This section focuses on parliamentary action on new and emerging weapon technologies that could imperil the security of future generations, such as autonomous weapons systems and the use of force in cyber-space.
There is no question that weapons systems and military operations are increasingly using autonomous aspects and components. However, the development and use of fully autonomous weapons systems, sometimes called ‘killer robots’, would seriously challenge and erode confidence in international humanitarian law. How could we be confident that a fully autonomous weapons system could decide correctly on targeting and use of force decisions to ensure protection of civilians, distinction between civilian and military targets, proportionality of response and other constraints under international law? And if a mistake is made by a fully autonomous weapons system, where is the accountability? For these reasons, a preferred approach is to negotiate an international agreement to prohibit fully autonomous weapons systems. Deliberations on such a proposed agreement are currently being undertaken under the auspices of the UN Convention on Conventional Weapons.
Imagine the consequences of an autonomous system that could, by itself, target and attack human beings. I call upon States to ban these weapons, which are politically unacceptable and morally repugnant.
António Guterres, November 11, 2018
Cyber-space is an environment which is increasingly used across all fields of human activity – including military operations. In the military arena, cyberspace can be used to a) attack targets (cyber or physical) of an enemy; b) defend against attacks from an enemy; and c) support physical military systems through information, intelligence and communications. What makes cyber-warfare difficult to address is that the ‘weapons’ of attack are very different to physical weapons systems, and their use is not confined to militaries or governments, making cyberattacks much more difficult to verify, identify and control. It is also quite difficult to determine the distinctions and divisions between cyber-crime, cyber-security and cyber-warfare.
As yet, there is no international treaty governing cyber-warfare. However, it is generally agreed that the rules and principles governing physical warfare, and in particular the rules of international humanitarian law, apply in the cyber-world. The Tallinn Manual on the international law applicable to cyber warfare, provides the most comprehensive exploration of how these laws should apply in the cyber-world. In addition, the UN General Assembly has supported the principles of responsible State behaviour in cyber-space outlined in the 2015 report of the Group of Governmental Experts which includes legal constraints on cyberattacks, and has established an Open Ended Working Group (open to all UN Member States) to further consider this issue.
Relevant international agreements and resolutions:
- Convention on Certain Conventional Weapons (Convention on Prohibitions or Restrictions on the Use of Certain Conventional Weapons Which May Be Deemed to Be Excessively Injurious or to Have Indiscriminate Effects), also known as the Inhumane Weapons Convention, 1980
- Agreement by the States Parties of the Convention on Conventional Weapons to establish a Group of Government Experts on Lethal Autonomous Weapons Systems, 2013
- UN General Assembly Resolution 70/237 adopting the 2015 Report on Group of Government Experts on information and telecommunications in the context of international security, 2015
- UN General Assembly Resolution 73/27 establishing an Open Ended Working Group on information and telecommunications in the context of international security, 2018
Recommendations:
Parliamentarians can:
- Support measures to ensure that any new weapons system or method of warfare conform to international humanitarian law and other laws of warfare, as well as the principle of human responsibility for matters regarding life and death, and to prohibit the development of weapons systems and methods of warfare which cannot meet these criteria;
- Support negotiations for a treaty prohibiting fully autonomous weapons systems;
- Ensure the full application of international humanitarian law to military uses of cyberspace.
Examples of good parliamentary practice:
IPU Resolution on cyber-warfare and global security, 2015
On April 1, 2015, the IPU adopted a resolution Cyber Warfare: A Serious Threat to Peace and Global Security at its 132nd Assembly in Hanoi. The resolution, amongst other things:
acknowledges that ‘certain principles of public international law, including, in particular, those contained in the United Nations Charter, the 1949 Geneva Conventions and their Additional Protocols, the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and the Convention on the Elimination of All Forms of Discrimination against Women, are relevant and applicable to cyberspace and are essential to maintaining peace and international stability and promoting an open, secure and peaceful ICT environment, accessible to women and men alike,’
encourages member parliaments to ‘make use of all the oversight tools at their disposal to ensure that cyber-related activities are rigorously monitored, and to enact national laws, with due regard for their respective constitutions, that stipulate stiffer penalties for cyberattacks, using appropriate safeguards, governance mechanisms and existing structures so as to protect freedom of expression and not compromise the citizen’s ability to use ICT tools,’
calls on States to ‘comply with international law and the Charter of the United Nations when using ICTs’
urges that ‘at the legislative and executive levels, consideration be given to cooperative measures likely to enhance peace and international stability and security and lead to a common understanding of the application of the relevant international law and derived standards, rules and principles underpinning the responsible conduct of States,’ and
‘Recommends that parliaments from nuclear-weapon States call on their governments to rescind launch-on-warning policies, stand down nuclear weapons from high operational readiness and extend the decision-making time for nuclear-weapon use in order to prevent unauthorized activation and deployment of nuclear weapon systems through cyberattacks, pursuant to the negotiation of agreements to prohibit the use of nuclear weapons and achieve their elimination.’
European Parliament Resolution on autonomous weapons systems, September 2018
On September 12, 2018, the European Parliament adopted Resolution 2752 (2018) on Autonomous Weapons Systems. The resolution highlights a number of reasons for prohibiting fully autonomous weapons systems, including that ‘compliance with international law is a key requirement that states must fulfil, particularly when it comes to upholding principles such as protecting the civilian population or taking precautions in attack,’ that fully autonomous weapons systems ‘cannot make human-like decisions involving the legal principles of distinction, proportionality and precaution,’ and that ‘it is humans who remain accountable for decisions concerning life and death.’ The resolution urges the Vice-President of the Commission and EU High Representative for Foreign Affairs and Security Policy, the Member States and the Council to work towards the start of international negotiations on a legally binding instrument prohibiting lethal autonomous weapon systems.
