SlideShare a Scribd company logo

Cyber norms (b) and (c) United Nations Singapore Cyber Programme 2019

Benjamin Ang
Benjamin Ang

This presentation explains two of the elevent Norms proposed by the UNGGE in 2015 Cyber Norm (b) States should not knowingly allow their territory to be used for internationally wrongful acts using ICTs; and Cyber Norm (c) States should consider all relevant information, including the larger context of the event, the challenges of attribution in the ICT environment and the nature and extent of the consequences

Government & Nonprofit
1 of 15
Download to read offline
Cyber Norms (b) and (c) United Nations Singapore Cyber Programme 2019 Benjamin Ang, Senior Fellow, CENS / RSIS / NTU Twitter @benjaminang LinkedIn @benjaminangck
Do not allow Territory to be used for Wrongful Acts States should not knowingly allow their territory to be used for internationally wrongful acts using ICTs;
Due Diligence in International Law No State is responsible for acts of individuals “as long as reasonable diligence is used in attempting to prevent the occurrence or recurrence of such wrongs.” Wipperman’s case “every State's obligation not to allow knowingly its territory to be used for acts contrary to the rights of other States” Corfu Channel
Factors in considering Due Diligence 1. effectiveness of the State’s control over certain areas of its territory, 2. degree of predictability of harm and 3. importance of the interest to be protected.
Different standards ‘effective control' – Military and Paramilitary Activities in and against Nicaragua in applying IHL rather than the law of state responsibility, the 'overall control test', ought to apply. – ICTY in Tadić case ICJ rejected the ICTY's position and returned to 'effective control‘ – Application of the Convention on the Prevention and Punishment of the Crime of Genocide
FIRELAND Does it apply to this case? (1) WATERLAND AIRLAND I shall attack AIRLAND infected infected Hey FIRELAND, you can use our servers
FIRELAND Does it apply to this case? (2) WATERLAND AIRLAND I shall attack AIRLAND infected infected We are not aware of anything
FIRELAND Does it apply to this case? (3) WATERLAND AIRLAND I shall attack AIRLAND infected infected We are not aware of anything Hey WATERLAND, your servers are attacking us! Oh No! We don’t have capacity!
Information for Attribution In case of ICT incidents, States should consider all relevant information, including the larger context of the event, the challenges of attribution in the ICT environment and the nature and extent of the consequences;
FIRELAND Wrongful attribution WATERLAND (not aware) AIRLAND infected infected We’ve been cyber- attacked! Where did it come from? The malware came from WATERLAND!
FIRELAND Dangers of Wrong Attribution WATERLAND (not aware) AIRLAND infected infected WATERLAND, we will take countermeasures against you! We’re innocent! Ha ha ha (evil laughter) Is AIRLAND in breach of International Law?
Scenario: Country A launches malware against the civilian hospital computer systems of Country B Are A and B in an existing armed conflict? NO. Was there property damage or injury? NO. Were computer systems prevented from functioning? NO (e.g. cases of espionage, stealing data). No armed attack, LOAC/IHL does not apply YES, it might be an armed attack, for which LOAC/IHL would apply. But not clear if it is unlawful. YES. Then LOAC/IHL applies – go to [Box 1] YES. Then LOAC/IHL applies. Was there property damage or injury? NO. Were computer systems prevented from functioning? NO (e.g. cases of espionage, stealing data). Not unlawful under LOAC/IHL YES. Not clear if it is unlawful under LOAC/IHL. Not clear if it is ‘use of force’ under UN Charter YES. Then it is unlawful under LOAC/IHL. It is also ‘use of force’ under UN Charter Is it an armed attack? Does LOAC / IHL apply? Does AIRLAND have capacity?
Help Adam https://cyberdiplomacy.disarmamenteducation.org/custom_pages/h elp_adam.html
Who knows the whole story? Military Intelligence Police Foreign Affairs Telco Cybersecurity Companies CI OwnersCERTsLawyers White Hats Civil Society Other nations
Post it: What can ASEAN Member States do implement these two norms? States should not knowingly allow their territory to be used for internationally wrongful acts using ICTs States should consider all relevant information, including the larger context of the event, the challenges of attribution in the ICT environment and the nature and extent of the consequences

