Presentation is loading. Please wait.

Presentation is loading. Please wait.

Legal Aspects of IO IW 230 College of Aerospace Doctrine, Research, and Education.

Similar presentations


Presentation on theme: "Legal Aspects of IO IW 230 College of Aerospace Doctrine, Research, and Education."— Presentation transcript:

1 Legal Aspects of IO IW 230 College of Aerospace Doctrine, Research, and Education

2 “The Big Picture” ã The law lags evolution of technology ã Find answers in existing principles ã Our actions affect evolution of the law ã Shape legal framework to further national interest ã Governmental actors must consider spirit not just letter of the law ã The law lags evolution of technology ã Find answers in existing principles ã Our actions affect evolution of the law ã Shape legal framework to further national interest ã Governmental actors must consider spirit not just letter of the law

3 INFORMATION SUPERIORITY INFORMATION OPERATIONS AFDD 2-5 Successfully executed Information Operations achieve information superiority ISR Precision Nav & Position Other Info Collection/ Dissemination Activities PAO Weather INFORMATION-in-WARFARE exploitgain INFORMATION WARFARE DEFENSIVE COUNTERINFORMATION OFFENSIVE COUNTERINFORMATION Counter- Intelligence Information Assurance OPSEC Counter- Propaganda Counter- Deception Electronic Protect CNDPAO PSYOP Physical Attack Military Deception Electronic Warfare PAO CNA defend attack

4 Information Operations ã Joint: Actions taken to affect adversary information and information systems while defending one’s own information and information systems Offensive and Defensive IOOffensive and Defensive IO ã The Air Force believes that in practice a more useful working definition is: those actions taken to gain, exploit, defend, or attack information and information systems Information Warfare and Information-In-WarfareInformation Warfare and Information-In-Warfare

5 Information Warfare ã “Information operations conducted during time of crisis or conflict to achieve or promote specific objectives over a specific adversary or adversaries. … The Air Force believes that, because the defensive component of IW is always engaged, a better definition is: Information operations conducted to defend one’s own information and information systems, or to attack and affect an adversary’s information and information systems.” AFDD 2-5, Aug 98 AFDD 2-5, Aug 98

6 USSPACECOM: DoD’s Lead for CND and CNA ã JTF CND Chartered in 1998 as an interim organization to handle coordination of DoD’s Computer Network DefenseChartered in 1998 as an interim organization to handle coordination of DoD’s Computer Network Defense ã JTF CNO CINCSPACE received the mission for Computer Network Attack in Oct 00CINCSPACE received the mission for Computer Network Attack in Oct 00 Decision to expand JTF CNDDecision to expand JTF CND 2 Apr 2001, JTF redesignated JTF Computer Network Opertions2 Apr 2001, JTF redesignated JTF Computer Network Opertions

7 The Future The Future “It seems to me that, philosophically, rather than conducting information operations as ends in themselves, we want to ‘operate in the information age….’ By that I mean integrating, and not ‘stovepiping,’ the various areas of information operations into our overall military plans and operations….” --General Ed Eberhart, USCINCSPACE

8 AF Future Capabilities Game 2001: An Introduction to Network Warfare of the Future ã Computer Network Operations Computer Network DefenseComputer Network Defense Computer Network ExploitationComputer Network Exploitation Computer Network AttackComputer Network Attack

9 CNO Taxonomy ã Computer Network Defense: Those measures, internal to the protected entity, taken to protect and defend information, computers and networks from intrusion, exploitation, disruption, denial, degradation or destruction.Those measures, internal to the protected entity, taken to protect and defend information, computers and networks from intrusion, exploitation, disruption, denial, degradation or destruction. ã Computer Network Defense: Those measures, internal to the protected entity, taken to protect and defend information, computers and networks from intrusion, exploitation, disruption, denial, degradation or destruction.Those measures, internal to the protected entity, taken to protect and defend information, computers and networks from intrusion, exploitation, disruption, denial, degradation or destruction.

