International Law and Private Actor Active Cyber Defensive Measures. Paul Rosenzweig

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "International Law and Private Actor Active Cyber Defensive Measures. Paul Rosenzweig"

Transcription

1 International Law and Private Actor Active Cyber Defensive Measures Paul Rosenzweig Few can doubt that cyber theft and espionage are rampant, costing governments and private sector actors billions, if not tens of billions of dollars in losses annually. 1 To a large degree government efforts to reduce the risks of such cyber intrusions have proven unavailing one need only think of the recent revelations of significant intrusions into more than 140 American companies by Chinese cyber hackers affiliated with the People s Liberation Army. 2 The failure of the government to provide adequate protection has led many theoreticians to suggest the need for private sector self help. After all, the argument goes, if the government is unable (or perhaps unwilling) to provide an effective defense available to all citizens on the network then it is incumbent on private sector actors to defend themselves. More to the point, if the government is unable (or perhaps unwilling) to take or threaten to take offensive actions that would deter cyber attacks, then it may be likewise incumbent on private sector actors to engage in forms of active defense that at times look an awful lot like offensive action. While these private sector actions take many forms, they go by the collective name of hack back the idea that private sector actors may hack back at the hackers who are attacking them. In the United States scholars have begun to debate the legality of hack back. To date, that examination has focused exclusively on domestic American law. 3 The discussion is inconclusive though it is probably fair to say that the weight of analysis favors the conclusion that active hack back by private sector American actors violates the Computer Fraud and Abuse Act. 4 But that conclusion hardly ends the matter laws that are made, after all, can be unmade. And it we were to conclude as a matter of policy that it was appropriate to allow private sector actors to conduct active hack back defense, there might well be an appetite to change the law. 5 Professorial Lecturer in Law, George Washington University School of Law; Principal, Red Branch Consulting, PLLC; and Distinguished Visiting Fellow, Homeland Security Studies and Analysis Institute. Opinions expressed are the authors own. My thanks to the symposium participants at Stanford and the organizers from the Stanford Journal of International Law for their comments and efforts. Special thanks to Ms. Rebecca Heflin for able and effective research assistance without which this paper would not exist. 1 In 2012 Norton, the cybersecurity company, estimated that annual losses were $110 billion for consumers globally. See 2012 Norton Cybercrime Report, 2 Mandiant, APT1: Exposing One of China s Cyber Espionage Units, 3 See, e.g., The Hackback Debate, Steptoe Cyberblog, debate/ U.S.C E.g., Rep. Gohmert Wants A Law That Allows Victims To Destroy The Computers Of People Who Hacked Them, Techdirt, March 19, 2103, gohmert wants lawthat allows victims to destroy computers people who hacked them.shtml; Steven P. Bucci, Paul Rosenzweig and David Inserra, A Congressional Guide: Seven Steps to U.S. Security, Prosperity, and Freedom in Cyberspace, Heritage Foundation, April 1, 2013, congressional guideseven steps to us security prosperity and freedom in cyberspace 1 Electronic copy available at:

2 But American authorization of private sector offensive action would hardly end the discussion. Indeed, it would merely begin it. Cyberspace is, after all, an internationalized, trans border domain. Hacking attacks on American companies often originate overseas and transit foreign servers. Thus, any American hack back would, almost inevitable, involve other countries and their laws. Yet, to date, little, if any, consideration has been given to the question of whether private sector hack back violates (or is authorized by) the domestic laws of other nations or any international conventions or customary international law. This short article seeks to fill that gap with some preliminary thoughts regarding the application of non American law to American private sector hack back. The fundamental conclusions are two fold: 1) To the extent any customary international law exists at all it is likely to discourage private sector self help outside the framework of state sponsored action; and 2) ) Almost certainly, hack back by an American private sector actor will violate the domestic law of the country where a non US computer or server is located. In light of these twin conclusions, American companies considering offensive cyber operations would do well to proceed with caution. I. Defining Hack Back Any discussion of hack back must, at least for initial purposes, begin with some working conception of what, exactly, the term means. In other words, what techniques are being considered? One can readily imagine certain types of non destructive actions, for example, that might be more readily approved than more aggressive, destructive activity. Provisionally, then, one can offer the following definition of active cyber defense: the synchronized, real time capability to discover, detect, analyze, and mitigate threats. It operates at network speed using sensors, software and intelligence to detect and stop malicious activity ideally before it can affect networks and systems. While intrusions may not always be stopped at network boundary, an entity may operate and improve upon its advanced sensors to detect, discover, map and mitigate malicious activity on an entity s network. 6 Within that definition fall a number of potential activities. We might, for example, consider a type of defense that could be characterized as Internal Self Defense that is activity within one s own network. Such activities might include (and this is only a partial list): the creation of attractive honeypots 7 with surreptitious payloads that enable a defender to track the attacker inside the defender s own system or to observe efforts to remove data; using threat information and intelligence to screen or block incoming traffic associated with those threat indicators (as, for example, blocking suspect IP addresses); 6 This definition is slightly modified from DOD s formal definition of active defense which appeared in the 2011 Department of Defense Strategy for Operations in Cyberspace. It also appears in the Center for a New American Security Policy Brief Active Cyber Defense A Framework for Policymakers. 7 As the name implies, honeypots are intended to attract hackers by purporting to be worthwhile subjects of attack. One might, for example, give a document honeypot the Microsoft Word name Plans for Countering Hackers.Docx and expect it to be the subject of an attack. 2 Electronic copy available at:

3 cutting off network access when certain types of internal data are being manipulated so as to prevent their exfiltration; and/or using canary trap 8 markings on data so that when and if it is re used the illegal activity will be readily identified. Far more aggressively, we can imagine disruptive activities that operate beyond the boundaries of the defender s network and have effects at the attacker s location, or at intermediate locations. These types of Active Defense (which may actually seem like offense to many) could include (and, again, this is only a partial list): Using the payloads already described to identify intermediate or originating server sites; Going beyond identification to take some action against the intermediate or originating server sites that would cause the data exfiltration or collection activities to stop; Using armed payloads (in effect, hacker s tools like zero day exploits 9 ) that cause more affirmative harm, either at the adversary s originating control computer or, possibly, even within the systems of the ultimate user of the stolen data (who may, or may not, be aware of the data s origin). Plainly this definition is incomplete it is more descriptive than normative. And even to the extent it attempts to be descriptive, many more techniques could be imagined (and likely will be) and a more precise definition might be crafted. The location of a network boundary for example, is often indistinct and subject to dispute. But the fundamental precepts are unlikely to change the extensional definitional distinction is between techniques that relate to an actor s own system and ones that relate to systems other than the actor s own. 10 Taking all of this together, we might conceptualize the definitional/typology problem as a graphic tjat looks something like this (where the type of defensive activity is ranged across the top line of the grid and the domain location of the activity is ranged down the side): 11 8 A canary trap derives its name from the proverbial canary in the mineshaft which discloses a threat. In the cyber manifestation, data that might be stolen has a covert digital watermark of some sort embedded so that the original owner can identify the stolen nature of the data when it reappears in another context. 9 A zero day exploit is a vulnerability in a software program that has never previously been used or discovered. Since most vulnerabilities are quickly patched after they become known, zero day exploits, which are not yet patched, are very valuable. They are intrusions that will be successful on the zeroth day. 10 One important collateral point is worth making here not all private sector actors have equal capabilities. This leads some to doubt the effectiveness and utility of private sector hack back. To be sure, some actors might be less than competent and authorizing their activity might cause affirmative disruption globally. On the other hand, it seems relatively clear that some private actors have capabilities equal to and different from those possessed by governmental actors that could have a positive effect on overall cybersecurity. There will, therefore, be modalities in which some private sector action might be authorized and regulated that could resolve many of the effectiveness concerns. 11 This typology is modified from an earlier short work of mine: Paul Rosenzweig, A Typology for Evaluating Active Cyber Defenses, Lawfare Blog (April 15, 2013), typology for evaluatingactive cyber defenses/. 3

