Does Russia’s Election Meddling Break International Law?

Uploaded on 2017-03-20 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law, INTELLIGENCE--USA, NEWS-Cybersecurity News

US spies say Russia meddled in the US presidential election. However, the world’s top minds in cyber warfare aren’t sure if the act constitutes coercion by one state against another. That legal ambiguity is why weaponising stolen information is such a difficult tactic for the United States to counter.

Even the latest version of NATO’s guide to such questions can’t offer a definitive answer. Recently, the alliance’s Cooperative Cyber Defence Centre of Excellence, or CCD COE, released its much anticipated update to the Tallinn Manual, which bills itself as “the most comprehensive analysis of how existing international law applies to cyberspace.”

The manual’s first edition was published two years after Russia’s seminal distributed-denial-of-service attacks on Estonia in 2007. Compiled by 20 experts, it sought to outline the best thinking about what laws apply to states attacking each other over the internet.

Much has changed since then; most importantly, Russia executed a concerted effort to steal and publicise politicians’ email with the aim of influencing the US election. That’s what makes the recent update so important. It provides a roadmap for how states should respond to incidents like that in the future.

In terms of international law, the question is whether by stealing emails and releasing them through Wikileaks and other outlets Russia forced the United States to do something that the latter would not otherwise.

That would constitute meddling in the internal affairs of another state by means of “coercion”, i.e., in a way that prohibits the target from acting freely. It’s an idea that goes back to 1758 but that has taken on new relevance now.

To get a sense of how contentious the issue has become, check out the recent discussion of information warfare at Yale Law School. Right around the 21-minute mark, a small argument breaks out between a young law student and the expert panel over whether Russia coerced a particular election outcome. In reply, West Point’s Aaron Brantly argues that the DNC hack, and subsequent doxxing via Wikileaks, “was not coercion” because it lacked a threat of force.

“We may not like that. It sounds better to say it was coercion. But, in reality, we drank the Kool-Aid ourselves,” Brantly said. “It’s our responsibility as a civil society to process that information.”

Others note that there’s (as yet) no firm evidence that the data theft changed the election’s outcome, so it’s impossible to prove that the meddling caused the United States government or people to do something that they otherwise would not have done.

Bottom line: the degree to which the DNC hack constitutes an act of illegal coercion is a somewhat subjective matter. Even the experts who updated the manual could not come to a consensus.

“The counter view notes that there may have been an impact on the election and the fact that the impact is the result of the hacking differentiates it from mere propaganda or other means of exerting ‘influence’ (as distinct from intervention) by means of information,” said Michael Schmitt, the editor of the manual and a law professor at both the University of Exeter and the Naval War College. “The Russians are masters at playing the ‘gray area’ in the law, as they know that this will make it difficult to claim they are violating international law and justifying responses such as countermeasures.”  

Schmitt explained why that matters. If you could show that Russia’s influence on the election had been coercive then the United States would be legally justified in employing countermeasures that matched the offense, such disrupting the functioning of the Russian government in a way “that would be unlawful but for the fact that they are response to the unlawful activities of the target state and are designed to cause the target state to comply with the law.”

But if the attack was not coercive, then the only real response that the US can employ is something called “retorsion,” or what Schmitt calls unfriendly, but lawful, actions.

“The expulsion of the Russian diplomats and sanctions fall into this category. This is because neither the expulsion of foreign officials nor the imposition of economic sanctions is unlawful,” he said.

At some point, better exit polling and other metrics may allow governments to more effectively trace influence operations to specific effects. You might, for instance, be able to prove beyond reasonable doubt (or at least with high statistical confidence) that a Russian influence campaign did throw the election one way or the other. Until then, drawing a clear link between doxxed information and voter behavior will be next to, impossible, to conclude.

That’s why Russian influence campaigns like the one targeting the DNC will continue.

DefenseOne

Information Warfare isn’t just Russian – It’s also American as Apple Pie:

 

 

« Data Realities: 2017 & Beyond
Malware Traders Switch To Less Suspicious File Types »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Tufin

Tufin

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Cavirin

Cavirin

Cavirin’s Automated Risk Analysis Platform reduces risk and automates security and compliance.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

Abacode

Abacode

Abacode is a Managed Security Services Provider (MSSP). We help businesses consolidate all of their Regulatory Compliance & Cybersecurity needs, under one roof.

Yellow Brand Protection

Yellow Brand Protection

Yellow Brand Protection operates 24/7 to protect brands' Intellectual Property (IP) from infringements on all kinds of online distribution channels.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

North West Cyber Resilience Centre (NWCRC)

North West Cyber Resilience Centre (NWCRC)

The North West Cyber Resilience Centre is a trusted, not-for-profit venture between Greater Manchester Police and Manchester Digital.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

Mode Solutions

Mode Solutions

Mode guarantee IT performance where you need it most, creating seamless and secure solutions that will alleviate pressure from your business.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

Whitaker Brothers

Whitaker Brothers

Whitaker Brothers data destruction equipment can be found in 115 countries and every single continent in the world, from major military organizations to small offices.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.