TALLINN MANUAL and GLOBAL CYBER WARFARE POLICIES

Module 19
Cyber Warfare & Tallinn

Manual By: Anupam Tiwari
by Anupam Tiwari
CYBER WARFARE
by Anupam Tiwari
by Anupam Tiwari
INFORMATION SHARED in the presentation
is available along with source links in slides and
all documents referenced in the presentation will
be SHARED in a Google drive link at the
conclusion
NOTE: Questions can be posted in the chat window or can be taken on at

the end of presentation
by Anupam Tiwari
I WILL RUSH THROUGH FEW SLIDES &
DELIBERATE ON FEW
The slides I rush are respective take off points for
interested participants to explore and know more
FOR AUDIENCE RETENTION,SLIDES ARE

GRAPHIC INTENSIVE FROM OPEN DOMAIN IN
GOOGLE SEARCH
by Anupam Tiwari
The PRESENTATION brings…….
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
Cyber Terrorism & Warfare Digital payments, credit, debit & cash cards,
mobile wallets, net banking, UPI
Artificial Intelligence
Domain name disputes
Torrents, dark web, p2p networks, and file-sharing
Bitcoin & other crypto-currencies E-commerce Software licenses
Cloud computing Spam, hate speech and trolling E-governance, E-courts & E-tenders
Cryptography Electronic & Digital Signatures Telemedicine Online education
Cyber Crime Investigation and Forensics Video conferencing

Digital Evidence
Online gambling & gaming, and pharmacies Internet of Things
Electronic contracts
Data breaches and data privacy Electronic voting machines
Cyber Insurance Online share trading, banking, and tax filing
Hacking, malware, ransomware, and other Extradition of cyber criminals

cybercrimes
Cyber security and incident response Information Technology Law Compliance
Intermediaries like Internet Service Providers (ISPs), Social Media Platforms, Email services,
video streaming services by Anupam Tiwari
Cyber Terrorism & Warfare Digital payments, credit, debit & cash cards,
mobile wallets, net banking, UPI
Artificial Intelligence
Domain name disputes
Torrents, dark web, p2p networks, and file-sharing
Bitcoin & other crypto-currencies E-commerce Software licenses
Cloud computing Spam, hate speech and trolling E-governance, E-courts & E-tenders
Cryptography Electronic & Digital Signatures Telemedicine Online education
Cyber Crime Investigation and Forensics Video conferencing

Digital Evidence
Online gambling & gaming, and pharmacies Internet of Things
Electronic contracts
Data breaches and data privacy Electronic voting machines
Cyber Insurance Online share trading, banking, and tax filing
Hacking, malware, ransomware, and other Extradition of cyber criminals

cybercrimes
Cyber security and incident response Information Technology Law Compliance
Intermediaries like Internet Service Providers (ISPs), Social Media Platforms, Email services,
video streaming services by Anupam Tiwari
STEP 4 : Towards Conclusion: ????? (We will discuss)
STEP 3 : Global view : Awesome CONFUSION
STEP 2 : Connecting DOTS: Little CONFUSION
STEP 1 : Simple Understanding: No CONFUSION

by Anupam Tiwari
POLICIES & THEORY LECTURES ON
ROUTINE CYBER WARFARE
by Anupam Tiwari
TALLINN
MANUAL
& by Anupam Tiwari
Michael N. Schmitt
,an American
international law
scholar specializing
in international
humanitarian law,
use of force issues,
and the international
law applicable to
cyberspace
Known for his work in directing
the 7+ year project leading to
publication of the two Tallinn
by Anupam Tiwari
Manuals
by Anupam Tiwari
Tallinn is the capital and most populous city of
Estonia. Located in the northern part of the country,
on the shore of the Gulf of Finland of the Baltic Sea, it
has a population of 437,619 in 2020
HOME to the NATO Cyber Defence Centre of Excellence &

listed among the top ten digital
by Anupamcities
Tiwari in the world in 2007
TALLINN MANUAL
The Tallinn Manual is an academic, non-binding

