State responsibility for cyber-attacks on international peace and security
Host item entries:
Polish yearbook of international law, Vol. 29, 2009, p. 139-151
This article discusses international law mechanisms for dealing with electronic threats generated from the territory of one state and directed against a foreign sovereign. It analyses the possibility to recognize a cyber-attack as an act of international aggression and shows existing difficulties at the present state of the international debate. It then turns to the traditional notion of state responsibility for lack of due diligence as a source of state’s responsibility for cyber-attacks. Such due diligence should be guaranteed through sufficient criminal law regulations that are properly executed in order to effectively prevent and prosecute electronic attacks. In this context the article posits that an international debate is required with the aim of establishing international guidelines. The results of such a debate should than allow for the harmonization of national criminal law regulations. Although the author points to the need for an international debate on the system for protection against cyber-attacks on states’ key electronic infrastructure, she also emphasizes already existing international obligations for states to take responsibility for attacks conducted from their territory.