4 In Network Out of Network Observation Access Disruption Destruction This typology of private sector self defense actions would have a number of positive benefits. First and foremost,i f we get the typology right it will help to identify important definitional questions that the law and policy must answer. We need, for example, to define legally what constitutes a network and probably we need to identify the difference between attribution techniques and prevention techniques. Second, if we get the definitions right, or close to right, a typology then helps us identify the appropriate legal régimes that would apply in various domains. We can ask a sensible question like what should be the legal limits of a private sector actors off network attribution efforts that have no appreciable effect? and mean something that actually says is this beaconing technique legal? And, finally, of course, in the absence of a typology we can t discuss the application of domestic law, much less international law. II. International Conventions and Customary International Law To begin with, we must answer a reasonable question: Is international law even relevant to the question of private sector hack back? And a fair first approximation of that answer would be no, it isn t. Not at all. This is so, for at least two independent and important reasons. First, of course, a quick survey of existing international instruments makes it clear that private sector offensive cyber activity is nowhere mentioned. Thus, as a formal matter, current international law is completely silent on the topic. Second, and rather more fundamentally, with very limited exceptions, 12 international law is directed at nation state actors and is intended to control their behavior. 13 Nations sign treaties and nations are, in turn, bound to act on the obligations they undertake. In general, international law has nothing to really say about private actors and their behavior. But that would be a terribly short and uninteresting contribution to the state of current legal analysis. And so, in the interest both of intellectual curiosity and in an effort to make this short paper worth something more than a bland it isn t relevant it seems worth trying to tease out a few interesting and useful principles and analogies that could arguably be germane to the question. I address, in turn, three areas of consideration: Self defense in International Law; the Law of Piracy; and Letters of Marque and Reprisal. 12 E.g. The Rome Statute of the International Criminal Court, (U.N. Doc. A/CONF.183/9), 13 E.g. Responsibility of States for Internationally Wrongful Acts, (U.N. Doc. annex to General Assembly resolution 56/83 of 12 December 2001, and corrected by document A/56/49(Vol. I)/Corr.4), (2001), untreaty.un.org/ilc/texts/instruments/english/.../9_6_2001.pdf. 4

5 Self Defense In International Law Nothing in international law explicitly approves of or disapproves of private sector hack back. 14 Thus, to the extent an analogy might be sought, it must be found in more general discussions of principles of self defense in existing international instruments and decisions. There are a few such discussions that are notable. The Budapest Convention Perhaps the most directly relevant and noteworthy is the Budapest Convention on Cybercrime. After all, the Budapest Convention is, to date, the only international instrument that is addressed to cyber issues. 15 If it has anything to say about the prospect of cyber selfdefense that discussion would be relatively influential. And, it turns out, there may be something to glean from the Convention not from the text of the Convention itself, which is completely silent on the topic of self defense, but from the accompanying 2001 Explanatory Report. 16 In discussing the specificity with which prohibited cyber offenses were to be identified by signatories, the Report noted that the Convention included an express requirement that the conduct involved be done without right. The Report then went on to explain that this phrase reflects the insight that the conduct described is not always punishable per se, but may be legal or justified not only in cases where classical legal defenses are applicable, like consent, self defence or necessity, but where other principles or interests lead to the exclusion of criminal liability. 17 In short, the Convention commentary seemed to contemplate that signatory Parties would criminalize certain criminal cyber activity (must as the United States has criminalized unauthorized access to a computer in the Computer Fraud and Abuse Act) 18 but that the Parties were free, if they wished to permit such conduct when it occurred pursuant to established legal defenses, excuses or justification. Perhaps also of relevance, though less directly so, the Explanatory Report made clear that there was no intent to criminalize legitimate and common activities inherent in the design of networks or legitimate and common operating or commercial practices. 19 It is only a modest (though, admittedly significant) stretch to read this language as potentially authorizing legitimate practices in self defense. Of course, an important caveat is that the Report is not intended to be an authoritative interpretation of the 14 The recently issued Tallinn Manual on the International Law Applicable to Cyber Warfare, Rule 13, addresses only self defense against armed attacks under international law. According to one participant in the drafting, the second version of the Manual may address legal response to cyber hacks that fall below the use of force threshold. See Private Communication with Author (April 2013). Though it is unclear, one expects that this analysis will be limited to nation state actors, though it may provide some guidance for the analysis of private sector responses. 15 The Convention was adopted by the Committee of Ministers of the Council of Europe in November 2001 and shortly thereafter opened for signature. As of early 2013, 51 countries have signed the convention, though only 39 of those have ratified it. See Convention on Cybercrime, ETS No. 185, 16 Explanatory Report to the Convention on Cybercrime, 17 Id. at 38 (emphasis added) U.S.C Explanatory Report at 38. 5

6 Convention, but it is intended to facilitate the application of its provisions, 20 suggesting that this analysis is at least of potential importance. The Rome Statute The Rome Statue, which created the International Criminal Court, and to which the United States is not (yet) a signatory, entered into force on July 1, It is an example of that rare international instrument that purports to directly affect human behavior to criminalize certain violations of widely held international norms, such as the prohibition on genocide. In addressing these horrific types of war crimes the Statute tangentially addresses the concept of selfdefense though I hasten to add that it does so only in the context of an armed conflict of some form or another and not in the context of acts that do not rise to the level of an armed conflict, which would be the context most nearly applicable to the private sector acts under consideration. Still the brief mention of self defense in the Statute is somewhat instructive. Article 31(1)(c) of the Statue suggests that actors may only take limited self defense action to protect property in the context of an armed conflict. Put simply the Article authorizes a person to act reasonably in defense of himself or another person and only to act in defense of property which is essential for accomplishing a military mission. 22 This narrow definition of permissible self defense of property in an armed conflict suggests at least tangentially an equally narrow ambit for defensive action in non armed conflicts. ICTY Kordic and Cerkez Notwithstanding that seemingly narrow ambit, the International Criminal Tribunal for Yuogoslavia has, in one case, taken a broader view. Relying on Article 31(1)(c) the Court concluded that an actor s ability to defend or protect himself or his property (or another person or person s property)... may be regarded as constituting a rule of customary international law. 23 The Court went on to note that the defense needs to be reasonable, necessary and proportionate all of which would seem to be conditions that at least some forms of hack back could satisfy. The conclusion of the Court is consistent with the general academic view that a defendant may invoke the right of self defense under customary international law against a charge of criminality, whenever he commits an international crime in order to prevent or put an end to, a crime be another person against the agent or a third person. 24 Academic opinion goes further than existing court doctrine in specifiying when self defense might be justified. As one would expect the conditions focus on the imminence of the unlawful act being opposed; the lack of any alternative way to prevent or stop the offense; and the proportionate nature of any possible response. Taken at face value both Kordic and Cerkez and academic opinion might be read to favor some limited form of private sector active defense. The Law of Piracy The generalized approach to self defense described above does not, of course, form a perfect analogy for assessing the legality of a cyber hack back. But in an imperfect world 20 Id. at II. 21 See generally, Rome Statute of the International Court, 22 Rome Statute, Art. 31(1)(c). 23 Prosecutor v. Kordic and Cerkez, Judgment of the Trial Chamber (ICTY), 26 Feb. 2001, 133, tj010226e.pdf. 24 Antonio Cassese et. al., International Crimonal Law, 2d ed., 259 (Oxford Univ. Press 2008) 6

7 we must use the best analogic possibilities we have. So we may now move from a generalized approach to cyber self defense to an area of law that gives us perhaps the closest historical analog for the private sector s response to unlawful cyber activity the rules relating to private actor responses to unlawful behavior on the high seas, namely piracy. The analogy has a great deal of attractiveness to it. After all, some call cyberspace a highway of commerce much as the ocean functions. And hackers stealing intellectual property are a nice analog to pirates who steal physical property. What then might we derive from traditional rules of piracy? Quite a bit as it turns out. Under traditional maritime rules, merchant men were entitled to use selfdefense to repel pirates, but only state owned vessels were privilege to board and seize a pirate ship or engage in hot pursuit. Moreover, the right of hot pursuit ends when the pirate ship enters the territorial water of another country. So if piracy is the right analogy, then private sector aggressive cyber defense may well be unlawful in the first instance, and even aggressive counter measures by nation states might have to respect the sovereignty of other countries. 25 Self Defense Consider first, the general right of self defense. Recent international instruments that were intended to clarify existing rules, in response to the upsurge in piracy off the coast of Somalia, make it relatively clear that private entities may use force in violent force in self defence to prevent crimes that threaten life. (The converse principle the use of non violent self defense when life is not threatened is less well considered). In November 2010, for example, the International Code of Conduct for Private Security Service Providers (the ICoC) was opened for signature. As of early 2013, more than 590 companies from 70 countries had signed. The ICoC requires security service providers to avoid the use of force if possible, and if required to use only proportionate force in response. Violence (in the form of firearms) is probhibited except when necessary to protect against an imminent threat of death or serious injury or to prevent a grave crime. 26 American practice has expanded on that rule somewhat to encompass a broader scope for self defense (or so it would seem). In 2009 the Coast Guard and Department of Homeland Security issued a Port Security Advisory, Guidance on Self Defense and Defense of Others by U.S. Flagged Commercial Vessels Operating in High Risk Waters. 27 The guidance suggested, consistent with the codification in the ICoC, that lethal force in self defense was strictly limited to circumstances where there was a danger of death or serious bodily injury. But the Guidance went further to make clear that the non deadly use of force could be authorized by a vessel s master to protect the vessel or cargo from theft or damage. Taken as a 25 Candidly, the doubtfulness of this last proposition as a matter of practice (i.e. the unlikelihood that nations will cease pursuing hackers across state boundaries) suggests that the piracy analogy may be outdated and of little practical utility in informing contemporary custom. Nonetheless, it s the best analogy we have. 26 International Code of Conduct for Private Security Service Providers, Arts , 27 Port Security Advisory (3 09), Guidance on Self defense or Defense of Others by U.S. Flagged Commercial Vessels Operating in High Risk Areas, 09_Self_Defense.pdf. 7

