Re-thinking the boundaries of law in cyberspace : a duty to hack ?
Duncan B. Hollis
Cyberwar : law and ethics for virtual conflicts
Oxford : Oxford University Press, 2015
This chapter proposes re-thinking prevailing approaches to legal boundaries in cyberspace generally and for State cyber-operations in particular. The discussion aims to demonstrate that the current emphasis on drawing law from boundaries and boundaries from law does not constitute a sufficient or effective way to regulate cyberspace and its conflicts. Generally speaking, boundaries still remain the indispensable “tool” in order to assess the scope of international law in cyberspace. Understanding the cyberspace and its relationship with international law necessitate to partially disregard such an approach which is based on law-by-analogy. Therefore, a suitable approach would be to prioritize tailor-made laws with respect to the law to apply in cyberspace, especially in the field of use of force or international humanitarian law (IHL). This paper claims that law-by-analogy should only apply to avoid gaps that would otherwise exist in the absence of tailor-made law. Given the complexity of cyberspace, tailor-made laws provide accurate, effective and complete solutions so as to regulate cyberwar. The two first parts of this paper set forth the limits emerging when it comes to applying law-by-analogy approach to jus ad bellum rules. Accordingly, the third part proposes to adopt a new principle (“Duty to hack”), which will offer a flexible solution to deal with the current gaps regarding the conduct of hostilities and the cyberspace. The "Duty to Hack" would require states to use cyber operations in their military operations whenever they are the least harmful means available to achieve military objectives, thus alleviating (but not eliminating) the pressures of fragmentation and providing a clear rule for calibrating military necessity and humanity. [Summary by students at the International Criminal and Humanitarian Law Clinic, Laval University]