The Peaceful Settlement of Cyber Disputes

Online Conference organised by the Sheffield Centre for International and European Law, University of Sheffield, Thursday 4th March and Friday 5th March.

Off

Overview
Programme
Registration
Contact details

The UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security identified as of central importance ‘the settlement of international disputes by peaceful means in such a manner that international peace and security and justice are not endangered’. Cyber disputes span diverse issues and areas involving states but also private entities. They also give rise to questions as to whether the traditional international law means and methods of settlement are still adequate or whether new mechanisms should be created.

The conference provides an analytical and explanatory framework according to which the peaceful settlement of cyber disputes can be understood and practised. It examines the nature and content of cyber disputes in their political and legal dimension, the meaning and content of their peaceful settlement, assesses the adequacy of existing means and methods of dispute settlement and considers alternatives, explores the contribution of domestic courts and the private sector as well as the contribution of the UN and the EU.

Organisers: Russell Buchan, Daniel Franchini and Nicholas Tsagourias, Sheffield Centre for International and European Law, University of Sheffield.

Programme

Thursday 4 March 2021

(All times are stated in Greenwich Mean Time (GMT))

12.50 - 1.00pm: Introduction and Welcome

Nicholas Tsagourias, University of Sheffield

1.00 - 2.30pm: Panel 1

'International Law and Conflicts in Cyber Regime Complex'

Patryk Pawlak, EU Institute for Security Studies

Abstract

Governance of cyberspace is characterised by a complex system of overlapping issues and highly differentiated institutions without a clear hierarchy. In such an environment, conflicts over framing of issues and suitable governance mechanisms and venues are quite common. Disagreements over the framings of issues such as attribution, sovereignty or the use of sanctions in cyberspace give rise to highly politicised disputes - often with international law at their core. This presentation will focus on three main questions: What fuels conflicts and tensions in cyberspace? How do different framings used in international law and policy – for instance with regards to attribution, sanctions or sovereignty - impact those tensions? What is the role of international law in political disputes – is it a solution or part of the problem? By answering these questions, the presentation will demonstrate how the interplay between various elements influences shifts within the cyber regime complex and provide an overview of the existing mechanisms and diplomatic means used to manage arising disputes.

Biography

Patryk Pawlak is the EUISS Brussels Executive Officer. In this capacity, he maintains and develops relations with other Brussels-based institutions. In addition, he is in charge of the cyber portfolio, leading the Institute’s cyber-related projects. Currently, he is Project Coordinator of the ‘EU Cyber Direct’ – a multiannual research and policy support project – and co-editor of ‘Directions’. Until June 2020, he was a Co-Chair of the Advisory Board of the Global Forum on Cyber Expertise. Patryk holds a PhD in Political Science from the European University Institute in Florence and an MA in European Studies from the College of Europe.

'The Concept of Cyber Dispute in International law'

Nicholas Tsagourias, University of Sheffield

Abstract

By using the traditional definition of legal dispute as a disagreement over a point of law or fact or of legal view or interests, the paper will disentangle these elements by looking into how they can apply to cyber disputes and how legal cyber disputes can be distinguished from conflicts or conflicts of interests. It will then examine the criteria according to which legal disputes in cyberspace can be identified and consider the content of legal disputes in cyberspace.

Biography

Nicholas Tsagourias is Professor of International Law at the University of Sheffield. He has published widely in the field of public international law and one of his particular research interests is the application of international law to cyberspace. He is the co-editor of the Research Handbook on International Law and Cyberspace (Edward Elgar, 2021) and has recently co-authored an article on cyber attribution in the European Journal of International Law.

'The Good Faith Obligations of States to Settle Their Cyber Disputes Peacefully'

Astrid Kjeldgaard-Pedersen, University of Copenhagen

Abstract

The norm that states must fulfil their international legal obligations in good faith pervades across the board in international law and is explicated in, for example, Article 26 in the VCLT and Article 2(2) in the UN Charter. According to the commentary to Rule 65 of the Tallinn Manual 2.0, which is based on Articles 2(3) and 33(1) of the UN Charter, the good faith requirement is an integral part of the obligation of states ‘to settle their international disputes involving cyber activities that endanger international peace and security by peaceful means’. As examples of state behaviour that would not live up to the good faith requirement, the Tallinn Manual mentions e.g. lying about activities and employing delaying tactics. Many issues, however, remain unresolved. Drawing on judicial practice and scholarly studies of the good faith obligation to settle disputes peacefully as it applies in general international law as well as in specialized international legal regimes, this paper aims to provide further clarification of what it means to act in good faith in the context of cyber disputes.

Biography

Astrid Kjeldgaard-Pedersen is Professor with Special Responsibilities in International Law at the Faculty of Law, University of Copenhagen, where she currently heads a research project on International Law & Military Operations (InterMil). She has published widely in the field of public international law, including a monograph entitled The International Legal Personality of the Individual (OUP, 2018), and she serves as editor-in-chief of the Nordic Journal of International Law.