10 CNO Taxonomy ã Computer Network Defense: Actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within... information systems and computer networks. (DoDD O )Actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within... information systems and computer networks. (DoDD O ) Defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. (JP1-02)Defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. (JP1-02) ã Computer Network Defense: Actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within... information systems and computer networks. (DoDD O )Actions taken to protect, monitor, analyze, detect, and respond to unauthorized activity within... information systems and computer networks. (DoDD O ) Defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. (JP1-02)Defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. (JP1-02)

11 CNO Taxonomy ã Computer Network Attack: Operations using computer hardware or software, or conducted through computers or computer networks, with the intended objective or likely effect of disrupting, denying, degrading or destroying, information resident in computers or computer networks, or the computers and networks themselves.Operations using computer hardware or software, or conducted through computers or computer networks, with the intended objective or likely effect of disrupting, denying, degrading or destroying, information resident in computers or computer networks, or the computers and networks themselves. ã Computer Network Attack: Operations using computer hardware or software, or conducted through computers or computer networks, with the intended objective or likely effect of disrupting, denying, degrading or destroying, information resident in computers or computer networks, or the computers and networks themselves.Operations using computer hardware or software, or conducted through computers or computer networks, with the intended objective or likely effect of disrupting, denying, degrading or destroying, information resident in computers or computer networks, or the computers and networks themselves.

12 CNO Taxonomy ã Active CND (Computer Network Response): Those measures, that do not constitute CNA, taken to protect and defend information, computers, and networks from disruption, degradation, denial, destruction, or exploitation, that involve activity external to the protected entity. CNR, when authorized, may include measures to determine the source of hostile CNA or CNE.Those measures, that do not constitute CNA, taken to protect and defend information, computers, and networks from disruption, degradation, denial, destruction, or exploitation, that involve activity external to the protected entity. CNR, when authorized, may include measures to determine the source of hostile CNA or CNE. ã Active CND (Computer Network Response): Those measures, that do not constitute CNA, taken to protect and defend information, computers, and networks from disruption, degradation, denial, destruction, or exploitation, that involve activity external to the protected entity. CNR, when authorized, may include measures to determine the source of hostile CNA or CNE.Those measures, that do not constitute CNA, taken to protect and defend information, computers, and networks from disruption, degradation, denial, destruction, or exploitation, that involve activity external to the protected entity. CNR, when authorized, may include measures to determine the source of hostile CNA or CNE.

13 CNO Taxonomy ã Computer Network Exploitation: Intelligence collection operations that obtain information resident in files of threat automated information systems (AIS) and gain information about potential vulnerabilities, or access critical information resident within foreign AIS that could be used to the benefit of friendly operations.Intelligence collection operations that obtain information resident in files of threat automated information systems (AIS) and gain information about potential vulnerabilities, or access critical information resident within foreign AIS that could be used to the benefit of friendly operations. (CJCSI C) ã Computer Network Exploitation: Intelligence collection operations that obtain information resident in files of threat automated information systems (AIS) and gain information about potential vulnerabilities, or access critical information resident within foreign AIS that could be used to the benefit of friendly operations.Intelligence collection operations that obtain information resident in files of threat automated information systems (AIS) and gain information about potential vulnerabilities, or access critical information resident within foreign AIS that could be used to the benefit of friendly operations. (CJCSI C)

14 Overview ã Part I: Computer Network Defense (CND) Computer MonitoringComputer Monitoring Computer CrimeComputer Crime Active Defense / Computer Network ResponseActive Defense / Computer Network Response ã Part II: Computer Network Attack (CNE/CNA) Development of International LawDevelopment of International Law The Use of Force in PeacetimeThe Use of Force in Peacetime US/Foreign Domestic LawsUS/Foreign Domestic Laws The Law of WarThe Law of War