Recommended

Anti-Child Porn Act & Privacy (slides from ICT4PHD)
Anti-Child Porn Act & Privacy (slides from ICT4PHD)Anti-Child Porn Act & Privacy (slides from ICT4PHD)
Anti-Child Porn Act & Privacy (slides from ICT4PHD)
Winthrop Yu
 
The cybercrimes act of tanzania an overview -all you need to know
The cybercrimes act of tanzania an overview -all you need to knowThe cybercrimes act of tanzania an overview -all you need to know
The cybercrimes act of tanzania an overview -all you need to know
HUMPHREY MORIS
 
California Cyber Security Task Force and ESF 18
California Cyber Security Task Force and ESF 18California Cyber Security Task Force and ESF 18
California Cyber Security Task Force and ESF 18
David Sweigert
 
Cybersex law
Cybersex lawCybersex law
Cybersex law
Ronnel Fernandez
 
Law of-cybercrime
Law of-cybercrimeLaw of-cybercrime
Law of-cybercrime
shiela mae dupa
 
Furio lerma cybercrime-final
Furio lerma cybercrime-finalFurio lerma cybercrime-final
Furio lerma cybercrime-final
Aldrin SuperGo
 
Cyber crime on education rmindanao
Cyber crime on education rmindanaoCyber crime on education rmindanao
Cyber crime on education rmindanao
mar timawa
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality report
Jonan Momo
 

Recommended

Anti-Child Porn Act & Privacy (slides from ICT4PHD)
Anti-Child Porn Act & Privacy (slides from ICT4PHD)Anti-Child Porn Act & Privacy (slides from ICT4PHD)
Anti-Child Porn Act & Privacy (slides from ICT4PHD)
Winthrop Yu
 
The cybercrimes act of tanzania an overview -all you need to know
The cybercrimes act of tanzania an overview -all you need to knowThe cybercrimes act of tanzania an overview -all you need to know
The cybercrimes act of tanzania an overview -all you need to know
HUMPHREY MORIS
 
California Cyber Security Task Force and ESF 18
California Cyber Security Task Force and ESF 18California Cyber Security Task Force and ESF 18
California Cyber Security Task Force and ESF 18
David Sweigert
 
Cybersex law
Cybersex lawCybersex law
Cybersex law
Ronnel Fernandez
 
Law of-cybercrime
Law of-cybercrimeLaw of-cybercrime
Law of-cybercrime
shiela mae dupa
 
Furio lerma cybercrime-final
Furio lerma cybercrime-finalFurio lerma cybercrime-final
Furio lerma cybercrime-final
Aldrin SuperGo
 
Cyber crime on education rmindanao
Cyber crime on education rmindanaoCyber crime on education rmindanao
Cyber crime on education rmindanao
mar timawa
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality report
Jonan Momo
 
Em505 report(pecha kucha video)
Em505 report(pecha kucha video)Em505 report(pecha kucha video)
Em505 report(pecha kucha video)
Eunice Alamag
 
AB 239 Final Presentation
AB 239 Final PresentationAB 239 Final Presentation
AB 239 Final Presentation
Elliot Anderson, J.D.
 