'The “Peaceful” Element in the Law of Peaceful Settlement'

Eneken Tikk, University of Helsinki

Abstract

This would be a conceptual inquiry into the purpose, essence and modalities of peaceful settlement. The main school for distinguishing peaceful means from non-peaceful means of engagement is to characterize peaceful through the thresholds of use of force and coercion. However, the term “peaceful” has a much broader interpretive space, for instance, through the examination of the discussions of this term in specialized areas of international law (such as space), by looking at its essence (non- or de-escalatory, preventive, non-punitive), by distilling its boundaries from the determinations and resolutions of the UN Security Council, or building on the work done by the UN Secretary-General. This presentation looks at ways in which the term “peaceful” has and could be understood, and informs further thinking of this element in the law of peaceful settlement.

Biography

Dr. Eneken Tikk leads Power and Influence Studies at the Cyber Policy Institute (CPI) in Jyväskylä, Finland. Her work at CPI focuses on questions of strategic stability, cybersecurity governance, normative leadership and state behavior. She is Senior Researcher at the Institute of Software Sciences at Tallinn University of Technology, and a Fellow of the Erik Castrén Institute of the University of Helsinki, where she focuses on developments in international law in the context of digital security. Dr. Tikk also serves as Senior Advisor to the Board of the ICT for Peace Foundation in Geneva, Switzerland, advising governments, policy and decision makers on international peace and security issues in the context of ICTs.

2.30 - 2.45pm: Coffee Break

2.45 - 4.00pm: Panel 2

'Cyber Disputes before the International Court of Justice: Issues of Jurisdiction and Admissibility'

Constantine Antonopoulos, Democritus University of Thrace

Abstract

There have been an increasing number of disputes between States arising from hostile or unfriendly cyber acts. So far these disputes are settled directly by the parties through diplomatic means or through countermeasures. However, it is not unlikely that as the application of international law becomes more settled in cyberspace, this class of disputes might be submitted to the ICJ. The Court’s jurisdiction is general covering all international law matters but is based on State consent. Cyber disputes are likely to pose challenges to the exercise of the Court’s jurisdiction and to the admissibility of cases due to the unique features of cyberspace. Its intangible nature and defiance of territorial sovereignty may give rise to objections as to the existence of a dispute, in particular the awareness of a dispute by one of the parties. Moreover, the involvement of third States is a frequent occurrence in cyber disputes that may give rise to the invocation of the Monetary Gold principle. Furthermore, questions of adapting reservations to the jurisdiction of the Court to the particularities of cyberspace. Admissibility questions can be raised regarding the hypothetical nature of a dispute, the existence of legal interest or the case being moot. These are issues that merit research and discussion as the ICJ sooner or later will probably encounter them.

Biography

Constantine Antonopoulos is Associate Professor of Public International Law, Faculty of Law, Democritus University of Thrace. He the author of three monographs, a cases and materials book on the settlement of disputes by the International Court of Justice, co-editor of a textbook on international law and the author of several articles and chapters in books.

'The Engagement of Domestic Courts with International Cyber Disputes'

Daniel Franchini, University of Sheffield

Abstract

While not ‘settlers’ of international disputes in the traditional sense, domestic courts have an important role to play in the interpretation and application of international law with regard to international cyber disputes. This paper explores two ways in which domestic courts may engage with international cyber disputes. First, domestic courts may act as ‘guardians’ of the international obligations of the state to which they belong by ensuring that malicious cyber operations originating from that state are halted and/or punished (‘inward engagement’). Second, domestic courts may directly target state-sponsored malicious cyber operations originating from abroad through proceedings against the individuals and/or companies responsible for the wrongful conduct (‘outward engagement’). In so doing, this paper shows that domestic courts can contribute to the crystallisation of rules of international law in cyberspace. At the same time, their engagement may challenge established rules of jurisdiction and immunity.

Biography

Daniel Franchini, MJur, DPhil (Oxon), is Lecturer in International Law at the University of Sheffield. He is an expert in international law and international dispute settlement. His research focuses on the role that self-enforcement plays in the settlement of international disputes. He has published, among others, in the Virginia Journal of International Law and in The Use of Force in International Law (OUP 2018). He is the convenor of International Dispute Settlement at the University of Sheffield.

'Collective Cyber Countermeasures: Theory and Practice'

Russell Buchan, University of Sheffield

Abstract

States and scholars are concerned that cyberspace will emerge as a lawless ‘wild west’. For some, one way of preventing this is by permitting the use of collective countermeasures, which are seen as enabling States to vindicate their legal rights, implement State responsibility for internationally wrongful acts and enhance compliance with international law. Against this background, this presentation makes two claims. First, it argues that, at present, there is insufficient State practice to support the argument that collective countermeasures are lawful as a matter of international law. Second, it suggests that collective countermeasures are undesirable as a matter of policy and actually run the risk of undermining the very objectives they seek to achieve, namely, law and order among States.