15 Part I: Computer Monitoring (Part of CND) IO Law Outline, p ã System Administrators Monitoring, Encryption, Intelligence OversightMonitoring, Encryption, Intelligence Oversight ã Law Enforcement / FISA ã Intelligence Community

16 Information Infrastructure ENERGY TRANSPORTATION TELECOMMUNICATION BANKING DEFENSE

17 ã One of the first lines of defense in protecting AF information systems ã Monitoring performed for different reasons; by different actors systems protection / network professionalssystems protection / network professionals operational security / TMAP assetsoperational security / TMAP assets evidentiary interception / law enforcement investigatorsevidentiary interception / law enforcement investigators Information Security-- Monitoring

18 Analytical Blueprint ã Analysis starts with the three “Ws” Who?Who? What?What? Why?Why? ã Different ROEs based on answers Law Enforcement interceptionsLaw Enforcement interceptions Intel-counterintel surveillanceIntel-counterintel surveillance Systems protection monitoringSystems protection monitoring

19 Monitoring: Legal Constraints ã 4th Amendment Right to Privacy ã Electronic Communications Privacy Act

20 ã Fourth Amendment prohibition against Unreasonable Search & Seizure Protects people; not placesProtects people; not places Is there a reasonable expectation of privacy?Is there a reasonable expectation of privacy? If so, is the search reasonable?If so, is the search reasonable? n Governed by totality of circumstances n Degree of protection proportional to expectation of privacy ã Summary of Case Law, p Legal Principles-- Constitutional Law

21 U.S. v. Monroe (AFCCA Feb 5, 1999) ã Court found Monroe had no expectation of privacy in an account on a government server as to his supervisors and the system administrator (Banner) ã accounts were given for official business, although users were authorized to send and receive limited textual and morale messages to and from friends and family ã Monroe did not have a government computer, but had a personal computer in his dorm room

22 Monroe... ã Court used the analogy of an unsecured file cabinet in the member’s superiors’ work area in which an unsecured drawer was designated for his/her use in performing his/her official duties with the understanding that his superiors had free access to the cabinet, including the drawer ã Affirmed by CAAF, 13 March 2000

23 Electronic Communications Privacy Act (ECPA) ã Statutorily conferred an expectation of privacy in electronic and wire communications ã Interception of electronic communications ã Access into stored communications ã Generally prohibits interception of electronic communications, or access into stored communications, without court order aimed at law enforcementaimed at law enforcement numerous “exceptions”numerous “exceptions” n systems provider exception n consent n court order

24 ECPA: Rights and Limitations ã May monitor and disclose traffic data ã May access electronic communications stored on his or her system ã May disclose the contents of those communications to others unless he or she is providing electronic communications services to the public

25 Real Time Monitoring-- The provider exception ã May monitor in real-time (and thereafter disclose) wire and electronic communications, ã so long as such monitoring and disclosure is conducted “in the normal course of his employment ã while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service.”

26 Disclosure to Law Enforcement ã May disclose real-time communications he or she has monitored (or stored communications he or she has accessed) with the consent of an appropriate party, normally an individual who is a party to the communication, or when ã Evidence of crime is apparent and inadvertantly obtained

27 PATRIOT Act of 2001 IO Law Outline, p ã Section 212 of the amends subsection 2702(b)(6) (ECPA) to permit, but not require, a service provider to disclose to law enforcement either content or non- content customer records in emergencies involving an immediate risk of death or serious physical injury to any person. ã This section also allows providers to disclose information to protect their rights and property.

