Skip to main content

The NAC is NATO’s primary political decision-making body and consists of Permanent Representatives (Ambassadors) from each of the 28 NATO allies. 

Exeter Law Professor Addresses NATO Secretary-General and North Atlantic Council on Cyber Law

On 19 January, Professor Mike Schmitt spoke on international law of cyber operation to NATO Secretary-General Jens Stoltenberg, Deputy Secretary-General Rose Gottemoeller, and the North Atlantic Council (NAC).

The NAC is NATO’s primary political decision-making body and consists of Permanent Representatives (Ambassadors) from each of the 28 NATO allies.  It provides high-level oversight regarding the implementation of the ‘NATO Policy on Cyber Defence’, is apprised of major cyber incidents and attacks, and exercises principal authority in cyber defence-related crisis management.

Professor Schmitt spoke on two subjects. First, he provided an update on the Tallinn Manual process, which he directs. For the last seven years, a group of senior legal practitioners and academics has been working to set forth the law governing operations in cyberspace during both peacetime and periods of armed conflict. The first phase of the project resulted in publication of the Tallinn Manual on the International Law Applicable to Cyber Warfare in 2013 by Cambridge University Press. Since that time, the group has been examining the relevant peacetime legal regimes. The culmination of that work is the forthcoming Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations.  The project has been conducted under the auspices of the NATO Cooperative Cyber Defence Centre of Excellence, with the generous support of the Dutch Ministry of Foreign Affairs.

Schmitt then went on to analyse key ‘grey areas’ in the law governing cyber operations, that is, those aspects of the international law with respect to which the precise contours of the law are relatively unsettled as applied in the cyber context.  Among the topics he discussed were violations of sovereignty by cyber means, cyber intervention, the legal requirements for attribution of cyber-attacks, and the range of responses that are available when a state faces cyberattacks from other states or from non-state actors, like terrorists.

In addition to addressing the NATO leadership, Professor Schmitt has been active on the speaker’s circuit.  In the last month, he also spoke at the annual ‘Suits and Spooks’ conference in Washington, DC, focusing on how international law governs the activities of private actors in cyberspace. He was later the guest speaker on cyber law at a dinner event organized by the Brunswick Group, which is an advisory firm specializing in critical issues and corporate relations.

Tallinn Manual 2.0 is due for publication on February 2 by Cambridge University Press.  Formal launches will be held in Washington, the Hague, Tallinn, and Canberra throughout February.

Date: 25 January 2017

Read more University News