Biography

Russell Buchan is Senior Lecturer in International Law at the University of Sheffield, UK. Dr Buchan is the author of International Law and the Construction of the Liberal Peace (Hart, 2013) and Cyber Espionage in International Law (Hart, 2018) and he has authored many journal articles on the topic of international law.

4.00 - 4.15pm: Coffee Break

4.15 - 5.00pm: Keynote Speech

'The Peaceful Settlement of Cyber Disputes: Aligning Forms, Features, and Functions'

Duncan B. Hollis, Temple University

Abstract

To date, international law's requirement that States settle their disputes peacefully has received relatively little attention in the cyber context. Where discussions do occur, they tend to focus on what modalities States may employ in reaching a settlement -- e.g., negotiation, mediation, conciliation, arbitration – rather than whether, when, and why they must do so. Professor Hollis’s presentation will look beyond these modalities to ask three questions about the forms, features, and functions of peaceful dispute settlement under international law:

· First, what forms must cyber disputes take? Do cyber-disputes encompass disputes over law, facts, responsibility, and/or remedies? International disputes versus matters of domestic concern? Disputes exclusively among States or disputes involving non-State actors?

· Second, what are the obligations’ key features? Is it centered on obliging States to settle their disputes or is the obligation only that, where States pursue settlement, they do so peacefully (i.e., States are free not to settle their disputes if they so choose). What are the boundaries that delimit a modality as “peaceful”? How do these modalities escalate or deescalate a situation in relation to the status quo?

· Third, what purposes can peaceful dispute settlement serve? Attaining peace and stability? Providing Justice? Settling expectations? Constructing law or norms? Continuing interactions?

The answers to each set of questions provides a template for assessing the potential (and problems) of dispute settlement in the cyber context. The desired function of a peaceful dispute settlement may be more (or less) achievable depending on the obligation’s features and the forms of each underlying dispute. By broadening and deepening our understanding of the origins, operations, and outcomes of peaceful dispute settlement, we may not only invigorate the existing discourse but also improve the efficacy of international law in governing cyberspace.

Biography

Duncan B. Hollis is Laura H. Carnell Professor of Law at Temple Law School. His scholarship engages with issues of international law, interpretation, and cyber security, with a particular emphasis on treaties, norms, and other forms of international regulation. His publications include The Oxford Guide to Treaties (OUP, 2020) and (with Jens David Ohlin) Defending Democracies: Combatting Foreign Election Interference in a Digital Age (OUP, 2020). He has published multiple journal articles in leading law reviews.

Friday 5th March 2021

1.00 - 2.30pm: Panel 3

'Is There a Need for a Specialised Dispute Settlement Mechanism for Interstate Cyber Disputes?'

Pål Wrange, University of Stockholm

Abstract

This paper will address the question whether new specialised dispute settlement mechanisms should be created for interstate cyber disputes. The paper will argue 1) that specialised mechanisms should not be created but 2) that there may be a need to amend or complement established procedures, like PCA arbitration.

Just as hardly any dispute scenario today is without elements in cyberspace, disputes which may seem to focus on cyberspace are not isolated from effects in ‘real life’. Hence, it is difficult if not impossible to establish a particular category of cyber disputes, and disputes on events in cyberspace must be settled under basically the same rules and principles as events that mainly take place offline. Nevertheless, there are certain conceptual, technical and structural aspects of cyberspace that pose new problems and which may justify adjustments of existing procedures. Conceptual matters like jurisdiction and due diligence in cyberspace are not settled, and this may impact on the application of existing legal regimes regarding cross-border criminal investigations, free speech, privacy, taxation, intellectual property rights, etc. Further, the assessment of evidence in cyberspace is notoriously difficult and calls for specialised knowledge. Lastly, private corporations have dominated the development of cyberspace and sometimes assume functions normally associated with public institutions.

Biography

Pål Wrange is Professor of International Law at Stockholm University. Professor Wrange’s main areas of research are the use of force, international criminal law, human rights and the theory of international law. He has written over sixty publications in the field of public international law including articles in preeminent law reviews.