28 PATRIOT Act of 2001 IO Law Outline, p ã Although the wiretap statute allows computer owners to monitor the activity on their machines to protect their rights and property, until Section 217 of the Patriot Act was enacted it was unclear whether computer owners could obtain the assistance of law enforcement in conducting such monitoring

29 Consent: Banners are our friend ã Promotes awareness for users (ECPA exceptions not necessarily obvious) ã 2nd exception under ECPA

30 Limits on Consent ã Defined by what banner says ã Limited to provider’s own network ã Duration must be short term, then get Wiretap Order (DoJ)

31 ã AFI authority given only to HQ AIA TMAP elementsauthority given only to HQ AIA TMAP elements consent monitoring / bannersconsent monitoring / banners certification processcertification process n SJA must review detailed summary of consent notification actions n determines if actions legally sufficient to constitute consent OPSEC/COMSEC Surveillance IO Law Outline, p. 1-19

32 ã Is the search/seizure reasonable? consentconsent search authorization or warrantsearch authorization or warrant ã AFOSI vs Security Forces ROEs--Search (con’t)

33 ROEs--Interceptions ã AFI , Vol 1 Requires Approval for Interceptions AFOSI/CCAFOSI/CC SAF/GCSAF/GC DOJ (nonconsensual)DOJ (nonconsensual)

34 Tips on Handling Computer Abuse Cases ã SYSAD usually identifies govt. I.P. addresses where abuse taking place Does Not Need to Monitor Real-TimeDoes Not Need to Monitor Real-Time ã Appropriate commander/senior leader should be briefed, then assemble all users to notify them of impropriety, warn ã If it continues, SYSAD, commander, and SF can mount a “sting” to catch perp in the act

35 Computer Crime IO Law Outline, p ã Federal Computer Crime Statutes 18 USC 1029, USC 1029, USC 1028 (Identity Theft)18 USC 1028 (Identity Theft) 18 USC 2251, 2252, 2252A (Sexual Exploitation of Children)18 USC 2251, 2252, 2252A (Sexual Exploitation of Children) 18 USC 2511, 2701… (Wiretap Statute and ECPA)18 USC 2511, 2701… (Wiretap Statute and ECPA) ã UCMJ Articles General Article (134)General Article (134) Failure to Obey Order or Regulation (92)Failure to Obey Order or Regulation (92)

36 USA PATRIOT ACT of 2001 Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act

37 Nationwide Search Warrants for Sec 220 ã Old: Search warrant needed to compel disclosure of unopened less than six months old in Electronic Computing Service or Remote Computing Service (i.e. ISP) ã Had to be issued by court within district where was stored ã New: nationwide search warrants for e- mail ã Allows court with jurisdiction over the offense to issue single search warrant ã Subject to sunset

38 Intercepting Voice Comms in Hacking Cases: Sec 202 ã Old: Could not get wiretap order to intercept wire communications (involving human voice) for violations of the Computer Fraud and Abuse Act (18 U.S.C. § 1030) ã Hackers have stolen teleconferencing services to plan and execute hacks ã New: Adds felony violations of Computer Fraud and Abuse Act to list of offenses that support a voice wiretap order ã Sunsets December 2005

39 ã Old: LE could use search warrant for voice recording on answering machine inside criminal’s home (easier), but needed wiretap order for voice comms with a third party provider ã New: Stored voice (“wire”) comms acquired under 18 USC § 2703 (including search warrant) ã Sunsets December 2005 Obtaining Voic and Stored Voice Comms: Sec 209

40 Subpoenas for Electronic Evidence: Sec 210 ã Old: Subpoena limited to customer’s name, address, length of service, and means of payment ã In many cases, users register with ISPs under false names ã New: Update and expand records available by subpoena ã Old list, plus means and source of payment, credit card or bank account number, records of session times and durations, and any temporarily assigned network address ã Not subject to sunset

41 Intelligence Oversight ã Improved Intelligence ã Inclusion of international terrorist activities within scope of foreign intelligence under the National Security Act of ã Law enforcement to notify the intelligence community when a criminal investigation reveals information of intelligence value. ã Reconfigures the Foreign Terrorist Asset Tracking Center.

