Unblurring the lines: military cyber operations and international law

Abstract

ABSTRACT The bright lines between certain fundamental legal categories may appear to have dimmed in the cyber environment, especially in relation to military cyber operations. This article thus unblurs the lines between five such pairs of categories, proceeding from the general to the specific: Firstly, what separates international law from international norms as the two principal regulatory frameworks governing the conduct of military cyber operations? Secondly, what is the distinction between domain-specific and general rules of international law as they apply to military cyber operations? Thirdly, is it possible to distinguish between peacetime and armed conflict with respect to the regulation of such operations? Fourthly, once an armed conflict is underway, how do we distinguish combatants from non-combatants in cyberspace? And fifthly, what is the distinction between objects and non-objects in cyberspace, particularly with respect to computer data affected by military cyber operations during armed conflicts? Overall, the article's goal is to reduce the opacity surrounding the relationship between military cyber operations and international law. In doing so, it aims to contribute to the long-term goal of making cyberspace a more open, secure, stable, accessible and peaceful environment.