8 model for our cyber hack back question, this would certainly offer some comfort to those who think that international law will authorize a limited right of self defense. Hot Pursuit and Active Defense But this right of self defense is, as already noted, actually quite limited most likely to areas of action we have characterized as Internal Self Defense. When an actor seeks to use active defense measures, the law of piracy suggests that only a State may act not a private citizen. To begin with, both Article 19 of the Convention on the High Seas and Article 100 of the Law of the Sea Convention require States to cooperate in suppressing piracy but that obligation is, notably put only on State actors. Both conventions are silent as to private actors a silence that ought to be taken as a cautionary note. 28 But insofar as States are authorized, they do have wide authority including the authority to engage in hot pursuit that is the authority to chase a pirate ship when the Stat has good reason to believe that the ship being chased has violated the laws of the State. 29 But that right of hot pursuit may only be exercised to ships or aircraft on government service. 30 If our analogy is that active defensive cyber measures are akin to hot pursuit of a cyber pirate, the implication is that those measures are limited to State actors. Indeed, the right may be even more limited than we might hope. The right of hot pursuit ceases as soon as the ship being chased enters the territorial sea of its own country or of a third State. 31 In other words, once the pirate ship enters home waters or leaves the open area of the High Seas the chasing State must stop and presumably rely on the authority of the nation where the pirates have taken refuge. And so, we are left with at least two important questions: First, is the international norm against cyber hacking sufficiently well formed that it can even be analogized to the customary international obligation to combat piracy in the first place? Second, assuming that it is, then should we translate the teachings from piracy history to the cyber piracy situation and thereby limit active defenses to State actors? Letters of Marque and Reprisal All of which brings us to the question of whether or not private sector actors might, in some way, be deputized by the State to act on its behalf as part of an active cyber defense corps. In domestic law, this conjures up images of a cyber special police or a cyber private investigator or even a cyber bounty hunter. The equivalent conception in international law, again drawn from the general precepts concerning piracy, is the idea of a cyber privateer a private actor to whom might be issued letters of marque and reprisal, much as naval privateers were in the 1800s. 28 See Convention on the High Seas, Art. 19 (1958) (hereinafter High Seas Convention ), untreaty.un.org/ilc/texts/.../conventions/8_1_1958_high_seas.pdf ; Third UN Convention on the Law of the Sea, Art. 100 (1972) (hereinafter UNCLOS III ), 29 UNCLOS Art. 111(1); High Seas Convention Art. HSC 23(1). 30 High Seas Convention, Art 23(4). 31 Id. Art 23(2). 8

9 But even this analogy will only take us so far the question of whether such letters can be issued to combat cyber piracy is, at best, thought of as ambiguous and indefinite in its answer. Letters of marque and reprisal are, essentially, a license authorizing a private citizen to engage in reprisals against citizens or vessels of another nation. 32 But as a general rule such privateering was typically permitted only during times of war. 33 Privateers were authorized by the State not to protect their own interests but to aid in the war effort by assisting in the destruction of the commerce of the hostile nation. They paid for themselves, in the end, with profits from the commerce they destroyed. 34 This aspect of privateering has been frowned upon under international law since the 1856 Paris Declaration Respecting Maritime Law. 35 The United States never ratified the Declaration so it does not formally bind our actions. America has, however, chosen to respect the ban on privateering in wartime and has, as a factual matter, not sought to authorize privateers since the Declaration was signed. 36 Notably, however, notwithstanding the Paris Declaration, letters of marquee have continued to be used to counter piracy or to permit self defense. For example, to counter piracy the British Parliament continued to authorize private ships to attack and capture pirates even after the Declaration of Paris. 37 More recently private companies have, with some success, lobbied the Transitional Federal Government of Somalia for contracts to protect Somali waters from piracy. 38 This is consistent with the pre Paris 32 See Black s Law Dictionary 910 (9th ed. 2009). 33 See Francis R. Stark, The Abolition of Privateering and the Declaration of Paris, in Studies in History, Economics and Public Law 221, ; Joseph Story, A Familiar Exposition of the Constitution of the United States: Containing a Brief Commentary on Every Clause, Explaining the True Nature, Reasons, and Objects Thereof 121 (Harper & Brothers 1865) (1847). 34 A good general reference is : James G. Lydon, Pirates, Privateers, and Profits 25 (1970). 35 See Paris Declaration Respecting Maritime Law (1856), 3CD D. The relevant text of the declaration reads: The above mentioned Plenipotentiaries, being duly authorized, resolved to concert among themselves as to the means of attaining this object; and, having come to an agreement, have adopted the following solemn Declaration: 1. Privateering is, and remains, abolished; 2. The neutral flag covers enemy's goods, with the exception of contraband of war; 3. Neutral goods, with the exception of contraband of war, are not liable to capture under enemy's flag; 4. Blockades, in order to be binding, must be effective, that is to say, maintained by a force sufficient really to prevent access to the coast of the enemy. The Paris Declaration did not prohibit a State from contracting private vessels during wartime for regular navy work so long as they were prohibited from preying on private property. 36 See Edgar Stanton Maclay, A History of American Privateers xxiii (Appleton 1899). 37 David Cordingly, Under the Black Flag: The Romance and the Reality of Life Among Pirates 203 (1995). 38 See US Firm to Fight Somali Pirates, BBC News, (Nov. 25, 2005), africa/ stm. 9

10 practice of the United States which issued letters of marque which were used chiefly by our merchantmen as a license to defend themselves from hostile craft. 39 In short, though the issue is far from free of doubt, there is at least a colorable argument to be made that the Paris Declaration did not render unlawful the issuance of letters of marque for purposes of selfdefense in countering piracy. 40 From this it would only be a short step to the equally tentative conclusion that letters of marque for cyber privateers might, likewise, be lawful under international law to counter cyber pirates notwithstanding the general disfavor with which the concept of privateers is currently viewed. III. Non American Domestic Law and a Growing Opinio Juris A fourth area of inquiry the examination of non American domestic law serves a dual purpose. First, to the extent that customary international law is developing to create an opinio juiris, that law will be reflected in domestic enactments that may, in the end, come to reflect an international consensus. Second, and wholly apart from strictly international law issues, American private actors who undertake cyber hacking against their opponents will, in almost all instances, wind up affecting computers domiciled outside the borders of the United States. To the extent that this is so (and to the extent that American actors may be subject to foreign law through the exercise of lawful foreign process) American actors should, of necessity, consider how their domestic acts will be perceived in target or transit States where the effects of their US based actions might be felt. Non American Usage A fair assessment suggests that other nations are quite skeptical of the concept of private sector self defense. The Netherlands, for example, has introduced a proposal that would allow its law enforcement officials to hack internationally. 41 But the proposed law is silent as to the lawfulness of actions by private parties and, by implication, seems to disfavor them. The Israeli Defense Forces have a similar position, reserving the right to use offensive cyber operations while remaining silent on whether private sector actors can likewise engage. 42 Likewise, hack back is illegal in Germany (though we must hasten to note that several anecdotal reports suggest that German private entities increasingly engage use hack back techniques anyway). The German prohibition, known as The Hacker Paragraph, is 202a of the German Criminal Code (StGB), and provides, in relevant part: Whosoever unlawfully obtains data for himself or another that were not intended for him and were especially protected against unauthorised access, if he has circumvented the 39 See Gardner W. Allen, Our Naval War with France 225 (1909). 40 See Theodore T. Richard, Reconsidering the Letter of Marque: Utilizing Private Security Providers Against Piracy, 39 Geo. Wash. Pub. Contract L. J. 412, (2010). 41 See enpublicaties/kamerstukken/2012/10/15/wetgeving bestrijding cybercrime.html (text in Dutch); omputers/ (summarizing the proposal). 42 See, Rotem Pesso, IDF in Cyberspace, en/dover.aspx 10