Riot
RiotRiot
Riot
Tughral Yamin
 
Cyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sCyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue's
Dhurba Mainali
 
Cybercrime
CybercrimeCybercrime
Cybercrime
nayakslideshare
 
Cybercrime law in the philippines
Cybercrime law in the philippinesCybercrime law in the philippines
Cybercrime law in the philippines
ian_oguis
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh
 
Developing A Strong Border and Immigration Policy
Developing A Strong Border and Immigration PolicyDeveloping A Strong Border and Immigration Policy
Developing A Strong Border and Immigration Policy
The Heritage Foundation
 
Overcriminalization
OvercriminalizationOvercriminalization
Overcriminalization
The Heritage Foundation
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Integral university, India
 
Security Wars
Security WarsSecurity Wars
Security Wars
Ikuo Takahashi
 
Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012
armaexen
 
post conflict rehab
post conflict rehabpost conflict rehab
post conflict rehab
Tughral Yamin
 
Cybercrime Prevention Act
Cybercrime Prevention ActCybercrime Prevention Act
Cybercrime Prevention Act
MarkFredderickAbejo
 
551 2006 3
551 2006 3551 2006 3
551 2006 3
guestf1a032
 
Cyber2
Cyber2Cyber2
Cyber2
Amey Borkar
 
Yemen
YemenYemen
Yemen
Webster University
 
Chapter14
Chapter14Chapter14
Chapter14
SUNY Ulster
 
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Benjamin Ang
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Benjamin Ang
 
Dr William Boothby
Dr William BoothbyDr William Boothby
Dr William Boothby
Hanah Croft
 
2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...
Ethan S. Burger
 

More Related Content

What's hot

Cybercrime law in the philippines
Cybercrime law in the philippinesCybercrime law in the philippines
Cybercrime law in the philippines
ian_oguis
 

What's hot (18)

Em505 report(pecha kucha video)
Em505 report(pecha kucha video)Em505 report(pecha kucha video)
Em505 report(pecha kucha video)
 
AB 239 Final Presentation
AB 239 Final PresentationAB 239 Final Presentation
AB 239 Final Presentation
 
Riot
RiotRiot
Riot
 
Cyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue'sCyber Crime and its Jurisdictional Issue's
Cyber Crime and its Jurisdictional Issue's
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cybercrime law in the philippines
Cybercrime law in the philippinesCybercrime law in the philippines
Cybercrime law in the philippines
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
 
Developing A Strong Border and Immigration Policy
Developing A Strong Border and Immigration PolicyDeveloping A Strong Border and Immigration Policy
Developing A Strong Border and Immigration Policy
 
Overcriminalization
OvercriminalizationOvercriminalization
Overcriminalization
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Security Wars
Security WarsSecurity Wars
Security Wars
 
Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012
 
post conflict rehab
post conflict rehabpost conflict rehab
post conflict rehab
 
Cybercrime Prevention Act
Cybercrime Prevention ActCybercrime Prevention Act
Cybercrime Prevention Act
 
551 2006 3
551 2006 3551 2006 3
551 2006 3
 
Cyber2
Cyber2Cyber2
Cyber2
 
Yemen
YemenYemen
Yemen
 
Chapter14
Chapter14Chapter14
Chapter14
 

Similar to Cyber norms (b) and (c) United Nations Singapore Cyber Programme 2019

Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Ben Griffith
 
Reliability not Reliance.
Reliability not Reliance.Reliability not Reliance.
Reliability not Reliance.
George Briggs
 
Cyber law & information technology
Cyber law & information technologyCyber law & information technology
Cyber law & information technology
Talwant Singh
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
Jacqueline Fick
 
CyberSecurity Challenge Decision Document
CyberSecurity Challenge Decision Document CyberSecurity Challenge Decision Document
CyberSecurity Challenge Decision Document
LeAnn Rhodes
 
Cybercrime an international-crisis
Cybercrime an international-crisisCybercrime an international-crisis
Cybercrime an international-crisis
tamiuthomas
 
Cybercrime an international-crisis
Cybercrime an international-crisisCybercrime an international-crisis
Cybercrime an international-crisis
tamiuthomas
 

Similar to Cyber norms (b) and (c) United Nations Singapore Cyber Programme 2019 (20)

Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
Law and warfare in the cyber domain (for NSSP, AFP, NDCP)
 
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...Framework of responsible state behaviour in cyberspace - for Marshall Center ...
Framework of responsible state behaviour in cyberspace - for Marshall Center ...
 
