely difficult. How can one answer the attack without knowing where it is coming from, or who is behind it? Can deceptive practices, e.g., tricking users to install malware, be used? If meant to get information leading to capture or attack of the user, do they violate the prohibition against perfidy? The difficulty in attribution not only renders State responsibility for potentially launching an illegal attack. complicated, it also poses problems in relation to criminal responsibility of the authors if the attack violated IHL.

1415-1515:   Moderated, open discussion of briefing

1515-1530:   Coffee and networking break

1530-1545:   Briefing #3: Conduct of hostilities

• Guiding questions include: Given that cyberattacks are difficult to control, is the principle of distinction violated? Are cyber attacks necessarily indiscriminate? What precautionary measures could be taken in cyber? Given the close military-industry relationship in cybersecurity, who can be considered as “directly participating in hostilities”? Similarly, given that some governmental cyber agencies are not linked to the military, should they be considered as civilians? Could they be prosecuted for their participation in hostilities?

1545-1645:   Moderated, open discussion of briefing

1645-1700:   End-of-day remarks

1800-2000:   Dinner with speakers and invited guests

Day 2 (22 May 2014) ——

0900-0915:   Introductory remarks

0915-0930:   Briefing #4: The future

• Guiding questions include: Are the main findings of the “Tallinn Manual” in accordance with existing IHL? Which aspects are most controversial? Does IHL need to evolve to account for the apparently unique nature of cyberwar?

0930-1030:   Moderated, open discussion of briefing

1030-1045:   Coffee and networking break

1045-1100:   Briefing #5: A framework

• Guiding questions include: Moving forward, how should we think about future cyber scenarios, ethics, and law? Are the cyberattacks described in our case studies and future scenarios ethical as well as compliant with IHL as it is or as it should be?

1100-1145:   Moderated, open discussion of any previous briefings

1145-1200:   Concluding remarks

1200-1700:   Afternoon break

1700-1900:   Public panel on cyberwar, ethics, and IHL

1900-2030:   Cocktail reception

Program

• Click here to download

Project Sponsors

• California Polytechnic State University, San Luis Obispo
• Centre for Applied Philosophy and Public Ethics (CAPPE), Charles Sturt University, Australia
• International Committee of the Red Cross
• University of Notre Dame's Reilly Center for Science, Technology, and Values
• US National Science Foundation
• US Naval Postgraduate School
• US Naval Academy's VADM Stockdale Center for Ethical Leadership
• Western Michigan University

Contact

• Patrick Lin, Ph.D., Director
  palin [at] calpoly.edu

Focus Page

• Click here for cyber-related work