11 protection, shall be liable to imprisonment not exceeding three years or a fine. 43 Other provisions explicitly make phising a crime and criminalize any acts in preparation for data espionage of phising. 44 Indeed, returning to our consideration of the Budapest Convention, it may be that some countries (many?) will reject the guidance of the explanatory commentary and consider that the Convention imposes on them a mandatory obligation to criminalize hacking activities even when they are conducted in self defense. This is particularly likely to arise in non common law countries where self defense is generally a more narrowly drawn defense to a criminal prosecution. Under this view, our international strategy of fostering accession to the Budapest Convention, 45 may have the effect of propagating the development of international opinion that opposes private sector hack back. But if international opinion is as much formed by actual State practice as by formal declarations, it is also worth noting that several German companies have come, increasingly, to rely on hack back to protect themselves. According to one researcher at the Institute for Computer Science at Berlin s Freie Universität, German digital vigilantism is on the rise especially in hard hit sectors affected by cybercriminals like the financial industry, development companies, and research groups. 46 It may well be that official disapproval with informal tolerance is a recurring model across the globe. In that case, development of an international opinio juris will prove particularly difficult. When formal declarations diverge from actual practice the ambiguity necessarily tends to prevent the clarification of a customary international opinion. One final cautionary note bears some emphasis, though it does not directly address the opinio juris analysis: The prospect of non American criminal prosecution is realistic and must be taken into account. To a real degree criminal prosecution (or the possibility of it) has been ineffective in deterring overseas hackers of American interests precisely because the threat of prosecution is an empty one. Many hackers are beyond the reach of American law and reside in countries with which we have no effective extradition program for cyber offenses. By contrast, when a private sector hack back has collateral effects in an allied country (say Germany or Japan) we can imagine that American legal authorities would generally honor an appropriately couched extradition request from the affected nation. The prospect of criminal prosecution is, therefore, rather higher for American actors precisely because the U.S. government is a lawful actor on the world stage. And even for countries where extradition is not a realistic prospect (we cannot, for example, extraditing an American to stand trial in China for hack back) there will be other avenues of retaliation that must be considered. Most American private sector actors who have the resources to contemplate private sector self defense, for example, will be corporations or individuals with a multi national presence. Even 43 StGB, 202a, im internet.de/englisch_stgb/ 44 Id. 202(b) and (c). 45 See International Strategy for Cyberspace (May 2011), 46 Ulrich Clau, Hack Back When A Cyber Attack Victim Turns 'Digital Vigilante' (July 21, 2012), science/hack back when a cyber attack victim turns digital vigilante /c4s5887/#.usjqprnpark 11

12 allowing for difficulties of attribution, it is quite likely that those overseas assets will be at risk if the parent American entity conducts private offensive operations. American Usage Finally, it should be noted that the opinion of the United States government is also relevant to the development of an international opinion juris. In this self reflexive way, the domestic law discussion becomes a component of the international law discussion. Moreover, to the extent that current law is changed in the future, that change is itself of relevance to international law. It is therefore relevant that the official current government position tends to disapprove of private sector self help. The Justice Department s Computer Crime and Intellectual Property Section, Manual on Computer Crime, 47 suggests that: Although it may be tempting to do so (especially if the attack is ongoing), the company should not take any offensive measures on its own, such as hacking back into the attacker s computer even if such measures could in theory be characterized as defensive. Doing so may be illegal, regardless of the motive. Further, as most attacks are launched from compromised systems of unwitting third parties, hacking back can damage the system of another innocent party. Likewise, though criminal liability under the CFAA is a hotly debated topic, 48 there seems to me little doubt that most courts would hold a domestic hack back actor liable in trespass. On the other hand, given the current tenor of the debate the United States may be the most likely State to eventually approve of private sector hack back. In general, the use of private sector security companies to provide police services is not only legally permitted but also widely pursued. More money is spent on private police than public police within the U.S. 49 Indeed, in the domestic sphere the United States authorizes authorize bounty hunters to use force to apprehend fugitives and use police like powers. 50 One can readily imagine a change in American perspective that, in turn, would influence international opinion (or, of course, perhaps such a change would be of little influence). Conclusion As The Economist recently noted, 51 the idea of hack back sounds like something out of a spy novel. But what was once the stuff of fiction, or imaginative policymaking is quickly becoming a topic for serious consideration. Recently, the Administration chartered Commission on the Theft of American Intellectual 47 Appendix D Best Practices for Victim Response and Reporting 48 See The Hackback Debate, supra n. xx. 49 See Elizabeth E. Joh, The Paradox of Private Policing, 95 J. Crim. L. & Criminology 50, 64 (2004). 50 See Andrew DeForest Patrick, Note, Running from the Law: Should Bounty Hunters Be Considered State Actors and Thus Subject to Constitutional Restraints, 52 Vand. L. Rev. 171, 172 (1999). 51 Fighting China s Hackers (May 25, 2013), states/ it timeretaliate against cyber thieves fighting chinas hackers 12

13 Property affirmatively recommended that consideration be given to easing the domestic American prohibition on hack back. 52 Before, however, we go down that road, it would be wise to consider the international consequences of such an act. Cyberspace is, after all, an international domain with more non American actors than American ones. And what is sauce for the goose will no doubt one day be sauce for the gander. This is not to say that hack back is ill advised. Far from it. In the absence of an effective system of cybersecurity provided by the government it is, in some sense, almost immoral to prohibit private sector actors from taking steps to protect themselves. But this is to say that caution is advised and that the American government needs to begin building an international consensus regarding private sector hack back before the forces of the private sector are unleashed. To that end, this brief survey of existing international law on the subject is just a starting point for a larger discussion, rather than an end point for determinative resolution. 52 The IP Commission Report (May 2013), 13

PERTH COUNTER-PIRACY CONFERENCE JULY 2012 CHAIRMAN S FINAL STATEMENT OF THE MEETING

PERTH COUNTER-PIRACY CONFERENCE JULY 2012 CHAIRMAN S FINAL STATEMENT OF THE MEETING PERTH COUNTER-PIRACY CONFERENCE 15-17 JULY 2012 CHAIRMAN S FINAL STATEMENT OF THE MEETING [This is a personal, informal report of our meeting which I offer for consideration by the Australian Government

More information

Via

Via A REGISTERED LIMITED LIABILITY PARTNERSHIP INCLUDING PROFESSIONAL CORPORATIONS ATTORNEYS AT LAW SUITE 200 1201 CONNECTICUT AVENUE, N.W. WASHINGTON, D.C. 20036 (202) 861-0870 Fax: (202) 861-0870 www.rwdhc.com

More information

OAU CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM

OAU CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM OAU CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM The member states of the Organization of African Unity: Considering the purposes and principles enshrined in the Charter of the Organization

More information

OAU CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM

OAU CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM 1 OAU CONVENTION ON THE PREVENTION AND COMBATING OF TERRORISM The Member States of the Organization of African Unity: Considering the purposes and principles enshrined in the Charter of the Organization

More information

Cyber War and Competition in the China-U.S. Relationship 1 James A. Lewis May 2010

Cyber War and Competition in the China-U.S. Relationship 1 James A. Lewis May 2010 Cyber War and Competition in the China-U.S. Relationship 1 James A. Lewis May 2010 The U.S. and China are in the process of redefining their bilateral relationship, as China s new strengths means it has

More information

CHAPTER 1 BASIC RULES AND PRINCIPLES

CHAPTER 1 BASIC RULES AND PRINCIPLES CHAPTER 1 BASIC RULES AND PRINCIPLES Section I. GENERAL 1. Purpose and Scope The purpose of this Manual is to provide authoritative guidance to military personnel on the customary and treaty law applicable

More information

Panel: Cybercrimes and the Domestication of International Criminal Law

Panel: Cybercrimes and the Domestication of International Criminal Law Santa Clara Journal of International Law Volume 5 Issue 2 Article 9 1-1-2007 Panel: Cybercrimes and the Domestication of International Criminal Law Santa Clara Journal of International Law Follow this

More information

Appendix II Draft comprehensive convention against international terrorism

Appendix II Draft comprehensive convention against international terrorism Appendix II Draft comprehensive convention against international terrorism Consolidated text prepared by the coordinator for discussion* The States Parties to the present Convention, Recalling the existing

More information

NEW HORIZONS IN THE LAW OF THE SEA

NEW HORIZONS IN THE LAW OF THE SEA 675 NEW HORIZONS IN THE LAW OF THE SEA David Leary and Anshuman Chakraborty * This article summarises the proceedings of the symposium held at Victoria University of Wellington in September 2004 to mark

More information

Modern Slavery Bill EXPLANATORY NOTES. Explanatory notes to the Bill, prepared by the Home Office, are published separately as Bill 8-EN.

