Tallinn Manual applies "international law norms" to cyber warfare

It seems almost every day we see new reports of computer and network “attacks” allegedly perpetrated by nation states. China, Russia, and North Korea have all allegedly been involved in a variety of cyber attacks––and with the evidence mounting as to the now infamous Stuxnet attack, it can be safely assumed that the United States is not absent from this list. What cannot be assumed, however, is how these attacks fit into the complex set of policies, treaties, and international laws that govern national and international conflicts. Can a country use cyber operations to attack or defend another country? If so, to what extent can these cyber operations be used? How do we define a “cyber attack” under international law?

The Tallinn Manual On The International Law Applicable to Cyber Warfare (Cambridge University Press, 2013) attempts to answer these questions and many more just like them. The Tallinn Manual was made at the invitation of the NATO Cooperative Cyber Defence Centre of Excellence and was authored by an “independent, international Group of Experts.” The result is a comprehensive guide that applies various international rules to cyber warfare. The group of experts, led by U.S Naval War College Professor and international law scholar Michael N. Schmitt, developed a set of “ninety-five ‘black-letter rules’” governing cyber warfare.

Contrary to some reports, the manual is by no means the official policy of NATO but is instead, as stated on the Cooperative Cyber Defence Centre of Excellence’s website, “an expression of opinions of a group of independent experts acting solely in their personal capacity.”

Despite such formalities, the manual is an important document for governments, students, and academics alike. The manual’s in-depth analysis provides a foundation for nations to build upon as they being to develop in and adapt to an increasingly cyber-dependent world. And while not an authoritative document, it will be interesting to see how the Tallinn Manual impacts the current discussions revolving around the continued escalation of cyber attacks by nations-states.

For a report on the Tallinn Manual, as well as an interview with one of the manual’s authors, Professor Thomas Wingfield, see Bernhard Warner’s Bloomberg article here.