Abstract
ABSTRACT There is controversy as to whether due diligence in cyberspace is required as the result of a general rule in international law – namely, that States must not allow their territory to be used for acts contrary to the rights of other States – or because of a voluntary norm of responsible State behaviour, i.e. something that is expected but not legally required. This paper analyses the legal status and content of due diligence in the cyber context, including with reference to position statements published by a growing number of States on these issues. The paper also considers what due diligence measures are expected of States as a matter of policy, in order for them to act responsibly to tackle – on their own territory – malicious cyber activity that may have harmful effects in the territory of other States. The article concludes with recommendations – including that the debate on legal status should not hinder discussion on the implementation of stronger standards on due diligence as a matter of policy. Those standards should be the focus of the discussions on due diligence in the UN’s Open-Ended Working Group on developments in the field of information and telecommunications (OEWG).
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