Parliamentary declaration supporting a treaty prohibiting fully autonomous weapons
In May 2020, Parliamentarians for Global Action launched a Global Parliamentary Declaration in Support of the Negotiation of a Treaty on the Prohibition of Fully Autonomous Weapons. The declaration, expresses the conviction that ‘that humans should always bear ultimate responsibility on matters concerning life and death,’ urges ‘all UN Member States to engage earnestly in substantive ongoing discussions with a view to launching negotiation of a Treaty on the Prohibition of Fully Autonomous Weapons by the end of 2021 and adopting the Treaty by the end of 2022,’ and commits the endorsers (as lawmakers) to ‘draft, implement and enforce legislation which can give full effect to this Treaty, once negotiated.’
OSCE Parliamentary Assembly Resolution on cyber-attacks and cyber-security, 2013
On June 30, 2013, the OSCE Parliamentary Assembly issued a resolution on cyber security in which, amongst other things, it recognised ‘the fact that cyber-attacks in any form have become a serious security threat, which cannot be ignored or underestimated,’ affirmed ‘that any country that relies extensively on cyberspace might be influenced by cyber-attacks the same way as by conventional acts of aggression’ and ‘urges Governments to take a leading role in defending a free and safe cyberspace, unequivocally condemn cyber-attacks and seek common effective solutions to protect cyberspace from misuse and malicious activities.’ The resolution is contained in the Istanbul Declaration released by the OSCE Parliamentary Assembly on July 3, 2013.
European Cyber Diplomacy Toolbox
The European Cyber Diplomacy Toolbox is a joint EU initiative to address malicious cyber-activities including cyber-attacks. The EU has reaffirmed ‘its commitment to the settlement of international disputes in cyberspace by peaceful means.’ The toolbox aims to promote security and stability in cyber-space through increased international cooperation, and by reducing the risk of misperception, escalation and conflict that may stem from ICT incidents. The Toolbox contributes to strengthening the rules-based order in cyber-space, including the application of international law and the adherence to norms of responsible state behaviour, and provides approaches to conflict prevention and mitigation of cyber-security threats. It embraces the principles of keeping cyber-space open, stable and secure.
INFO BOX 5:
Principles regarding cyber-attacks and cyber-diplomacy
The Tallinn Manual, ICRC Principles on Application of International Humanitarian Law, and the 2015 Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security.
The Tallinn Manual (2013) is a NATO-funded research document authored by an independent group of international law experts and academics. It is a comprehensive analysis of how existing international law applies to cyber-space. The first version of the Tallinn Manual focused on cyber-attacks between States in the context of an armed conflict. The updated 2013 version also addresses cyber-attacks in peacetime and by non-State actors. The Manual outlines international law, especially international humanitarian law and other law governing the use of force (see Info box 4), and assesses its application to cyber-space. The manual also outlines the responsibilities of States to adhere to this law, and to exercise due diligence in applying the law to the use of cyber-space and cyber-space infrastructure by other actors within their jurisdiction or under their control.
The International Committee of the Red Cross (ICRC) has also explored the application of international humanitarian law to cyber-space, including the constraints this body of law places on the military use of cyber-space (See International humanitarian law and the challenges of contemporary armed conflicts, ICRC, 2015. Chapter VII (i)).
In 2012, the United Nations established a Group of Government Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (GGE) with a mandate based on UNGA Resolution 68/243. The GGE produced a substantive consensus report (A/70/174) on norms, rules or principles of the responsible behaviour of States in the cyber-sphere as well as confidence-building measures, international cooperation and capacity-building, which could have wider application to all States. The Report was adopted by the UN under UNGA Resolution 70/237. The report’s conclusions include the following principles:
- In their use of ICTs, States must observe, among other principles of international law, State sovereignty, the settlement of disputes by peaceful means, and non-intervention in the internal affairs of other States;
- Existing obligations under international law are applicable to State use of ICTs and States must comply with their obligations to respect and protect human rights and fundamental freedoms;
- States must not use proxies to commit internationally wrongful acts using ICTs and should seek to ensure that their territory is not used by non-State actors to commit such acts;
- The UN should play a leading role in promoting dialogue on the security of ICTs in their use by States, and in developing common understandings.
Resources:
- Tallinn Manual on the international law applicable to cyber warfare, Edition 2.0, 2013
- A Cyber State Peer Review Mechanism for State-Conducted Foreign Cyber Operations, ICT4Peace proposal to the UN OEWG on information and telecommunications in the context of international security, February 2020
- The Application of International Law to State Cyberattacks: Sovereignty and Non-Intervention, Harriet Moynihan, Chatham House Cyber-Security Project, December 2019
- Key elements of a Treaty on Fully Autonomous Weapons, Campaign to stop Killer Robots, November 2019
- ICT4Peace Call on Governments to refrain from Offensive Cyber Operations against Critical Infrastructure, October 2019
- International humanitarian law and the challenges of contemporary armed conflicts, ICRC, 2015. See Chapter VII (i) for cyber-warfare and Chapter VII (ii)
- United Nations portal for cyber-security – United Nations developments, documents and processes in the field of information, telecommunications and international security
- UNIDIR Cyber Policy Portal, includes links to Multilateral Frameworks for cyber-security
- INCYDER Strategy and Governance Database. This database includes a directory of national cyber-security agencies and selected national policy documents
- A Treaty for cyber-space, Rex Hughes, Chatham House Cyber-Security Project, 2010
- Pledge by over 160 Artificial Intelligence related companies and organisations and 2,400 scientists to ‘neither participate in nor support the development, manufacture, trade, or use of lethal autonomous weapons.’ Future of Life Institute