Latest edition of influential Cyber Law Toolkit tracks online warfare around the globe

The Cyber Law Toolkit, an established go-to resource for professionals and scholars working on international law and cyber operations, has been updated again for 2022.

The Toolkit contains a customizable overview of all available national positions on international law and cyber operations. Users can search for specific countries or compare different states’ views on a diverse range of topics such as sovereignty, non-intervention, or due diligence.

The project is currently supported by the Czech National Cyber and Information Security Agency (NÚKIB), the International Committee of the Red Cross (ICRC), the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the University of Exeter, the U.S. Naval War College and Wuhan University, China.

A recent report of the Inter-American Juridical Committee described the Toolkit as “an extremely useful interactive online tool for the analysis of international law and cyber operations”.

Dr Kubo Mačák, general editor of the Toolkit, said: “In the recent years, we have seen cyber-attacks against States’ critical civilian infrastructure, such as electricity grids or water systems. Such incidents can have devastating consequences for people and vast economic and geopolitical repercussions. We thus need to understand the legal constraints on State conduct in cyberspace.”

Tomáš Minárik, managing editor, added: “Our project offers a variety of legal tools to States and other stakeholders who work with matters at the intersection of international law and cyber operations. So far, the Toolkit has influenced State views and it has become a key reference point for governments, militaries, international organizations, and academics.”

Experts are tracking over 30 national positions on international law and cyber operations. This means the database continues to inform discussions by nations and other stakeholders on the clarification and development of international law in this area.

The Toolkit’s repository of landmark cyber incidents has grown by more than a third to the current total of 62 incidents. Some of the most recent incidents featured in the Toolkit include the Viasat KA-SAT hack, the Predatory Sparrow incident and the Kazakhstan internet blockage, all from 2022.

The Toolkit‘s core asset are hypothetical scenarios, each of which contains a description of realistic cyber incidents inspired by real-world examples and accompanied by detailed legal analysis written in an accessible language.

Tatiana Jančárková, scenario editor, said: “The Toolkit is the first and unique interactive online resource which provides a comprehensive legal analysis of scenarios that are based on real cyber incidents. These scenarios are created in a process of constant exchange between the researchers at the partner universities and the practitioners at the professional partner institutions.”

The 2022/23 general update of the Cyber Law Toolkit contains three new scenarios, which cover export licensing of intrusion tools in peacetime, contesting and redirecting ongoing attacks in time of armed conflict, and extraterritorial incidental civilian cyber harm under international human rights law.

The launch of the updated version took place at the University of Exeter on Thursday 20 October 2022. The attendees discussed the importance of international law for regulating state behaviour in cyberspace and the contribution that the Toolkit has made in this area.