Modern Slavery Bill EXPLANATORY NOTES. Explanatory notes to the Bill, prepared by the Home Office, are published separately as Bill 8-EN. EXPLANATORY NOTES Explanatory notes to the Bill, prepared by the Home Office, are published separately as Bill 8-EN. EUROPEAN CONVENTION ON HUMAN RIGHTS Secretary Theresa May has made the following statement

More information

SUPREME COURT OF THE UNITED STATES

SUPREME COURT OF THE UNITED STATES Cite as: 544 U. S. (2005) 1 NOTICE: This opinion is subject to formal revision before publication in the preliminary print of the United States Reports. Readers are requested to notify the Reporter of

More information

Having regard to the Treaty on the Functioning of the European Union, and in particular point (d) of Article 77(2) thereof,

Having regard to the Treaty on the Functioning of the European Union, and in particular point (d) of Article 77(2) thereof, 27.6.2014 Official Journal of the European Union L 189/93 REGULATION (EU) No 656/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 15 May 2014 establishing rules for the surveillance of the external

More information

AR 15-6 Investigating Officer's Guide

AR 15-6 Investigating Officer's Guide AR 15-6 Investigating Officer's Guide A. INTRODUCTION 1. Purpose: This guide is intended to assist investigating officers who have been appointed under the provisions of Army Regulation (AR) 15-6, in conducting

More information

Legal Supplement Part C to the Trinidad and Tobago Gazette, Vol. 56, No. 52, 18th May, 2017

Legal Supplement Part C to the Trinidad and Tobago Gazette, Vol. 56, No. 52, 18th May, 2017 Legal Supplement Part C to the Trinidad and Tobago Gazette, Vol. 56, No. 52, 18th May, 2017 No. 15 of 2017 Second Session Eleventh Parliament Republic of Trinidad and Tobago HOUSE OF REPRESENTATIVES BILL

More information

TOPIC TWO: SOURCES OF INTERNATIONAL LAW

TOPIC TWO: SOURCES OF INTERNATIONAL LAW TOPIC TWO: SOURCES OF INTERNATIONAL LAW Legal orders have mechanisms for determining what is a source of valid law. Unlike with municipal law, in PIL there is no constitutional machinery of formal law-making

More information

Comments and observations received from Governments

Comments and observations received from Governments Extract from the Yearbook of the International Law Commission:- 1997,vol. II(1) Document:- A/CN.4/481 and Add.1 Comments and observations received from Governments Topic: International liability for injurious

More information

LESSONS IDENTIFIED FROM SOMALI PIRACY

LESSONS IDENTIFIED FROM SOMALI PIRACY LESSONS IDENTIFIED FROM SOMALI PIRACY Introduction This paper draws upon the international shipping industry s experience of Somalibased piracy during the period 2007 to 2013, with the intention of identifying

More information

SAINT VINCENT AND THE GRENADINES ACT NO. 34 OF 2002

SAINT VINCENT AND THE GRENADINES ACT NO. 34 OF 2002 1 SAINT VINCENT AND THE GRENADINES ACT NO. 34 OF 2002 AN ACT for the implementation of the provisions of the International Convention for the Suppression of the Financing of Terrorism, 1999 and to provide

More information

In recent years, criminals have launched cyberattacks

In recent years, criminals have launched cyberattacks Interbank Liability for Fraudulent Transfers via SWIFT: Banco del Austro, S.A. v. Wells Fargo Bank, N.A. By Salvatore Scanio In recent years, criminals have launched cyberattacks on the international banking

More information

Hacking and the Law. John MacKenzie

Hacking and the Law. John MacKenzie Hacking and the Law John MacKenzie john.mackenzie@pinsentmasons.com Introduction About Pinsent Masons Hacking The Law Individual rights and responsibilities Employee rights and responsibilities Directors

More information

Espionage Act of 1917

Espionage Act of 1917 Espionage Act of 1917 This act, passed during World War I, strictly limited Americans' freedom of speech in the name of wartime security. Since the Alien and Sedition Acts of the late eighteenth century,

More information

President Wilson's Declaration of Neutrality

President Wilson's Declaration of Neutrality President Wilson's Declaration of Neutrality Woodrow Wilson, Message to Congress, 63rd Cong., 2d Sess., Senate Doc. No. 566 (Washington, 1914), pp. 3-4. The effect of the war upon the United States will

More information

Hacking: Rights, Hacktivism, and Counterhacking

Hacking: Rights, Hacktivism, and Counterhacking Hacking: Rights, Hacktivism, and Counterhacking Kenneth Einar Himma acknowledges that hacker once had a positive connotation, but reserves the term hacking to refer to acts in which one person gains unauthorized

More information

PART H - SPECIFIC OFFENDER CHARACTERISTICS. Introductory Commentary

PART H - SPECIFIC OFFENDER CHARACTERISTICS. Introductory Commentary 5H1.1 PART H - SPECIFIC OFFENDER CHARACTERISTICS Introductory Commentary The following policy statements address the relevance of certain offender characteristics to the determination of whether a sentence

More information

National Report Japan

National Report Japan National Report Takeshi MATSUDA, Megumi OCHI, Tadashi IWASAKI (B) Jurisdictional issues (1)(a) How does your country locate the place of the commission of a crime in cyberspace? Article 1 of the ese Penal

More information

Draft Statute for an International Criminal Court 1994

Draft Statute for an International Criminal Court 1994 Draft Statute for an International Criminal Court 1994 Text adopted by the Commission at its forty-sixth session, in 1994, and submitted to the General Assembly as a part of the Commission s report covering

More information

OCCASIONAL PAPER 1 A CODE OF CONDUCT FOR THE INDIAN OCEAN. 2 nd January, 2018 CENTRE FOR THE LAW OF THE SEA PATHFINDER FOUNDATION

OCCASIONAL PAPER 1 A CODE OF CONDUCT FOR THE INDIAN OCEAN. 2 nd January, 2018 CENTRE FOR THE LAW OF THE SEA PATHFINDER FOUNDATION OCCASIONAL PAPER 1 A CODE OF CONDUCT FOR THE INDIAN OCEAN 2 nd January, 2018 CENTRE FOR THE LAW OF THE SEA PATHFINDER FOUNDATION CODE OF CONDUCT CONCERNING THE REPRESSION OF PIRACY, ARMED ROBBERY AGAINST

More information

International humanitarian law and the protection of war victims

International humanitarian law and the protection of war victims International humanitarian law and the protection of war victims Hans-Peter Gasser 1. Why do we need international humanitarian law? War is forbidden. The Charter of the United Nations states clearly that

More information

Canada International Extradition Treaty-First Protocol with the United States

Canada International Extradition Treaty-First Protocol with the United States Canada International Extradition Treaty-First Protocol with the United States January 11, 1988, Date-Signed November 26, 1991, Date-In-Force Protocol was read the first time, and together with the accompanying

More information

Thinking About a US-China War, Part 2

Thinking About a US-China War, Part 2 Thinking About a US-China War, Part 2 Jan. 4, 2017 Sanctions and blockades as an alternative to armed conflict would lead to armed conflict. By George Friedman This article is the second in a series. Read

More information

CONVENTION ON THE PROTECTION OF THE UNDERWATER CULTURAL HERITAGE

CONVENTION ON THE PROTECTION OF THE UNDERWATER CULTURAL HERITAGE CONVENTION ON THE PROTECTION OF THE UNDERWATER CULTURAL HERITAGE UNESCO Paris, 2 November 2001 The General Conference of the United Nations Educational, Scientific and Cultural Organization, meeting in

More information

G7 Foreign Ministers Declaration on Maritime Security Lübeck, 15 April 2015

G7 Foreign Ministers Declaration on Maritime Security Lübeck, 15 April 2015 G7 Foreign Ministers Declaration on Maritime Security Lübeck, 15 April 2015 The maritime domain is a cornerstone of the livelihood of humanity, habitat, resources and transport routes for up to 90 per

More information

ALON. Ocean Wave. Issue Topics of interest relating to the Philippine Maritime Industry and Shipping. GULF of ADEN

ALON. Ocean Wave. Issue Topics of interest relating to the Philippine Maritime Industry and Shipping. GULF of ADEN ALON Issue 1 2013 Ocean Wave Topics of interest relating to the Philippine Maritime Industry and Shipping Filipino Seafarers High Risk Area Gulf of Aden and ship owners contractual liability under the

More information

COMBATING OF TRAFFICKING IN PERSONS ACT

COMBATING OF TRAFFICKING IN PERSONS ACT COMBATING OF TRAFFICKING IN PERSONS ACT Act 2 of 2009 30 July 2009 ARRANGEMENT OF SECTIONS 1. Short title 2. Interpretation 3. Application of Act 4. Centres for victims of trafficking 5. Country of origin

