22 August 2024: Due to technical disruption, we are experiencing some delays to publication. We are working to restore services and apologise for the inconvenience. For further updates please visit our website: https://www.cambridge.org/universitypress/about-us/news-and-blogs/cambridge-university-press-publishing-update-following-technical-disruption
We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.
This journal utilises an Online Peer Review Service (OPRS) for submissions. By clicking "Continue" you will be taken to our partner site
https://mc.manuscriptcentral.com/ajil.
Please be aware that your Cambridge account is not valid for this OPRS and registration is required. We strongly advise you to read all "Author instructions" in the "Journal information" area prior to submitting.
To save this undefined to your undefined account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you used this feature, you will be asked to authorise Cambridge Core to connect with your undefined account.
Find out more about saving content to .
To save this article to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below.
Find out more about saving to your Kindle.
Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.
In their article, Dan Efrony and Yuval Shany claim that post-Tallinn Manual practice demonstrates that states entertain doubts about the applicability to cyberspace of the rules contained in the Tallinn Manuals. According to the authors, post-Tallinn practice reveals that states treat the application of international law to cyber operations as optional; operate in parallel—legal and nonlegal—tracks of conduct; and engage in gradated enforcement. They also claim that their study invites further research into the implications of state conduct in cyberspace for general international law theory. I will use this last point as a springboard to explain the process of normativization in cyberspace—that is, the process of subjecting states’ cyber operations and behaviors to legal standards. To do this, I will use Oscar Schachter's representation of a normative (legal) order as a three-story building. According to Schachter's metaphor, the third floor is occupied by public values and general policy aspirations; the second floor is occupied by law with its distinctive normative patterns of prescribing, proscribing, and applying; while the ground floor is occupied by the social reality of conduct. The three floors are not isolated but connected by escalators and staircases that go in both directions.
At first sight, the question that Dan Efrony and Yuval Shany ask in their article, A Rule Book on the Shelf?, makes sense. If a group of lawyers writes a legal manual for state legal advisors, the logical follow-up question would indeed be, do they use it? Do these “black-letter rules,” as the Manual itself terms them, actually “provid[e] international law advice” to states operating in cyberspace? Given the Manual's own claim that its “effort [is] to examine how extant legal norms apply” to cyber warfare, one may indeed wonder whether states have used the Manual as intended—as a manual.
In late 2018, the New York Times reported that the U.S. Cyber Command had targeted individual Russian hackers in order to deter them from engaging in conduct that could affect the organization and outcome of the U.S. mid-term elections. This unusual preemptive step suggests that states are looking for creative solutions to safeguard their national interests in cyberspace. But to what extent should their conduct be guided by considerations of international law? In this essay, I explore several key aspects of that central conundrum. I argue that (1) we should see cyberspace as an underregulated (but not ungoverned) domain; (2) a main reason for that state of affairs lies in a unique strategic dilemma innate to the cyber domain; and (3) non-state initiatives, including the eponymous “rule book on the shelf,” have a critical role to play in the development of the law in this area.
Dan Efrony and Yuval Shany's article offers some critically important observations on the reception of the Tallinn Manual 2.0 by states, as well as subsequent state practice and opinio juris with regard to the international use of cyber operations. Based on their case studies, Efrony and Shany conclude that states have largely been reluctant to adopt fully the norms, premises, and analogies offered by the Tallinn Manual. The authors argue that there is a “deep uncertainty about the treatment of cyberspace as just another physical space, like land, air, or sea—over which states may exercise sovereignty or control.” The authors further explain that there is an “uneasy fit” between traditional international law regarding internal and external state power, and the regulation of a unterritorial cyberspace. In other words, cyberspace is a sui generis domain, such that analogies to physical-space domains are often ill-suited, and at times doomed to failure.