42 FISA Elec Surveillance Sec. 218 ã Old: required certification that obtaining foreign intelligence was ‘the’ purpose of search ã FISA Court interpreted to mean primary purpose of investigation was obtaining foreign intelligence and not criminal prosecution ã New: obtaining foreign intel is “a significant purpose”of the search ã Allows intelligence agents to better coordinate with criminal investigators ã Subject to sunset

43 What is “Active Defense”? ã Approved joint term in DoD Dictionary Active Defense: The employment of limited offensive action and counterattacks to deny a contested area or position to the enemy.Active Defense: The employment of limited offensive action and counterattacks to deny a contested area or position to the enemy. Passive Defense: Measures taken to reduce the probability of and to minimize the effects of damage caused by hostile action without the intention of taking the initiative.Passive Defense: Measures taken to reduce the probability of and to minimize the effects of damage caused by hostile action without the intention of taking the initiative. ã No consensus in computer network context ã Approved joint term in DoD Dictionary Active Defense: The employment of limited offensive action and counterattacks to deny a contested area or position to the enemy.Active Defense: The employment of limited offensive action and counterattacks to deny a contested area or position to the enemy. Passive Defense: Measures taken to reduce the probability of and to minimize the effects of damage caused by hostile action without the intention of taking the initiative.Passive Defense: Measures taken to reduce the probability of and to minimize the effects of damage caused by hostile action without the intention of taking the initiative. ã No consensus in computer network context

44 ã “Active defense” “The fact is that right now my authority [for active defense measures] is very limited. I believe in this area the wisest course of action is to pursue the policy and procedural issues at or ahead of the pace of technological capabilities, because whether or not to use an attack as an active defense measure or as a weapon system is a decision that needs to be operationally defined at the national policy levels first and foremost.” Maj Gen James Bryan, JTF-CND/CC, Federal Computer Week, 4 Dec 2000  Current U.S. Policy….

45 DoD Deploys Cyber-Defense Defense News, November 12-18, 2001, Pg.  Faced with a near doubling of attacks on military computers in the past year, the guardian of the U.S. military’s information systems has asked Pentagon leaders for permission to strike back. ã "We are no longer going to be passive. If they hit us, we’ll be hitting them back real soon," U.S. Army Maj. Gen. Dave Bryan, commander, Joint Task Force-Computer Network Operations (JTF-CNO),

46 Part II: Computer Network Attack (CNA) IO Law Outline, p Development of International LawDevelopment of International Law The Law of WarThe Law of War The Use of Force in PeacetimeThe Use of Force in Peacetime Space LawSpace Law Telecommunications LawTelecommunications Law US/Foreign Domestic LawsUS/Foreign Domestic Laws

47 Development of International Law ã Consists of Binding Legal Obligations among Sovereign States ã Sovereign States are Legally Equal and Independent Actors ã They Assume Legal Obligations only by Affirmatively Agreeing To Do So ã General Rule: Unless Prohibited by Law a Course of Action is Allowed

48 ã Air Law: Post WW II Sovereign Control Over National AirspaceSovereign Control Over National Airspace ã Space Law: Post Sputnik I & Explorer I No Objections to Overflight of SpacecraftNo Objections to Overflight of Spacecraft Reconnaissance Satellites OKReconnaissance Satellites OK Outer Space Treaty Enshrines PrincipleOuter Space Treaty Enshrines Principle ã Information Operations?? Internat’l Development Of Territoriality in Air & Space

49 United Nations Charter ã The first use of armed force by a state…shall constitute prima facie evidence of an act of aggression ã What kinds of information attacks are likely to be considered by the world community to be armed attacks and uses of force? ã Peacetime Rules of Engagement

50 United Nations Charter ã Article 2(4) Refrain From the Threat or Use of Force Against the Territorial Integrity of Any State, or in Any Manner Inconsistent With the Purposes of the UNRefrain From the Threat or Use of Force Against the Territorial Integrity of Any State, or in Any Manner Inconsistent With the Purposes of the UN ã Article 51 Inherent Right of Self-Defense Recognized When an “Armed Attack” OccursInherent Right of Self-Defense Recognized When an “Armed Attack” Occurs –Space Control -- Information Operations?