Dr William Boothby
Dr William BoothbyDr William Boothby
Dr William Boothby
 
2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...2018 april - aba legal construct for understanding adversarial cyber activit...
2018 april - aba legal construct for understanding adversarial cyber activit...
 
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
Hacking Municipal Government Best Practices for Protection of Sensitive Loc...
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Terrorist Cyber Attacks
Terrorist Cyber AttacksTerrorist Cyber Attacks
Terrorist Cyber Attacks
 
Cybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit MeetingCybersecurity Law and Policy II Slides for First Summit Meeting
Cybersecurity Law and Policy II Slides for First Summit Meeting
 
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
 
Cyber crime legislation part 1
Cyber crime legislation part 1Cyber crime legislation part 1
Cyber crime legislation part 1
 
A report on cyber Crime
A report on cyber CrimeA report on cyber Crime
A report on cyber Crime
 
Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime
 
Reliability not Reliance.
Reliability not Reliance.Reliability not Reliance.
Reliability not Reliance.
 
Cyber crime modified
Cyber crime modifiedCyber crime modified
Cyber crime modified
 
Cyber law & information technology
Cyber law & information technologyCyber law & information technology
Cyber law & information technology
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
 
CyberSecurity Challenge Decision Document
CyberSecurity Challenge Decision Document CyberSecurity Challenge Decision Document
CyberSecurity Challenge Decision Document
 
Cybercrime an international-crisis
Cybercrime an international-crisisCybercrime an international-crisis
Cybercrime an international-crisis
 
Cybercrime an international-crisis
Cybercrime an international-crisisCybercrime an international-crisis
Cybercrime an international-crisis
 

More from Benjamin Ang

International Cooperation to Impose Consequences for Malicious Cyber Activity...
International Cooperation to Impose Consequences for Malicious Cyber Activity...International Cooperation to Impose Consequences for Malicious Cyber Activity...
International Cooperation to Impose Consequences for Malicious Cyber Activity...
Benjamin Ang
 
Changing Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdfChanging Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdf
Benjamin Ang
 
Cooperation between ASEAN military civil academic in international cybersecur...
Cooperation between ASEAN military civil academic in international cybersecur...Cooperation between ASEAN military civil academic in international cybersecur...
Cooperation between ASEAN military civil academic in international cybersecur...
Benjamin Ang
 
Technology Disruption Digital Inclusion and the Law.pdf
Technology Disruption Digital Inclusion and the Law.pdfTechnology Disruption Digital Inclusion and the Law.pdf
Technology Disruption Digital Inclusion and the Law.pdf
Benjamin Ang
 
Why Application of International Law Applies to ASEAN.pdf
Why Application of International Law Applies to ASEAN.pdfWhy Application of International Law Applies to ASEAN.pdf
Why Application of International Law Applies to ASEAN.pdf
Benjamin Ang
 
Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...
Benjamin Ang
 
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...
Benjamin Ang
 
Foreign Interference and National Security - Law Society Public Law conferenc...
Foreign Interference and National Security - Law Society Public Law conferenc...Foreign Interference and National Security - Law Society Public Law conferenc...
Foreign Interference and National Security - Law Society Public Law conferenc...
Benjamin Ang
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Benjamin Ang
 
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)Legal Technology Vision (Singapore) and the future of legal tech (2020 update)
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)
Benjamin Ang
 

More from Benjamin Ang (20)

Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 202...
Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 202...Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 202...
Cybersecurity in ASEAN and Singapore Columbia - Lecture for Columbia SIPA 202...
 
International Cooperation to Impose Consequences for Malicious Cyber Activity...
International Cooperation to Impose Consequences for Malicious Cyber Activity...International Cooperation to Impose Consequences for Malicious Cyber Activity...
International Cooperation to Impose Consequences for Malicious Cyber Activity...
 
