Does the Tallinn Manual Allow States to Kill Hackers? Not Really.

It’s always exciting when the media pays attention to expert reports on international law. Unfortunately, the media all too often gets international law wrong — and recent reporting on the Tallinn Manual on International Law Applicable to Cyber Warfare is no exception. There has been a spate of articles in the past couple of days that breathlessly claim the Tallinn Manual permits the use of lethal force against hackers. The Huffington Post’s article is entitled “Report for NATO Justifies Killing of Hackers in a Cyberwar.” According to the Verge, “Killing Hackers is Justified in Cyber Warfare, Says NATO-Commissioned Report.”  And Silicon Angle claims that “Hacktivists Can Be Killed Under Rules of CyberWarfare.”

Does the Tallinn Manual permit a hacker to be killed? Yes, in extraordinary circumstances. But the articles mentioned above each fail to mention that the Manual imposes very significant limits on the use of lethal force against individuals involved in cyber-warfare — and that all of those limits are based on, and reflect, the traditional rules of international humanitarian law (IHL). There is nothing particularly troubling in the Manual, and I say that as someone who is profoundly sympathetic to hacking collectives like Anonymous. Indeed, properly understood, it almost inconceivable that the Manual would permit a state to use lethal force against Anonymous or a similar collective — no matter how dangerous (in the view of a state) their hacking might be.

To begin with, the Tallinn Manual deserves credit for not conflating the jus ad bellum and the jus in bello. The US takes the position that a legitimate act of self-defense in response to an armed attack justifies the use of lethal force against members of organized armed groups. As I discuss in my essay on signature strikes, that is incorrect: an act of self-defense under Art. 51 of the UN Charter prevents the attacked state from claiming that its sovereignty has been violated, but says nothing about whether the use of lethal force violates the targeted individual’s right to life. That killing must still be justified under either IHL (if the targeted killing took place within armed conflict) or IHRL (if the targeted killing took place outside of armed conflict). In the words of the International Law Commission’s commentary to the Draft Articles on the Responsibility of States for Internationally Wrongful Acts, “[a]s to obligations under international humanitarian law and in relation to non-derogable human rights provisions, self-defence does not preclude the wrongfulness of conduct.”

The Tallinn Manual does not cite the ILC commentary, which is unfortunate. But it does not claim, or even suggest, that the use of lethal force against a target does not need to comply with IHL if it represents a legitimate act of self-defense under Art. 51. On the contrary, the provision concerning self-defense — Rule 13 — is located in the section of the Manual that exclusively addresses the jus ad bellum. The Manual’s commentary to Rule 13 also continually emphasizes that what is at stake in an act of self-defence is whether the attacked state’s sovereignty has been violated. Finally, and perhaps most importantly, the section of the Manual that discusses “attacks generally” specifically states (p. 105) that “[t]he law of armed conflict applies to the targeting of any person or object during armed conflict irrespective of the means or methods of warfare employed.”

It is important to emphasize the Tallinn Manual’s clear separation of the jus ad bellum and jus in bello, because media reports have tended to focus on uncertainties that concern the former, not the latter. The Huffington Post article, for example, says that the Manual “leaves some crucial questions unanswered,” such as “the precise point at which the extent of death, injury, damage, destruction or suffering caused by a cyber operation qualifies as an armed attack that justifies retaliation.” That is an unfortunate uncertainty — but it does not concern when a hacker could be targeted with lethal force. It only affects when the right of self-defense under Art. 51 permits a state to violate another state’s sovereignty.

According to the Tallinn Manual, then, the right of a state to use lethal force against a hacker is determined solely by the rules of IHL. The rules of cyber-warfare endorsed by the Manual thus apply only in armed conflict; as the Manual itself notes in Rule 20, “[a] condition precedent to the application of the law of armed conflict is the existence of an armed conflict.” Put more simply: the Manual’s rules permitting the use of lethal force simply do not apply to hacking that takes place during peacetime. 

