Article

Rethinking proportionality in the cyber context

Stephen Petkis

• Georgetown journal of international law, Vol. 47, issue 4, 2016, p. 1431-1458

English

Photocopies

Despite a rise in "cyber attacks", there is no unified international agreement on how the existing laws of war restrain the use of cyber force. Consequently, states have very little guidance on how to respond “proportionally” to a cyber aggression, or whether a state’s own offensive cyber measures are “proportional.” Contemporary legal scholarship appears to have settled on a definition of “force” that applies the existing laws of war to cyber actions only when such actions are likely to result in conventional “kinetic” harm. This approach fails to adequately address the unique concerns raised by cyber warfare and, indeed, ignores cyber attacks as a distinct component of the modern military arsenal. This note argues that “force” in the cyber context should be interpreted based on the purpose of the attack, not its eventual effect. Any cyber attack launched for the purpose of affecting a foreign national security interest should be considered a “use of force” subject to the existing laws of war. This approach not only mitigates the practical difficulties inherent in trying to anticipate the kinetic consequences of a cyber attack, it also ensures that states cannot engage in an endless cycle of cyber aggressions unrestrained by the laws of war. This note also makes suggestions for re-conceptualizing proportionality analysis in light of the purpose-based definition of cyber “force.” To comply with jus ad bellum proportionality, cyber responses should be limited to neutralizing aggressive attacks, only in cases of clear attribution. Furthermore, to comply with jus in bello proportionality, states should be careful to consider likely entanglements between civilian and military cyber networks.

• Full text