Changing Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdfChanging Domains - The Cyber Info Realm 2023.pdf
Changing Domains - The Cyber Info Realm 2023.pdf
 
Cooperation between ASEAN military civil academic in international cybersecur...
Cooperation between ASEAN military civil academic in international cybersecur...Cooperation between ASEAN military civil academic in international cybersecur...
Cooperation between ASEAN military civil academic in international cybersecur...
 
Technology Disruption Digital Inclusion and the Law.pdf
Technology Disruption Digital Inclusion and the Law.pdfTechnology Disruption Digital Inclusion and the Law.pdf
Technology Disruption Digital Inclusion and the Law.pdf
 
Why Application of International Law Applies to ASEAN.pdf
Why Application of International Law Applies to ASEAN.pdfWhy Application of International Law Applies to ASEAN.pdf
Why Application of International Law Applies to ASEAN.pdf
 
Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...
 
Cybersecurity and National Security in Southeast Asia 2022.pdf
Cybersecurity and National Security in Southeast Asia 2022.pdfCybersecurity and National Security in Southeast Asia 2022.pdf
Cybersecurity and National Security in Southeast Asia 2022.pdf
 
Cybersecurity and Geopolitical Risk.pdf
Cybersecurity and Geopolitical Risk.pdfCybersecurity and Geopolitical Risk.pdf
Cybersecurity and Geopolitical Risk.pdf
 
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...
Cybercrime and Cyber Warfare (and Information Operations) – Your questions an...
 
Disinformation in Southeast Asia and Pro Russian Anti Ukraine Narratives
Disinformation in Southeast Asia and Pro Russian Anti Ukraine NarrativesDisinformation in Southeast Asia and Pro Russian Anti Ukraine Narratives
Disinformation in Southeast Asia and Pro Russian Anti Ukraine Narratives
 
Foreign Interference and National Security - Law Society Public Law conferenc...
Foreign Interference and National Security - Law Society Public Law conferenc...Foreign Interference and National Security - Law Society Public Law conferenc...
Foreign Interference and National Security - Law Society Public Law conferenc...
 
Technology Disruption in the New Normal, Digital Inclusion and the Law
Technology Disruption in the New Normal, Digital Inclusion and the LawTechnology Disruption in the New Normal, Digital Inclusion and the Law
Technology Disruption in the New Normal, Digital Inclusion and the Law
 
Contract law - an infographic view
Contract law - an infographic viewContract law - an infographic view
Contract law - an infographic view
 
Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)Adapting to changing cyber security threats in South East Asia (IFRI 2020)
Adapting to changing cyber security threats in South East Asia (IFRI 2020)
 
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
Cyber threats and cooperation in Indo Pacific for Pacific Forum 2020
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
 
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)Legal Technology Vision (Singapore) and the future of legal tech (2020 update)
Legal Technology Vision (Singapore) and the future of legal tech (2020 update)
 
Public education - enhancing the first line of defence against fake news - ...
Public education - enhancing the first line of defence against fake news - ...Public education - enhancing the first line of defence against fake news - ...
Public education - enhancing the first line of defence against fake news - ...
 
Overview of national cybercrime strategies
Overview of national cybercrime strategiesOverview of national cybercrime strategies
Overview of national cybercrime strategies
 

Recently uploaded

Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.
Christina Parmionova
 

Recently uploaded (20)

Item ## 4a -- April 29, 2024 CCM Minutes
Item ## 4a -- April 29, 2024 CCM MinutesItem ## 4a -- April 29, 2024 CCM Minutes
Item ## 4a -- April 29, 2024 CCM Minutes
 
Ian Bremmer's message for those graduating in toxic times.pdf
Ian Bremmer's message for those graduating in toxic times.pdfIan Bremmer's message for those graduating in toxic times.pdf
Ian Bremmer's message for those graduating in toxic times.pdf
 
Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.
 
