Cyberspace and cyber technology are increasingly used by states and individuals for peaceful purposes, but they are also employed maliciously. Cyber attacks—that is, the use of cyber technology to attack a state's infrastructure—are perhaps one of the most serious threats currently facing states. Although not all cyber attacks are warlike, some of them may indeed be so, which immediately gives rise to the question of whether the current legal regulation of the use of force (jus ad bellum) applies to such attacks. The ‘Tallinn Manual’ on the International Law Applicable to Cyber Warfare responds to this question by mapping out the jus ad bellum and jus in bello rules that apply in such circumstances. The statement of the Rules is accompanied by a Commentary which clarifies the content of those rules, and explains their application in the specific context of cyber war.
In the following, I will present and critically comment on the jus ad bellum rules found in Chapter II of the Tallinn Manual: that is, Rules 10–19. The aim of this commentary is to draw attention to certain important but contested issues, identify jurisprudential ambiguities, and where possible offer alternative views.
According to Rule 10, ‘A cyber operation that constitutes a threat or use of force against the territorial integrity or political independence of any state, or that is in any other manner inconsistent with the purposes of the United Nations, is unlawful.’