Long-awaited cyber norms manual Tallinn 2.0 published


At long last, the much anticipated second iteration of the Tallinn Manual has been released.

“Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations” follows the first Tallinn Manual, released in 2013, which focused on cyber operations that violate the prohibition of the use of force in international relations, where one state must not coerce another state with regard to things reserved to that state.

Tallinn 2.0 expands its scope to cover international law governing cyber operations to peacetime legal regimes and more common cyber incidents that a state might encounter day to day.

The product of a three-year, follow-on project by a new group of 20 international law experts, and sanctioned by the NATO Cooperative Cyber Defence Centre of Excellence, the Tallinn 2.0 addresses several topics to include:

  • Sovereignty
  • State responsibility
  • Human rights
  • The law of air, space and the sea

Additionally, the manual identifies 154 “black letter” rules governing cyber operations and provides extensive commentary on these rules.

The international community has struggled to develop and enforce norms in cyberspace vis-à-vis the physical world given the obfuscation that cyberspace affords potentially malicious actors. State Department Coordinator for Cyber Issues Christopher Painter has traveled extensively, working with other nations in an attempt to build coalitions and consensus for international cyber norms.

“I think the correct course is for us [the U.S. and its allies] to … pursue this idea of what effects we’re trying to control, what are the rules of the road, what are the norms that we want, how does international law apply, how do we communicate with each other … to make sure we have a long-term, stable environment in cyberspace,” he told the Senate Foreign Relations Committee in May.

Incidents such as the reported influence operation against the U.S. during the election, allegedly perpetrated by Russia, while provocative might bode well for developing international norms in this space as it forces states to take a position.

Discussions like crafting international norms can move slowly because states approach the subject cautiously, not wanting to restrict their own capabilities, said Michael Schmitt, a law professor at the U.S. Naval War College and director of the Tallinn Manual project. Incidents such as the most recent election hacking allegations could force states to become more aggressive in pursuing laws and norms they otherwise would not have endorsed, he added.