Item # 9- 2nd Qtr Financial & Inv. Report
Item # 9- 2nd Qtr Financial & Inv. ReportItem # 9- 2nd Qtr Financial & Inv. Report
Item # 9- 2nd Qtr Financial & Inv. Report
 
Yale Historical Review Machava Interview PDF Spring 2024
Yale Historical Review Machava Interview PDF Spring 2024Yale Historical Review Machava Interview PDF Spring 2024
Yale Historical Review Machava Interview PDF Spring 2024
 
History of DAVAO DE ORO Municipality of Maragusan
History of DAVAO DE ORO Municipality of MaragusanHistory of DAVAO DE ORO Municipality of Maragusan
History of DAVAO DE ORO Municipality of Maragusan
 
Tennessee DOT- TEVI Plan coordination & EV
Tennessee DOT- TEVI Plan coordination & EVTennessee DOT- TEVI Plan coordination & EV
Tennessee DOT- TEVI Plan coordination & EV
 
PPT Item # 5 -- Announcements Powerpoint
PPT Item # 5 -- Announcements PowerpointPPT Item # 5 -- Announcements Powerpoint
PPT Item # 5 -- Announcements Powerpoint
 
The 2024 World Wildlife Crime Report tracks all these issues, trends and more...
The 2024 World Wildlife Crime Report tracks all these issues, trends and more...The 2024 World Wildlife Crime Report tracks all these issues, trends and more...
The 2024 World Wildlife Crime Report tracks all these issues, trends and more...
 
How to Save a Place: Get the Word Out Far And Wide
How to Save a Place: Get the Word Out Far And WideHow to Save a Place: Get the Word Out Far And Wide
How to Save a Place: Get the Word Out Far And Wide
 
BioandPicforRepKendrick_LastUpdatedMay2024
BioandPicforRepKendrick_LastUpdatedMay2024BioandPicforRepKendrick_LastUpdatedMay2024
BioandPicforRepKendrick_LastUpdatedMay2024
 
YHRGeorgetown Spring 2024 America should Take Her Share
YHRGeorgetown Spring 2024 America should Take Her ShareYHRGeorgetown Spring 2024 America should Take Her Share
YHRGeorgetown Spring 2024 America should Take Her Share
 
International Day of Plants Health 2024, May 12th.
International Day of Plants Health 2024, May 12th.International Day of Plants Health 2024, May 12th.
International Day of Plants Health 2024, May 12th.
 
PPT Item # 7&8 6900 Broadway P&Z Case # 438
PPT Item # 7&8 6900 Broadway P&Z Case # 438PPT Item # 7&8 6900 Broadway P&Z Case # 438
PPT Item # 7&8 6900 Broadway P&Z Case # 438
 
Rocky Mount Greenville Willson Regional Transit Plan
Rocky Mount Greenville Willson Regional Transit PlanRocky Mount Greenville Willson Regional Transit Plan
Rocky Mount Greenville Willson Regional Transit Plan
 
World Wildlife Crime Report 2024 - Introduction
World Wildlife Crime Report 2024 - IntroductionWorld Wildlife Crime Report 2024 - Introduction
World Wildlife Crime Report 2024 - Introduction
 
International Day of Families - 15 May 2024 - UNDESA.
International Day of Families - 15 May 2024 - UNDESA.International Day of Families - 15 May 2024 - UNDESA.
International Day of Families - 15 May 2024 - UNDESA.
 
Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.Our nurses, our future. The economic power of care.
Our nurses, our future. The economic power of care.
 
2024: The FAR - Federal Acquisition Regulations, Part 34
2024: The FAR - Federal Acquisition Regulations, Part 342024: The FAR - Federal Acquisition Regulations, Part 34
2024: The FAR - Federal Acquisition Regulations, Part 34
 
Building a better Britain: How cities like Bradford can help to end economic ...
Building a better Britain: How cities like Bradford can help to end economic ...Building a better Britain: How cities like Bradford can help to end economic ...
Building a better Britain: How cities like Bradford can help to end economic ...
 