'Cyber Disputes Are Not Just About Hacking and CyberAttacks: European Litigation on Surveillance Issues and International Negotiations on Government Access to Data'
Karine Bannelier and Theodore Christakis, University of Grenoble-Alpes

Abstract

International lawyers focus on cyber attacks and cyber espionage, issues that have led to little, if any, international litigation till now. However, the issue of “legal” access to data by foreign governments is equally important and has been marked by major decisions of European Courts. It has led to extremely important international negotiations in order to find solutions to the fundamental underlying problems. This paper will discuss how some recent decisions, starting with the July 2020 Schrems II Judgment of the CJEU, severely affect international and transnational relations and transactions. It will focus on ongoing bilateral negotiations, such as the ones aiming for a successor to the EU/US Privacy Shield arrangement or for a UK adequacy decision after Brexit, as well as multilateral processes such as the “Data Free Flow with Trust” initiative by Japan or the negotiation of a new Protocol to the Budapest Cybercrime Convention. It will finally enquire whether democracies could be able, through international cooperation, to respond to the challenge of setting satisfactory global standards for intelligence and law enforcement agencies access to data and to find solid and long lasting solutions for international data transfers.

Biographies:

Karine Bannelier is Associate Professor of International Law at the University Grenoble-Alpes (France). She is Deputy Director of the Grenoble Alpes Cybersecurity Institute, Co-director of WP5 Data Governance, Data Protection and Privacy at the Grenoble Alpes Data Institute and Co-director of the AI-Regulation Chair at the Multidisciplinary Institute on Artificial Intelligence. She has been invited to present her research in workshops and seminars more than 80 times in 22 countries. She has published or co-edited/authored 8 books and more than 50 articles and book chapters.

Theodore Christakis (@TC_IntLaw) is Professor of International and European Law at University Grenoble Alpes, a Senior Fellow with the Cross-Border Data Forum and a former Distinguished Visiting Fellow at the New York University Cybersecurity Centre. He is the Director of the Centre for International Security and European Studies and Director of the Chair on the Legal and Regulatory Implications of Artificial Intelligence with the Multidisciplinary Institute on Artificial Intelligence (ai-regulation.com, MIAI@Grenoble Alpes). As an international expert he has advised Governments, International Organisations and the private sector on issues concerning international law, cybersecurity law, AI regulation and data protection and also has experience working as external Data Protection Officer for tech companies.

'EU Cyber Diplomacy Toolbox in Motion'

Manon Le Blanc, EEAS

Abstract

In 2017, the EU agreed upon a cyber diplomacy toolbox that allows the EU and its Member States to use all Common Foreign and Security Policy (CFSP) measures, including sanctions, to prevent, deter and respond to cyber-attacks. It contributes to conflict prevention, encourages cooperation and aims to influence behaviour of potential aggressors. The cyber diplomacy toolbox holds a mechanism to assess situational awareness, diplomatic measures to respond, and procedures for decision-making as well as to cooperate with international partners. The EU has responded to malicious cyber activities on multiple occasions, including by listing in total 8 individuals and 4 entities and bodies that are responsible or involved in significant cyber-attacks targeting the EU and its Member States. With the implementation of the December 2020 EU Cybersecurity Strategy, the EU is to further increase its ability to prevent, deter and respond to cyber-attacks.

Biography

Manon Le Blanc is a senior policy maker and cyber diplomat, working for the EU diplomatic service, the European External Action Service (EEAS). Over the last years, Manon has shaped the EU's policies on international cyber diplomacy issues, notably as a co-author of the 2017 and recent 2020 EU Cybersecurity Strategy, and is as well the driving force behind the EU's joint diplomatic responses ("cyber diplomacy toolbox"). Prior to her posting at the EEAS, Manon served to the 2016 Netherlands' Presidency of the Council of the European Union, and was a senior advisor in the Office of the Secretary General at the Ministry of Justice and Security in The Hague. She holds a Master of Science in Business Administration from the University of Amsterdam.

'The Role of the UN in Peaceful Settlement of Cyber Disputes'

Marja Lehto, Ministry of Foreign Affairs, Finland

Abstract

The Charter of the United Nations lays down the basic framework for the settlement by peaceful means of disputes that may endanger international peace and security. The International Court of Justice, as the main judicial body of the UN, plays a significant role in judicial settlement of disputes, and various UN organs contribute to the prevention, containment and resolution of international disputes. The Security Council, in particular, has broad competences to intervene in disputes at different stages. The tools for mediation and conflict resolution have become more varied and sophisticated over the years.

The UN would be well placed, also because of its unique legitimacy, to contribute to the resolution of any international dispute but this potential has yet to materialize with regard to cyber disputes. The Security Council has not yet determined a cyber dispute or incident as a threat to international peace and security. Nor have disputes related to State use of information and communication technologies been brought to the International Court of Justice. At the same time, it is hard to identify a more contested area in inter-State relations or at the UN discussions than cyberspace.

Biography

Marja Lehto is an Ambassador and Senior Expert of Public International Law at the Finnish Ministry of Foreign Affairs. Ambassador Lehto is also Adjunct Professor of international law at the University of Helsinki and a member of the UN International Law Commission.

2.30 - 2.45pm: Coffee Break

2.45 - 3.30pm: Concluding Remarks

Robert M. Young, Legal Counsel, Global Affairs Canada.