|
|
|
ix | |
|
|
|
x | |
| About the author |
|
xi | |
| Preface |
|
xiii | |
| Post script |
|
xvi | |
|
|
|
xvii | |
|
PART I BACKGROUND FOR CYBERSECURITY LAW |
|
|
|
1 Introduction: Cybersecurity and cybersecurity law |
|
|
2 | (9) |
|
1.1 Defining cybersecurity |
|
|
2 | (4) |
|
1.2 Cybersecurity law: Overview of the book |
|
|
6 | (5) |
|
2 Cyberspace, security, and law |
|
|
11 | (19) |
|
2.1 What is `security' in `cyberspace'? |
|
|
11 | (6) |
|
2.1.1 What is the `internet'? |
|
|
11 | (2) |
|
2.1.2 What is `cyberspace'? |
|
|
13 | (1) |
|
2.1.3 What is `security'? |
|
|
14 | (3) |
|
2.2 What is internet governance? |
|
|
17 | (4) |
|
2.3 What is cybersecurity governance? |
|
|
21 | (2) |
|
2.4 What is the role of law in cybersecurity governance? |
|
|
23 | (7) |
|
2.4.1 The functions of law and technological change |
|
|
23 | (1) |
|
2.4.2 Domestic law and cybersecurity governance |
|
|
24 | (1) |
|
2.4.3 International law and cybersecurity governance |
|
|
25 | (5) |
|
PART II CYBERSECURITY AND NON-STATE ACTORS: CRIME AND TERRORISM IN CYBERSPACE |
|
|
|
|
|
30 | (25) |
|
3.1 The cybercrime problem |
|
|
30 | (2) |
|
3.2 Cybercrime and domestic law |
|
|
32 | (9) |
|
3.2.1 Jurisdictional issues |
|
|
33 | (1) |
|
3.2.2 Substantive criminal law |
|
|
34 | (2) |
|
3.2.3 Criminal procedure and law-enforcement access to electronic data and communications |
|
|
36 | (1) |
|
3.2.4 Law enforcement, encryption, and `going dark' |
|
|
37 | (2) |
|
3.2.5 `Harden the target' and `hacking back': Cyber defence and cyber deterrence |
|
|
39 | (2) |
|
3.3 Cybercrime and international law |
|
|
41 | (14) |
|
3.3.1 Sovereignty, non-intervention, and jurisdiction to prescribe and enforce law |
|
|
41 | (1) |
|
3.3.2 Extradition and mutual legal assistance treaties |
|
|
42 | (3) |
|
3.3.3 Harmonizing domestic law and facilitating law-enforcement cooperation through cybercrime treaties |
|
|
45 | (4) |
|
3.3.4 International law and cybercrime: Cyber defence and cyber deterrence |
|
|
49 | (6) |
|
|
|
55 | (23) |
|
4.1 The cyber terrorism problem |
|
|
55 | (2) |
|
4.2 Cyber terrorism and criminal law |
|
|
57 | (9) |
|
4.2.1 Criminalizing acts of, support for, and glorification and incitement of terrorism |
|
|
57 | (3) |
|
4.2.2 International law and the criminalization of terrorism |
|
|
60 | (5) |
|
4.2.3 Criminal law, terrorism, and cyber terrorism |
|
|
65 | (1) |
|
4.3 Protecting critical infrastructure from terrorism |
|
|
66 | (3) |
|
4.3.1 Critical-infrastructure protection and domestic law |
|
|
66 | (1) |
|
4.3.2 Critical-infrastructure protection and international law |
|
|
67 | (2) |
|
4.4 Counterterrorism, electronic surveillance, and cybersecurity |
|
|
69 | (5) |
|
4.4.1 Counterterrorism, electronic surveillance, and domestic law |
|
|
69 | (3) |
|
4.4.2 Counterterrorism, electronic surveillance, and international law |
|
|
72 | (2) |
|
4.5 International law and state responsibility for combating terrorism |