study on how international law (in particular the jus
ad bellum and jus in Bello) applies to CYBER
CONFLICTS & CYBER WARFARE
by Anupam Tiwari
TALLINN MANUAL
Between 2009 and 2012, the Tallinn Manual was
written at the invitation of the Tallinn-based NATO
Cooperative Cyber Defence Centre of Excellence by
an international group of approximately twenty
experts. In April 2013, the manual was published by
Cambridge University Press
by Anupam Tiwari
TALLINN MANUAL
by Anupam Tiwari
BIRTH OF NATO
by Anupam Tiwari
BIRTH OF NATO with 12 countries
Belgium, Canada, Denmark, France,
Iceland, Italy, Luxembourg, Netherlands,
Norway, Portugal, United Kingdom and
United States
Often said that the North Atlantic
Treaty Organization was
founded in response to the threat
posed by the Soviet Union
by Anupam Tiwari
BIRTH OF NATO with 12 countries
These countries were sworn to stand
against aggression
“AN ATTACK AGAINST ONE WILL BE AN
ATTACK AGAINST ALL”
by Anupam Tiwari
NATO started with 12 countries
While as on date the strength is 30

countries
by Anupam Tiwari
NATO 30 Countries
by Anupam Tiwari
NATO
North Atlantic Treaty Organization also called
the North Atlantic Alliance, is an
intergovernmental military alliance between
30 European and North American
countries.
by Anupam Tiwari
NATO PURPOSE
The organization implements the North Atlantic Treaty that
was signed on 4 April 1949
by Anupam Tiwari
NATO PURPOSE
NATO's essential and enduring purpose is TO

SAFEGUARD THE FREEDOM AND SECURITY of
all its members by political and military
means
COLLECTIVE DEFENCE is at the heart of the

Alliance and creates a spirit of solidarity
and cohesion among its members
by Anupam Tiwari
NATO PURPOSE
Alliance’s creation was part of a broader effort to serve three
purposes:
 Deterring SOVIET EXPANSIONISM
 FORBIDDING revival of nationalist MILITARISM in

Europe through a strong North American presence on
the continent
 Encouraging European POLITICAL INTEGRATION
by Anupam Tiwari
NATO HQs
NATO's Headquarters are located in Haren, Brussels, Belgium,

while the headquarters of Allied Command Operations is near
Mons, Belgium.
by Anupam Tiwari
by Anupam Tiwari
i.e. after 58 years 23 days
by Anupam Tiwari
ESTONIA
by Anupam Tiwari
NATO CCD COE
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
BRONZE SOLDIER OF TALLINN
by Anupam Tiwari
Informal name of a controversial Soviet World War II
war memorial in Tallinn, Estonia, built at the site of
several war graves
The monument depicting a Soviet soldier

was unveiled by the Soviets on 22
September 1947, at burial site of Soviet
troops who died while taking Tallinn in
World War II on 22nd Sept 1944
by Anupam Tiwari
This monument had developed two very distinct
identities
For the local Russian minority it

represents the “LIBERATOR” while for
the Estonians it represents the
“OPPRESSOR”
Over years, the STATUE had become a

focal point of tension between pro-
Kremlin and Estonian nationalist
movements by Anupam Tiwari
In order to DEFUSE THE SITUATION and to RELOCATE THE WAR-
DEAD from a traffic intersection to a more peaceful resting
place the Estonian government DECIDED to move the
monument and the accompanying remains to A MILITARY
CEMETERY in Tallinn
Work began on the 26th of April 2007 and during the

day, mostly PEACEFUL protesters gathered at the site,
but in the evening a more VIOLENT CROWD emerged
by Anupam Tiwari
On 27 April 2007, the Estonian government relocated
the Bronze Soldier and, after their EXHUMATION
AND IDENTIFICATION, the remains of the Soviet
soldiers, to the Defence Forces Cemetery of Tallinn
POLITICAL DIFFERENCES over the interpretation of the

events of the war symbolised by the monument led
to a controversy between Russia and Estonia
by Anupam Tiwari
A series of CYBERATTACKS which began on 27 April
2007 and targeted websites of Estonian organizations,
including Estonian parliament, banks, ministries,
newspapers and broadcasters.
This came amidst the COUNTRY‘s DISAGREEMENT

WITH RUSSIA about THE RELOCATION OF THE
by Anupam Tiwari
THE RELATIVE
by Anupam Tiwari
The events caught INTERNATIONAL