More information

WHO reform: Framework of engagement with non-state actors

WHO reform: Framework of engagement with non-state actors REGIONAL COMMITTEE Provisional Agenda item 6.1 Sixty-seventh Session SEA/RC67/3 Add.1 Dhaka, Bangladesh 9-12 September 2014 2 September 2014 WHO reform: Framework of engagement with non-state actors The

More information

Title 17-A: MAINE CRIMINAL CODE

Title 17-A: MAINE CRIMINAL CODE Title 17-A: MAINE CRIMINAL CODE Chapter 5: DEFENSES AND AFFIRMATIVE DEFENSES; JUSTIFICATION Table of Contents Part 1. GENERAL PRINCIPLES... Section 101. GENERAL RULES FOR DEFENSES AND AFFIRMATIVE DEFENSES;

More information

Restatement Third of Torts: Coordination and Continuation *

Restatement Third of Torts: Coordination and Continuation * Restatement Third of Torts: Coordination and Continuation * With the near completion of the project on Physical-Emotional Harm, the Third Restatement of Torts now covers a wide swath of tort territory,

More information

Plenary v. Concurrent Powers

Plenary v. Concurrent Powers Plenary v. Concurrent Powers Plenary Powers: powers granted to a body in absolute terms, with no review of, or limitations upon, the exercise of those powers. Concurrent Powers: powers shared among two

More information

The Patentability Search

The Patentability Search Chapter 5 The Patentability Search 5:1 Introduction 5:2 What Is a Patentability Search? 5:3 Why Order a Patentability Search? 5:3.1 Economics 5:3.2 A Better Application Can Be Prepared 5:3.3 Commercial

More information

Liechtenstein International Extradition Treaty with the United States

Liechtenstein International Extradition Treaty with the United States Liechtenstein International Extradition Treaty with the United States May 20, 1936, Date-Signed June 28, 1937, Date-In-Force STATUS: Treaty signed at Bern on May 20, 1936. It was Ratified by Liechtenstein

More information

Report on the facilitation on the activation of the jurisdiction of the International Criminal Court over the crime of aggression

Report on the facilitation on the activation of the jurisdiction of the International Criminal Court over the crime of aggression International Criminal Court Assembly of States Parties ICC-ASP/16/24 Distr.: General 27 November 2017 Original: English Sixteenth session New York, 4-14 December 2017 Report on the facilitation on the

More information

Cyber Border Security Defining and Defending a National Cyber Border

Cyber Border Security Defining and Defending a National Cyber Border Cyber Border Security Defining and Defending a National Cyber Border By Phillip Osborn Osborn, Cyber Border Security 2 Abstract Concerns stemming from the convergence of border and cyber security threats

More information

Mauritius International Extradition Treaty with the United States. (The treaty applicable to Mauritius was originally signed with the United Kingdom.

Mauritius International Extradition Treaty with the United States. (The treaty applicable to Mauritius was originally signed with the United Kingdom. Mauritius International Extradition Treaty with the United States (The treaty applicable to Mauritius was originally signed with the United Kingdom.) December 22, 1931, Date-Signed June 24, 1935, Date-In-Force

More information

The Republic of Estonia, the Republic of Latvia and the Republic of Lithuania (hereinafter referred to as "the Parties"),

The Republic of Estonia, the Republic of Latvia and the Republic of Lithuania (hereinafter referred to as the Parties), FREE TRADE AGREEMENT BETWEEN THE REPUBLIC OF ESTONIA, THE REPUBLIC OF LATVIA AND THE REPUBLIC OF LITHUANIA Preamble The Republic of Estonia, the Republic of Latvia and the Republic of Lithuania (hereinafter

More information

DEPARTMENT OF JUSTICE CANADA MINISTÈRE DE LA JUSTICE CANADA

DEPARTMENT OF JUSTICE CANADA MINISTÈRE DE LA JUSTICE CANADA DEPARTMENT OF JUSTICE CANADA MINISTÈRE DE LA JUSTICE CANADA Lawful Access: Legal Review Follow-up Consultations: Criminal Code Draft Proposals February-March 2005 For discussion purposes Not for further

More information

Self-Judging Self-Defense

Self-Judging Self-Defense Case Western Reserve Journal of International Law Volume 19 Issue 2 1987 Self-Judging Self-Defense Oscar Schachter Follow this and additional works at: http://scholarlycommons.law.case.edu/jil Part of

More information

Resolution adopted by the General Assembly on 18 December [on the report of the Third Committee (A/69/489)]

Resolution adopted by the General Assembly on 18 December [on the report of the Third Committee (A/69/489)] United Nations A/RES/69/196 General Assembly Distr.: General 26 January 2015 Sixty-ninth session Agenda item 105 Resolution adopted by the General Assembly on 18 December 2014 [on the report of the Third

More information

Convention on Damage Caused by Foreign Aircraft to Third Parties on the Surface Signed at Rome, on 7 October 1952 (Rome Convention 1952)

Convention on Damage Caused by Foreign Aircraft to Third Parties on the Surface Signed at Rome, on 7 October 1952 (Rome Convention 1952) Convention on Damage Caused by Foreign Aircraft to Third Parties on the Surface Signed at Rome, on 7 October 1952 (Rome Convention 1952) THE STATES SIGNATORY to this Convention MOVED by a desire to ensure

More information

In re Social Networking Inquiry NCBE DRAFTERS POINT SHEET

In re Social Networking Inquiry NCBE DRAFTERS POINT SHEET In re Social Networking Inquiry NCBE DRAFTERS POINT SHEET In this performance test item, examinees senior partner is the chairman of the five-member Franklin State Bar Association Professional Guidance

More information

NAPD Formal Ethics Opinion 16-1

NAPD Formal Ethics Opinion 16-1 NAPD Formal Ethics Opinion 16-1 Question: The Ethics Counselors of the National Association for Public Defense (NAPD) have been asked to address the following scenario: An investigator working for Defense

More information

Andrew Clapham* Abstract. ... The Role of the Individual in International Law

Andrew Clapham* Abstract. ... The Role of the Individual in International Law The European Journal of International Law Vol. 21 no. 1 EJIL 2010; all rights reserved... The Role of the Individual in International Law Andrew Clapham* Abstract This contribution reminds us that as individuals

More information

The Law of the Sea Convention

The Law of the Sea Convention June 14, 2012 The Law of the Sea Convention Prepared statement by John B. Bellinger, III Partner, Arnold & Porter LLP Adjunct Fellow, International and National Security Law Before the Committee on Foreign

More information

Activity 2: The Neutrality Acts,

Activity 2: The Neutrality Acts, Activity 2: The Neutrality Acts, 1935-1937 Student Name Date Directions: Read the documents below, using the following questions to guide your reading. Be prepared to discuss your answers in class. Question

More information

Detention in the Maritime Domain - Counter- Piracy Operations

Detention in the Maritime Domain - Counter- Piracy Operations Detention in the Maritime Domain - Counter- Piracy Operations Rob McLaughlin Australian National University Outline Background Legal Framework Quick refresh Current Challenges Future Challenges UNODC CPP

More information

Introduction to International Humanitarian Law

Introduction to International Humanitarian Law Introduction to International Humanitarian Law 1 General Introduction, Definitions and Fields of Application Do we need international humanitarian law, since the UN Charter outlaws war? However, wars continue

More information

Athens Convention relating to the Carriage of Passengers and their Luggage by Sea, 1974 (Athens, 13 December 1974) THE STATES PARTIES TO THIS

Athens Convention relating to the Carriage of Passengers and their Luggage by Sea, 1974 (Athens, 13 December 1974) THE STATES PARTIES TO THIS Athens Convention relating to the Carriage of Passengers and their Luggage by Sea, 1974 (Athens, 13 December 1974) THE STATES PARTIES TO THIS CONVENTION, HAVING RECOGNIZED the desirability of determining

More information

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL EUROPEAN COMMISSION Brussels, 12.4.2013 COM(2013) 197 final 2013/0106 (COD) C7-0098/13 Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL establishing rules for the surveillance of

More information

PROTOCOL OF 2005 TO THE CONVENTION FOR THE SUPPRESSION OF UNLAWFUL ACTS AGAINST THE SAFETY OF MARITIME NAVIGATION

PROTOCOL OF 2005 TO THE CONVENTION FOR THE SUPPRESSION OF UNLAWFUL ACTS AGAINST THE SAFETY OF MARITIME NAVIGATION INTERNATIONAL CONFERENCE ON THE LEG/CONF.15/21 REVISION OF THE SUA TREATIES 1 November 2005 Agenda item 8 Original: ENGLISH ADOPTION OF THE FINAL ACT AND ANY INSTRUMENTS, RECOMMENDATIONS AND RESOLUTIONS

More information

Discuss the George Zimmerman case. What defense he is expected to claim, and why may he qualify under the facts and circumstances?