51 Use of Force Authorized? ã Authorized by UN Security Council ã Self-defense ã Humanitarian intervention ã Treaty-sanctioned interventions ã Enforcement of international judgments ã Authorized by UN Security Council ã Self-defense ã Humanitarian intervention ã Treaty-sanctioned interventions ã Enforcement of international judgments

52 What is Force? ã The traditional view is that force means armed force, rather than other potentially coercive vehicles of state policy Negotiating history of UN CharterNegotiating history of UN Charter UNGA Resolution on AggressionUNGA Resolution on Aggression Nicaragua v. United StatesNicaragua v. United States ã The traditional view is that force means armed force, rather than other potentially coercive vehicles of state policy Negotiating history of UN CharterNegotiating history of UN Charter UNGA Resolution on AggressionUNGA Resolution on Aggression Nicaragua v. United StatesNicaragua v. United States

53 China’s Unrestricted Warfare ã This kind of war means that all means will be in readiness, that information will be omnipresent, and the battlefield will be everywhere. It means that all weapons and technology can be superimposed at will … that all the boundaries lying between the two worlds of war and nonwar, of military and nonmilitary, will be totally destroyed … the rules of war may need to be rewritten.

54 Does CNA = Force? ã Focus on Consequences of CNA Consider Severity/NatureConsider Severity/Nature No Bright LinesNo Bright Lines ã Some Tools/Targets May Constitute Force ã Focus on Consequences of CNA Consider Severity/NatureConsider Severity/Nature No Bright LinesNo Bright Lines ã Some Tools/Targets May Constitute Force

55 International Law ã Triggers for self-defense right? ã Intruder defeats security and gains entry into computer systems ã Significant damage to attacked system or data ã System is critical to national security ã Intruder’s conduct or context clearly manifests malicious intent ã Triggers for self-defense right? ã Intruder defeats security and gains entry into computer systems ã Significant damage to attacked system or data ã System is critical to national security ã Intruder’s conduct or context clearly manifests malicious intent

56 Computer Responses ã Launching responsive CNA to disable intruder’s equipment ã May not defeat state-sponsored ops ã May serve as shot across the bow ã Useful for shaping conflict ã Reciprocal ã Launching responsive CNA to disable intruder’s equipment ã May not defeat state-sponsored ops ã May serve as shot across the bow ã Useful for shaping conflict ã Reciprocal

57 Kinetic Responses ã Response to CNA need not be CNA ã Lack of target, access etc. may limit options ã Traditional LOAC analysis: Military necessityMilitary necessity ProportionalityProportionality ã Response to CNA need not be CNA ã Lack of target, access etc. may limit options ã Traditional LOAC analysis: Military necessityMilitary necessity ProportionalityProportionality

58 Attribution ã Huge technical challenge ã Intelligence data/analysis critical ã Links to other events ã State sponsored or not? ã Identity and intent ã Huge technical challenge ã Intelligence data/analysis critical ã Links to other events ã State sponsored or not? ã Identity and intent

59 Remedies ã If not state-sponsored, law enforcement authorities are primary response ã If nation unable or unwilling to prevent recurrence, use self-defense ã Providing safe refuge can be complicity ã Complicity can be state action ã If not state-sponsored, law enforcement authorities are primary response ã If nation unable or unwilling to prevent recurrence, use self-defense ã Providing safe refuge can be complicity ã Complicity can be state action

60 Legal/Policy Considerations ã Continuing threat to national security ã Demonstration of resolve ã World opinion ã Reciprocity ã Continuing threat to national security ã Demonstration of resolve ã World opinion ã Reciprocity

61 Domestic Law- No Military Exclusion ã 18 USC 1367: Felony to intentionally or maliciously interfere with a communications or weather satellite, or to obstruct or hinder any satellite transmission. ã 10 USC 1030: Misdemeanor to intentionally access a computer without authorization or exceed access