Cyber norms (b) and (c) United Nations Singapore Cyber Programme 2019

  • 1. Cyber Norms (b) and (c) United Nations Singapore Cyber Programme 2019 Benjamin Ang, Senior Fellow, CENS / RSIS / NTU Twitter @benjaminang LinkedIn @benjaminangck
  • 2. Do not allow Territory to be used for Wrongful Acts States should not knowingly allow their territory to be used for internationally wrongful acts using ICTs;
  • 3. Due Diligence in International Law No State is responsible for acts of individuals “as long as reasonable diligence is used in attempting to prevent the occurrence or recurrence of such wrongs.” Wipperman’s case “every State's obligation not to allow knowingly its territory to be used for acts contrary to the rights of other States” Corfu Channel
  • 4. Factors in considering Due Diligence 1. effectiveness of the State’s control over certain areas of its territory, 2. degree of predictability of harm and 3. importance of the interest to be protected.
  • 5. Different standards ‘effective control' – Military and Paramilitary Activities in and against Nicaragua in applying IHL rather than the law of state responsibility, the 'overall control test', ought to apply. – ICTY in Tadić case ICJ rejected the ICTY's position and returned to 'effective control‘ – Application of the Convention on the Prevention and Punishment of the Crime of Genocide
  • 6. FIRELAND Does it apply to this case? (1) WATERLAND AIRLAND I shall attack AIRLAND infected infected Hey FIRELAND, you can use our servers
  • 7. FIRELAND Does it apply to this case? (2) WATERLAND AIRLAND I shall attack AIRLAND infected infected We are not aware of anything
  • 8. FIRELAND Does it apply to this case? (3) WATERLAND AIRLAND I shall attack AIRLAND infected infected We are not aware of anything Hey WATERLAND, your servers are attacking us! Oh No! We don’t have capacity!
  • 9. Information for Attribution In case of ICT incidents, States should consider all relevant information, including the larger context of the event, the challenges of attribution in the ICT environment and the nature and extent of the consequences;
  • 10. FIRELAND Wrongful attribution WATERLAND (not aware) AIRLAND infected infected We’ve been cyber- attacked! Where did it come from? The malware came from WATERLAND!
  • 11. FIRELAND Dangers of Wrong Attribution WATERLAND (not aware) AIRLAND infected infected WATERLAND, we will take countermeasures against you! We’re innocent! Ha ha ha (evil laughter) Is AIRLAND in breach of International Law?
  • 12. Scenario: Country A launches malware against the civilian hospital computer systems of Country B Are A and B in an existing armed conflict? NO. Was there property damage or injury? NO. Were computer systems prevented from functioning? NO (e.g. cases of espionage, stealing data). No armed attack, LOAC/IHL does not apply YES, it might be an armed attack, for which LOAC/IHL would apply. But not clear if it is unlawful. YES. Then LOAC/IHL applies – go to [Box 1] YES. Then LOAC/IHL applies. Was there property damage or injury? NO. Were computer systems prevented from functioning? NO (e.g. cases of espionage, stealing data). Not unlawful under LOAC/IHL YES. Not clear if it is unlawful under LOAC/IHL. Not clear if it is ‘use of force’ under UN Charter YES. Then it is unlawful under LOAC/IHL. It is also ‘use of force’ under UN Charter Is it an armed attack? Does LOAC / IHL apply? Does AIRLAND have capacity?
  • 14. Who knows the whole story? Military Intelligence Police Foreign Affairs Telco Cybersecurity Companies CI OwnersCERTsLawyers White Hats Civil Society Other nations
  • 15. Post it: What can ASEAN Member States do implement these two norms? States should not knowingly allow their territory to be used for internationally wrongful acts using ICTs States should consider all relevant information, including the larger context of the event, the challenges of attribution in the ICT environment and the nature and extent of the consequences