Discuss the George Zimmerman case. What defense he is expected to claim, and why may he qualify under the facts and circumstances? CHAPTER 5 JUSTIFICATIONS AS DEFENSES CHAPTER OUTLINE I. Introduction II. Types of Defenses III. The Nature of Defenses IV. Justification as a Defense A. Necessity B. Self Defense C. Defense of Others D.

More information

EXTRADITION TREATY WITH THE REPUBLIC OF COLOMBIA MESSAGE FROM THE PRESIDENT OF THE UNITED STATES

EXTRADITION TREATY WITH THE REPUBLIC OF COLOMBIA MESSAGE FROM THE PRESIDENT OF THE UNITED STATES BILATERAL EXTRADITION TREATIES COLOMBIA EXTRADITION TREATY WITH THE REPUBLIC OF COLOMBIA TREATY DOC. No. 97-8 1979 U.S.T. LEXIS 199 September 14, 1979, Date-Signed MESSAGE FROM THE PRESIDENT OF THE UNITED

More information

I. INTRODUCTION II. EVALUATING THE DIRECT CONNECTION REQUIREMENT IN RESPECT OF THE FIRST AND SECOND COUNTER-CLAIMS

I. INTRODUCTION II. EVALUATING THE DIRECT CONNECTION REQUIREMENT IN RESPECT OF THE FIRST AND SECOND COUNTER-CLAIMS DISSENTING OPINION OF JUDGE AD HOC CARON Disagreement with holding of inadmissibility by the Court of Colombia s first and second counter-claims Direct connection in fact or in law of Colombia s first

More information

UN Security Council Resolution on Foreign Terrorist Fighters (FTFs)

UN Security Council Resolution on Foreign Terrorist Fighters (FTFs) Friday September 19 - V7 - BLUE UN Security Council Resolution on Foreign Terrorist Fighters (FTFs) 1. Reaffirming that terrorism in all forms and manifestations constitutes one of the most serious threats

More information

- 1 - Implementing the 1954 Hague Convention and its Protocols: legal and practical implications. Patrick J Boylan, City University London, UK

- 1 - Implementing the 1954 Hague Convention and its Protocols: legal and practical implications. Patrick J Boylan, City University London, UK - 1 - Implementing the 1954 Hague Convention and its Protocols: legal and practical implications Patrick J Boylan, City University London, UK If and when a State decides to adopt the 1954 Hague Convention

More information

COMBATING OF TRAFFICKING IN PERSONS ACT 2009

COMBATING OF TRAFFICKING IN PERSONS ACT 2009 1 of 12 6/12/2009 2:35 PM COMBATING OF TRAFFICKING IN PERSONS ACT 2009 Act No. 2 of 2009 Government Gazette of Mauritius No. 40 of 9 May 2009 I assent 8th May 2009 SIR ANEROOD JUGNAUTH President of the

More information

RESTATEMENT (THIRD) OF TORTS: COORDINATION AND CONTINUATION

RESTATEMENT (THIRD) OF TORTS: COORDINATION AND CONTINUATION RESTATEMENT (THIRD) OF TORTS: COORDINATION AND CONTINUATION Ellen Pryor* With the near completion of the project on Physical and Emotional Harm, the Restatement (Third) of Torts now covers a wide swath

More information

The following text will:

The following text will: Comments on the question of the harmony of the UNESCO 2001 Convention on the Protection of the Underwater Cultural Heritage with the UN Convention on the Law of the Sea 1 The Convention on the Protection

More information

TRADE SECRETS ACT B.E (2002) BHUMIBOL ADULYADEJ, REX

TRADE SECRETS ACT B.E (2002) BHUMIBOL ADULYADEJ, REX TRADE SECRETS ACT B.E. 2545 (2002) BHUMIBOL ADULYADEJ, REX Given on the 12th Day of April B.E. 2545; Being the 57th Year of the Present Reign. His Majesty King Bhumibol Adulyadej is graciously pleased

More information

International Law in Cyberspace

International Law in Cyberspace Yale Law School Yale Law School Legal Scholarship Repository Faculty Scholarship Series Yale Law School Faculty Scholarship 2012 International Law in Cyberspace Harold Hongju Koh Yale Law School Follow

More information

What Should Be Classified? Some Guiding Principles. By Steven Aftergood

What Should Be Classified? Some Guiding Principles. By Steven Aftergood (draft May 2011) What Should Be Classified? Some Guiding Principles By Steven Aftergood Every nation, including the most open societies, restricts the public disclosure of information that is deemed to

More information

Customs Enforcement of Intellectual Property Rights Manual

Customs Enforcement of Intellectual Property Rights Manual Customs Enforcement of Intellectual Property Rights Manual Office of the Revenue Commissioners February 2017 1 Contents 1. Introduction...3 2. Applications for Action...4 3. Standard Enforcement Procedure...5

More information

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL EUROPEAN COMMISSION Brussels, 13.9.2017 COM(2017) 489 final 2017/0226 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on combating fraud and counterfeiting of non-cash means

More information

Statute of Limitation in Federal Criminal Cases: A Sketch

Statute of Limitation in Federal Criminal Cases: A Sketch Statute of Limitation in Federal Criminal Cases: A Sketch name redacted Senior Specialist in American Public Law November 14, 2017 Congressional Research Service 7-... www.crs.gov RS21121 Summary A statute

More information

The Admissibility of Tape Recorded Evidence Produced by Private Individuals Under Title III of the Omnibus Crime Control Act of 1968

The Admissibility of Tape Recorded Evidence Produced by Private Individuals Under Title III of the Omnibus Crime Control Act of 1968 Washington and Lee Law Review Volume 45 Issue 1 Article 7 1-1-1988 The Admissibility of Tape Recorded Evidence Produced by Private Individuals Under Title III of the Omnibus Crime Control Act of 1968 Follow

More information

KENYA GAZETTE SUPPLEMENT

KENYA GAZETTE SUPPLEMENT SPECIAL ISSUE Kciivci Gazette Supplement No. 91 (National A.scenthIv BilLs No. 29) $ REPUBLIC OF KENYA KENYA GAZETTE SUPPLEMENT NATIONAL ASSEMBLY BILLS, 2017 NAIROBI, 13th June, 2017 CONTENT Hill for Introduction

More information

The Convention on Cybercrime: A framework for legislation and international cooperation for countries of the Americas

The Convention on Cybercrime: A framework for legislation and international cooperation for countries of the Americas www.coe.int/cybercrime The Convention on Cybercrime: A framework for legislation and international cooperation for countries of the Americas Workshop on cybercrime legislation (Bogota, 3-5 Sep 2008) Alexander

More information

Selected Articles from Specific Laws Related to the Implementation of TRIPS

Selected Articles from Specific Laws Related to the Implementation of TRIPS Selected Articles from Specific Laws Related to the Implementation of TRIPS 1. Code of Civil Procedures; No. 24 of 1988 2. High Court of Justice Law; No. 11 of 1989 3. Criminal Procedure Law; No. 9 of

More information

First Session Tenth Parliament Republic of Trinidad and Tobago REPUBLIC OF TRINIDAD AND TOBAGO. Act No. 11 of 2010

First Session Tenth Parliament Republic of Trinidad and Tobago REPUBLIC OF TRINIDAD AND TOBAGO. Act No. 11 of 2010 First Session Tenth Parliament Republic of Trinidad and Tobago REPUBLIC OF TRINIDAD AND TOBAGO Act No. 11 of 2010 [L.S.] AN ACT to provide for and about the interception of communications, the acquisition

More information

Introduction, When to File and Where to Prepare the Application

Introduction, When to File and Where to Prepare the Application Chapter 1 Introduction, When to File and Where to Prepare the Application 1:1 Need for This Book 1:2 How to Use This Book 1:3 Organization of This Book 1:4 Terminology Used in This Book 1:5 How Quickly

More information

JOINT STATEMENT OF THE ASEAN-AUSTRALIA SPECIAL SUMMIT: THE SYDNEY DECLARATION. Sydney, Australia, 18 March 2018

JOINT STATEMENT OF THE ASEAN-AUSTRALIA SPECIAL SUMMIT: THE SYDNEY DECLARATION. Sydney, Australia, 18 March 2018 JOINT STATEMENT OF THE ASEAN-AUSTRALIA SPECIAL SUMMIT: THE SYDNEY DECLARATION Sydney, Australia, 18 March 2018 1. We, the Heads of State/Government of the Member States of the Association of Southeast