62 Domestic Law (cont) ã 18 USC 2511: prohibits intercept and disclosure of wire, oral, electronic communications. FISA exceptionFISA exception ã DOJ/GC opinion: domestic criminal law does not apply to actions of US military members executing instructions of the NCA

63 LOAC: Customary Legal Principles and IW ã Military Necessity ã Distinction ã Proportionality (possible problem) ã Humanity (unlawful weapons) ã Chivalry (Perfidy) ã [Law of Neutrality]

64 Military Necessity ã Military Infrastructures: Lawful Target ã Purely Civilian Infrastructure: Unlawful, Maybe... Stock ExchangesStock Exchanges BanksBanks UniversitiesUniversities

65 Distinction ã Combatants vs. Noncombatants ã Computer Network Attack Our “cyber-warriors” are required to be part of militaryOur “cyber-warriors” are required to be part of military Attack from.mil??Attack from.mil??

66 Proportionality ã During Desert Storm one of the earliest targets was the electrical power system Lawful target: military useLawful target: military use ã Iraqi response: Coalition’s attack constituted attempted genocide City’s sewage system backed up, threat of epidemic diseaseCity’s sewage system backed up, threat of epidemic disease

67 Humanity: Unlawful Weapons ã Illegal Per Se (by Treaty) PoisonsPoisons Glass projectilesGlass projectiles DumDum BulletsDumDum Bullets ã Illegal by treaty because of indiscriminate effects Biological/Bacteriological weaponsBiological/Bacteriological weapons Chemical weaponsChemical weapons

68 Indiscriminate Weapons? ã Lasers (earth/space based) ã Malicious Logic ã Worms/Viruses ã EMP Devices

69 Chivalry ã The waging of war in accordance with well- recognized formalities and courtesies Permits lawful “ruses and stratagems” intended to lawfully mislead the enemyPermits lawful “ruses and stratagems” intended to lawfully mislead the enemy Prohibits perfidy -- treacherous acts intended to take unlawful advantage of the enemy’s “good faith”Prohibits perfidy -- treacherous acts intended to take unlawful advantage of the enemy’s “good faith” ã What about taking over your enemy’s computer network: to send supplies to the wrong place?to send supplies to the wrong place? to declare an end to the war?to declare an end to the war?

70 Perfidy Improper use of Flags of Truce Protected Status Distinctive Emblems Uniforms of Neutrals

71 Law of Neutrals - Neutrality by a State means refraining from all hostile participation in the armed conflict - It is the duty of belligerents to respect the territory and rights of neutral States Austria Switzerland Jordan

72 Hague V, Art. 1 ã Prohibits any unauthorized entry into the territory of a neutral State, its territorial waters, or the airspace over such areas by troops or instrumentalities of war ã If one belligerent enters neutral territory, the other belligerent, or neutral State may attack them there

73 Law of Neutrals ã Neutrality under UN Charter? ã 1907 Hague Convention--Facilities are provided impartially to both sides ã Systems that generate information v. merely relay communications

74 Summary ã Interplay of different International Law Regimes ã If it is not prohibited, it is permitted ã What we do will have tremendous effect on how this area of the law develops

75 Relevant Directives (To name a few!) ã PDD 62, Combating Terrorism ã PDD 63, Critical Infrastructure Protection ã JP3-13, Joint Doctrine for Information Operations ã DoDD S , Information Operations ã DOD Memorandum on Web Site Administration, 7 Dec 98 ã DOD Memorandum on Communications Security and Information Systems Monitoring, 27 Jul 97 ã AFDD 2-5, Information Operations ã AFI , Transmission of Information via the Internet ã AFI , Electronic Mail Management and Use ã AFI , Telecommunications Monitoring and Assessment Program ã AFI , Intelligence Oversight ã TJAG Policy Letter 31, Legal Information Services


Download ppt "Legal Aspects of IO IW 230 College of Aerospace Doctrine, Research, and Education."

Similar presentations


Ads by Google