|
|
74 | (4) |
|
PART III CYBERSECURITY AND STATE ACTORS: ESPIONAGE AND WAR IN CYBERSPACE |
|
|
|
|
|
78 | (26) |
|
5.1 The cyber espionage problem |
|
|
79 | (2) |
|
5.2 Cyber espionage and international law |
|
|
81 | (9) |
|
5.2.1 The traditional approach to espionage under international law |
|
|
81 | (1) |
|
5.2.2 Cyber espionage and rethinking the traditional approach to espionage under international law |
|
|
82 | (2) |
|
5.2.3 Cyber espionage, economic cyber espionage, and the extraterritorial application of international law |
|
|
84 | (6) |
|
5.3 Domestic law and cyber espionage |
|
|
90 | (11) |
|
5.3.1 Conducting cyber espionage |
|
|
91 | (2) |
|
5.3.2 Defending against cyber espionage |
|
|
93 | (5) |
|
5.3.3 Balancing cyber offence and defence: The zero-day vulnerability problem |
|
|
98 | (3) |
|
5.4 Beyond cyber espionage: Covert cyber operations |
|
|
101 | (3) |
|
|
|
104 | (38) |
|
6.1 The cyber war problem |
|
|
105 | (3) |
|
6.2 Going to war in cyberspace: Domestic law and war powers |
|
|
108 | (4) |
|
6.2.1 Stuxnet as a case study |
|
|
109 | (1) |
|
6.2.2 War powers in domestic law |
|
|
110 | (2) |
|
6.3 Going to war in cyberspace: International law on the use of force |
|
|
112 | (15) |
|
6.3.1 The prohibition of the use of force and the right to use force in self-defence |
|
|
112 | (2) |
|
6.3.2 Determining what is a `use of force' and an `armed attack' |
|
|
114 | (2) |
|
6.3.3 Responding to a use of force or an armed attack |
|
|
116 | (1) |
|
6.3.4 Anticipatory self-defence |
|
|
117 | (2) |
|
6.3.5 The principles on state responsibility |
|
|
119 | (1) |
|
6.3.6 The act and crime of aggression |
|
|
120 | (1) |
|
6.3.7 Security Council authorization of the use of force |
|
|
121 | (1) |
|
6.3.8 Humanitarian intervention |
|
|
122 | (1) |
|
6.3.9 Cyber operations not constituting uses of force |
|
|
122 | (5) |
|
6.4 Fighting armed conflict in cyberspace |
|
|
127 | (11) |
|
6.4.1 Background on international humanitarian law |
|
|
127 | (2) |
|
6.4.2 Cyber operations and armed conflict |
|
|
129 | (7) |
|
6.4.3 Cyber operations during international armed conflict |
|
|
136 | (1) |
|
6.4.4 Cyber operations during non-international armed conflict |
|
|
137 | (1) |
|
6.5 Arms control and cyber weapons |
|
|
138 | (4) |
|
6.5.1 Arms control strategies |
|
|
139 | (1) |
|
6.5.2 Confidence-building measures |
|
|
140 | (1) |
|
6.5.3 Export control strategies |
|
|
140 | (2) |
|
7 Conclusion: Cybersecurity law in a divided world |
|
|
142 | (10) |
|
7.1 Taking stock of cybersecurity law |
|
|
142 | (3) |
|
7.1.1 Cybersecurity and non-state actors: Cybercrime and cyber terrorism |
|
|
142 | (2) |
|
7.1.2 Cybersecurity and state actors: Cyber espionage and cyber war |
|
|
144 | (1) |
|
7.2 Cybersecurity's 20 years' crisis |
|
|
145 | (3) |
|
7.3 The next decade in cybersecurity law |
|
|
148 | (2) |
|
|
|
148 | (1) |
|
|
|
149 | (1) |
|
|
|
150 | (2) |
| Index |
|
152 | |