More information

ACT, Inc. ( ACT ) and Customer agree as follows: Effective Date: August 8, 2017

ACT, Inc. ( ACT ) and Customer agree as follows: Effective Date: August 8, 2017 By ordering ACT Tessera TM, you are requesting a license for the Services and agree to be bound by the following terms and conditions, including those additional terms and conditions and policies referenced

More information

A FEW COMMENTS ON THE COUNCIL OF EUROPE CONVENTION ON CYBERCRIME

A FEW COMMENTS ON THE COUNCIL OF EUROPE CONVENTION ON CYBERCRIME A FEW COMMENTS ON THE COUNCIL OF EUROPE CONVENTION ON CYBERCRIME Lecturer Adrian Cristian MOISE, PhD. Spiru Haret University of Bucharest (ROMANIA) adriancristian.moise.@gmail.com. Abstract The Council

More information

Chapter 10 The Criminal Law and Business. Below is a table that highlights the differences between civil law and criminal law:

Chapter 10 The Criminal Law and Business. Below is a table that highlights the differences between civil law and criminal law: Chapter 10 The Criminal Law and Business Below is a table that highlights the differences between civil law and criminal law: Crime a wrong against society proclaimed in a statute and, if committed, punishable

More information

South China Sea: Realpolitik Trumps International Law

South China Sea: Realpolitik Trumps International Law South China Sea: Realpolitik Trumps International Law Emeritus Professor Carlyle A. Thayer Presentation to East Asian Economy and Society, Institut für Ostasienwissenschaften Universität Wien Vienna, November

More information

TREATY ON EXTRADITION BETWEEN THE UNITED STATES OF AMERICA AND AUSTRALIA

TREATY ON EXTRADITION BETWEEN THE UNITED STATES OF AMERICA AND AUSTRALIA BILATERAL EXTRADITION TREATIES AUSTRALIA Extradition TIAS 8234 27 U.S.T. 957; 1974 U.S.T. LEXIS 130 May 14, 1974, Date-Signed May 8, 1976, Date-In-Force STATUS: [*1] Treaty signed at Washington May 14,

More information

BERMUDA ANTI-TERRORISM (FINANCIAL AND OTHER MEASURES) ACT : 31

BERMUDA ANTI-TERRORISM (FINANCIAL AND OTHER MEASURES) ACT : 31 QUO FA T A F U E R N T BERMUDA ANTI-TERRORISM (FINANCIAL AND OTHER MEASURES) ACT 2004 2004 : 31 TABLE OF CONTENTS 1 2 3 4 5 5A 5B 6 7 8 9 10 10A 11 12 12A 12B 12C 12D 12E 12F 12G Short title and commencement

More information

Coordinated text from 10 August 2011 Version applicable from 1 September 2011

Coordinated text from 10 August 2011 Version applicable from 1 September 2011 Coordinated text of the Act of 30 May 2005 - laying down specific provisions for the protection of persons with regard to the processing of personal data in the electronic communications sector and - amending

More information

GUIDELINES ON INTERNATIONAL PROTECTION: Application of the Exclusion Clauses: Article 1F of the 1951 Convention relating to the Status of Refugees

GUIDELINES ON INTERNATIONAL PROTECTION: Application of the Exclusion Clauses: Article 1F of the 1951 Convention relating to the Status of Refugees Distr. GENERAL HCR/GIP/03/05 4 September 2003 Original: ENGLISH GUIDELINES ON INTERNATIONAL PROTECTION: Application of the Exclusion Clauses: Article 1F of the 1951 Convention relating to the Status of

More information

Anthony Saich The US Administration's Asia Policy

Anthony Saich The US Administration's Asia Policy Anthony Saich The US Administration's Asia Policy (Summary) Date: 15 November, 2016 Venue: CIGS Meeting Room, Tokyo, Japan 1 Anthony Saich, Distinguished Visiting Scholar, CIGS; Professor of International

More information

SECTION 59, CRIMINAL JUSTICE (THEFT AND FRAUD OFFENCES) ACT, 2001

SECTION 59, CRIMINAL JUSTICE (THEFT AND FRAUD OFFENCES) ACT, 2001 SECTION 59, CRIMINAL JUSTICE (THEFT AND FRAUD OFFENCES) ACT, 2001 This Memorandum has been prepared by the Consultative Committee of Accountancy Bodies Ireland ( CCAB-I ) to alert members of the profession

More information

Article 6. [Exercise of jurisdiction] [Preconditions to the exercise of jurisdiction]

Article 6. [Exercise of jurisdiction] [Preconditions to the exercise of jurisdiction] Page 30 N.B. The Court s jurisdiction with regard to these crimes will only apply to States parties to the Statute which have accepted the jurisdiction of the Court with respect to those crimes. Refer

More information

Final Report. For the European Commission, Directorate General Justice, Freedom and Security

Final Report. For the European Commission, Directorate General Justice, Freedom and Security Research Project Executive Summary A Survey on the Economics of Security with Particular Focus on the Possibility to Create a Network of Experts on the Economic Analysis of Terrorism and Anti-Terror Policies

More information

16 March Purpose & Introduction

16 March Purpose & Introduction Factsheet on the key issues relating to the relationship between the proposed eprivacy Regulation (epr) and the General Data Protection Regulation (GDPR) 1. Purpose & Introduction As the eprivacy Regulation

More information

Neutrality in Cyber War. Andrew Carswell Armed Forces Delegate International Committee of the Red Cross

Neutrality in Cyber War. Andrew Carswell Armed Forces Delegate International Committee of the Red Cross Neutrality in Cyber War Andrew Carswell Armed Forces Delegate International Committee of the Red Cross Outline Review: legal classification of conflicts Overview of the law of neutrality International

More information

UNCITRAL Model Law on Electronic Commerce with Guide to Enactment 1996 With additional article 5 bis as adopted in 1998

UNCITRAL Model Law on Electronic Commerce with Guide to Enactment 1996 With additional article 5 bis as adopted in 1998 UNCITRAL Model Law on Electronic Commerce with Guide to Enactment 1996 With additional article 5 bis as adopted in 1998 CONTENTS Page GENERAL ASSEMBLY RESOLUTION 51/162 OF 16 DECEMBER 1996.. 1 UNCITRAL

More information

CRS Report for Congress

CRS Report for Congress Order Code RS22405 March 20, 2006 CRS Report for Congress Received through the CRS Web Military Recruiting and the Solomon Amendment: The Supreme Court Ruling in Rumsfeld v. FAIR Summary Charles V. Dale

More information

Australia s accession to the UN Convention on the Use of Electronic Communications in International Contracts consultation paper

Australia s accession to the UN Convention on the Use of Electronic Communications in International Contracts consultation paper Australia s accession to the UN Convention on the Use of Electronic Communications in International Contracts 2005 Proposed amendments to Australia s electronic transactions laws consultation paper November

More information

Memorandum by. ARTICLE 19 International Centre Against Censorship. Algeria s proposed Organic Law on Information

Memorandum by. ARTICLE 19 International Centre Against Censorship. Algeria s proposed Organic Law on Information Memorandum by ARTICLE 19 International Centre Against Censorship on Algeria s proposed Organic Law on Information London, June 1998 Introduction The following comments are an analysis by ARTICLE 19, the

More information

CONVENTION FOR THE SUPPRESSION OF UNLAWFUL ACTS OF VIOLENCE AGAINST THE SAFETY OF MARITIME NAVIGATION (SUA CONVENTION)

CONVENTION FOR THE SUPPRESSION OF UNLAWFUL ACTS OF VIOLENCE AGAINST THE SAFETY OF MARITIME NAVIGATION (SUA CONVENTION) CONVENTION FOR THE SUPPRESSION OF UNLAWFUL ACTS OF VIOLENCE AGAINST THE SAFETY OF MARITIME NAVIGATION (SUA CONVENTION) Adopted: 10 March 1988. Entered into Force: 1 March 1992 Duration: The Convention

More information

Asylum and Immigration (Treatment of Claimants, etc.) Act 2004

Asylum and Immigration (Treatment of Claimants, etc.) Act 2004 Asylum and Immigration (Treatment of Claimants, etc.) Act 2004 CHAPTER 19 CONTENTS Offences 1 Assisting unlawful immigration 2 Entering United Kingdom without passport, &c. 3 Immigration documents: forgery

More information

Constitutional Law - Search and Seizure - Hot Pursuit

Constitutional Law - Search and Seizure - Hot Pursuit Louisiana Law Review Volume 28 Number 3 The Work of the Louisiana Appellate Courts for the 1966-1967 Term: A Symposium April 1968 Constitutional Law - Search and Seizure - Hot Pursuit Dan E. Melichar Repository

More information