Cyberwarfare: Hard to Prevent, Oversee and Even Know Who’s to Blame
By Alexandra Buller
June 17, 2011
U.S. President Barack Obama is calling for cybersecurity legislation, but the legal and policy issues arising out of cyberwarfare are largely unsettled.
So when the _ assembled a panel of experts on June 13 to discuss recent developments in cyberwarfare law, they called their program “Cyberwarfare Law and Frontier Justice: What’s the Law, Who’s the Judge, and Where’s the Authority?”
There are few guidelines and much uncertainty in the field of cyberwarfare law. “Those in the practice of cyberwar law are in the wild, wild west,” said David Z. Bodenheimer, co-chair of the ABA Section of Science and Technology Law Homeland Security Committee and vice co-chair of the ABA Section of Public Contract Law Cyberspace Committee.
“At this point, we don’t know how to build something to defend every attack,” said Dr. Herbert S. Lin, chief scientist, Computer Science & Telecommunications Board of the National Research Council. Lin directed a report in 2009 for the National Research Council called “Technology, Policy, Law and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities.”
States that fail to take precautions for cybersecurity can be held responsible for attacks originating within their borders, whether or not the actual attacker is known.
“This has become the norm of state response,” said Dr. Catherine Lotrionte, executive director, Institute for Law, Science and Global Security at Georgetown University. “The U.S. has a lot of cleaning up to do before they become sticklers, though,” she said.
Suzanne Spaulding, principal, Bingham Consulting Group, further reinforced that while developing the legal framework for cybersecurity policy, policymakers need to include oversight. “We need to take a step back and think about the politically sensitive areas,” she said.
This program was co-sponsored by the ABA Science and Technology Law Section’s Homeland Security Committee, the ABA Public Contract Law Section’s Cybersecurity Committee, and the Standing Committee on Law and National Security.