New Essay on SSRN: International Law & Information Operations

Info Ops or “IO” has been a hot topic of late. In April and May 2007, Estonia claimed to have become the first victim of cyberwar, as denial of service attacks on its computer networks, disabled not just government websites, but those of its banks, universities, telecommunication companies, and hospitals. Estonia blamed the attacks on the Russian government, which denied the charges. NATO took notice though, sending in experts to observe the attacks, and other militaries are studying the incident, reviving questions about war in the information age that were often pushed aside in the aftermath of September 11.

I’ve just posted a short essay on SSRN that looks at the question of IO and international law generally—you can download it here. Aimed at a military audience, it’s entitled, New Tools, New Rules: International Law & Information Operations, and will appear in the Marine Corps University Foundation-sponsored book, The Message of War: Information, Influence & Perception in Armed Conflict. Here’s the abstract:

For more than a decade, military thinkers have debated the impact of “information operations” (IO) on armed conflict. Responding to the possibilities (and vulnerabilities) inherent in the interconnectivity of the Internet and other information networks, IO constitutes a new form of warfare. IO uses methods such as computer network attacks or psychological operations to influence, disrupt, corrupt, usurp and defend information systems and the infrastructure they support. As militaries work through what IO can do, however, they must wrestle with when and how they can employ it—i.e., the question of law’s application to IO. Since computer networks and modern information systems constitute new tools (and new targets) for military activities, international law currently regulates them only by analogy, and even then, in a patchwork fashion. Most states and scholars appear content with this situation, denying any need to develop IO-specific rules. This paper challenges that conventional wisdom. Even as it applies to IO, the existing legal framework suffers from several, near-fatal conditions: uncertainty (i.e., militaries lack a clear picture of how to translate existing rules into the IO environment); complexity (i.e., overlapping legal regimes threaten to overwhelm military commanders seeking to apply IO); and insufficiency (i.e., existing rules fail to address basic challenges of modern conflicts with non-state actors). This situation creates disincentives for militaries to use IO, notwithstanding IO’s potential to achieve military and political objectives with less harm than conventional bombs or missiles. To redress these deficiencies, I propose states adopt an international law for information operations, or “ILIO.” By adopting an ILIO, states could alleviate the uncertainty and complexity of the status quo, reduce transaction costs for states fighting global terror, and lessen the collateral costs of armed conflict itself.