Nor is that all. The Tallinn Manual’s rules apply only to acts of cyber-warfare that take place “in the context of” an armed conflict. That is a murky requirement, particularly in a non-international armed conflict (NIAC). But it clearly excludes (p. 77) “activities of private individuals or entities that are unrelated to the armed conflict,” such as “the case of a private corporation that is engaging in theft of intellectual property.” In other words, it is not enough for an act of cyber-warfare to occur during an armed conflict; there must be some kind of connection — what the Manual refers to as a “nexus” (p. 76) — between the act of cyber-warfare and the armed conflict. The experts who wrote the Manual disagree about what satisfies the nexus; some believe that any act committed by a party to the conflict (members of the armed forces or members of an organized armed group) would suffice, while other insist that the act must be intended to further the hostilities. All agree, however, that some real connection is required.

Taken together, the armed-conflict requirement and the nexus requirement make it extremely unlikely that a state could legitimately use lethal force against members of a hacker collective like Anonymous. There are currently no international armed conflicts, although Syria constantly threatens to become one. And hackers don’t tend to work with states anyway. There are a number of non-international armed conflicts (NIAC) — in Pakistan, Yemen, Somalia, Syria, etc. — but hackers don’t tend to work with terrorists or rebel groups, either. So it will be the rare hacker whose acts take place in the context of an armed conflict.

There is, of course, a related question: could a state be in a NIAC with a hacker collective itself? In other words, could a hacker collective like Anonymous qualify as an “organized armed group”? If so, hackers would indeed have reason to fear for their physical safety. Fortunately, the Tallinn Manual makes it very clear that such a NIAC, though perhaps imaginable, is extraordinarily unlikely. The Manual accepts the Tadic test (p. 87), according to which hostilities rise to the level of a NIAC only if they are adequately intense and involve a state and a non-state actor that possesses a requisite level of organization. And it doubts whether acts of cyber-warfare alone will ever satisfy the test (p. 85):

Given the requisite threshold of violence and the degree of organization of the armed groups required for a non-international armed conflict… cyber operations in and of themselves will only in exceptional cases amount to a non-international armed conflict.

Indeed, the Manual questions (p. 87-88) whether hacking could satisfy either aspect of Tadic. With regard to the intensity of hostilities, it specifically states (pp. 87-88) — almost directly referencing Anonymous — that:

[N]etwork intrusions, the deletion or destruction of data (even on a large scale), computer network exploitation, and data theft do not amount to a non-international armed conflict. The blocking of certain Internet functions and services would not, for example, suffice to trigger a non-international armed conflict, nor would defacing governmental or other official websites.

The Manual is equally skeptical with regard to Tadic‘s organization requirement. To begin with, it specifically takes the position (p 88-89) that “cyber operations and computer attacks by private individuals do not suffice. Even small groups of hackers are unlikely to fulfil the requirement of organization.” Moreover, although not completely ruling it out, the Manual is even skeptical that a hacker collective like Anonymous would qualify as an “organized armed group” (p. 90):

The more difficult case is that of an informal grouping of individuals who operate not cooperatively, but rather “collectively,” that is simultaneously but without any coordination. For instance, acting with a shared purpose, they access a common website which contains tools and vulnerable targets, but do not organize their attacks in any fashion. The majority of the International Group of Experts took the position that an informal grouping of individuals acting in a collective but otherwise uncoordinated fashion cannot comprise an organized armed group; there must be a distinct group with sufficient organizational structure that operates as a unit…. All the Experts agreed that the mere fact that individuals are acting toward a collective goal does not satisfy the organization criterion. For example, if a website offers malware and a list of potential cyber targets, those who independently use the site to conduct attacks would not constitute an organized armed group.

These quotes make clear that Tallinn Manual is not trying to legitimize the use of force against hacker collectives like Anonymous. On the contrary, the Manual’s rules are very specifically aimed at individuals who engage in cyber-warfare on behalf of states and non-state actors — rebels and terrorists. The Manual applies only in international or non-international armed conflict; peacetime hacking is excluded. And the Manual applies only to hacking during armed conflict that is in some way connected to the armed conflict itself; nothing in the Manual would justify, say, the US targeting Anonymous on the ground that its attacks on the DOJ to protest Aaron Schwartz’s death were somehow part of its “global non-international armed conflict” with al-Qaeda.

So does the Tallinn Manual allow states to kill hackers? Yes — but only in the most unlikely of circumstances. As long as a hacker doesn’t join up with a state or a non-state actor, she should not have to worry about being vaporized by a Predator while she is sleeping.