ATTENTION and led to a multitude of political
reactions
by Anupam Tiwari
Attacks that had any influence on the general public
were DISTRIBUTED DENIAL OF SERVICE TYPE ATTACKS
ranging from single individuals using various
methods like ping floods to expensive rentals of
botnets usually used for spam distribution
by Anupam Tiwari
Spamming of bigger news
portals commentaries and
DEFACEMENTS including that
of the Estonian Reform Party
website also occurred
Research has also shown that large conflicts took

place to EDIT the English-language version of the
Bronze Soldier's Wikipedia page
by Anupam Tiwari
May have been the SECOND-LARGEST INSTANCE of
state-sponsored cyberwarfare, following TITAN RAIN
by Anupam Tiwari
Titan Rain was a series of coordinated attacks on
computer systems in the United States since 2003
which went ON for at least three years
Attacks originated in Guangdong, China
Believed to be associated with a STATE-SPONSORED

advanced persistent threat.
Titan Rain hackers GAINED ACCESS to many United

States DEFENSE CONTRACTOR
by Anupam Tiwari
computer networks
Cyber attacks in question took place between 27
April and 18 May of 2007
Vast majority of the malicious traffic

originated from OUTSIDE ESTONIA
Malicious traffic contained clear indications of

Russian language background
by Anupam Tiwari
by Anupam Tiwari
Estonia's Response & Legalities
by Anupam Tiwari
Estonia's response & Legalities
On 2 May 2007, a criminal investigation was

opened into the attacks under a section of the
Estonian Penal Code criminalizing computer
sabotage and interference with the working
of a computer network, felonies punishable
by imprisonment of up to three years
by Anupam Tiwari
As a number of attackers turned out to be within the

jurisdiction of the Russian Federation, on 10 May 2007,
Estonian Public Prosecutor's Office made a formal
investigation assistance request to the Russian
Federation's Supreme Procurature under a Mutual
Legal Assistance Treaty (MLAT) existing between
Estonia and Russia
by Anupam Tiwari
Russian State DELEGATION PROMISED that it
would AID such investigation in every way and
visit Estonia soon
by Anupam Tiwari
On 28 June, RUSSIAN SUPREME Procurature REFUSED

ASSISTANCE, claiming that the proposed
investigative processes are not covered by the
applicable MLAT
by Anupam Tiwari
Estonian Public Prosecutor's Office CRITICIZED this
decision while pointing out that all the requested
processes are actually enumerated in the MLAT
On 24 January 2008, Dmitri Galushkevich, a

student living in Tallinn, was FOUND GUILTY
of participating in the attacks and fined 17,500
kroons (approximately US$1,640) for attacking
the websiteby Anupam
of theTiwari Estonian Reform Party
Dmitri Galuškevitš conviction was POSSIBLE because

he committed the attacks from ESTONIA and
therefore enough evidence could be collected
by Anupam Tiwari
RUSSIAN Response
Since 2008, RUSSIAN AUTHORITIES have been

consistently denying Estonian law
enforcement any investigative cooperation,
thus effectively ELIMINATING CHANCES that
those of the perpetrators that fall within
Russian jurisdiction will be brought to TRIAL
by Anupam Tiwari
International & NATO Response
The attacks triggered a number of MILITARY
ORGANIZATIONS around the world TO RECONSIDER
THE IMPORTANCE OF NETWORK SECURITY to modern
military doctrine
On 14 June 2007, DEFENCE MINISTERS of NATO org

held a meeting in Brussels, PROMISING IMMEDIATE
ACTION
by Anupam Tiwari
NATO organisation
by Anupam Tiwari
NATO organisation
by Anupam Tiwari
by Anupam Tiwari
NATO response
In response to such attacks, NATO
conducted an internal assessment of
their cyber security and
infrastructure defenses
The assessment resulted in a report issued

to the allied defense ministers
Developed into the creation of a cyber defense policy

and the creation of the NATO Cooperative Cyber
Defence Center of Excellence (CCDCOE)
by Anupam Tiwari
NATO CCD COE
The report OUTLINED

INTERNATIONAL LAWS which are
considered applicable to the CYBER
REALM
The manual includes a total of NINETY-FIVE "BLACK-

LETTER RULES" addressing cyber conflicts
by Anupam Tiwari
CCDCOE
On 25 June 2007, Estonian president met with US
president, and among the topics DISCUSSED were the
attacks on Estonian infrastructure and est of NATO
Cooperative Cyber Defence Centre of Excellence
(CCDCOE) to operate out of Tallinn, Estonia, since
August 2008
by Anupam Tiwari
by Anupam Tiwari
• Human Intelligence
• Integrated Air and Missile
• Analysis and Simulation for Air Defence
operations • Joint Air Power
• Civil-Military Cooperation • Joint Chemical, Biological,
• Cold Weather Operations Radiological and Nuclear Defence
• Combined Joint Operations from • Maritime Security
the Sea • Military Engineering
• Command and Control • Military Medicine
• Cooperative Cyber Defence • Military Police
• Counter-Improvised Explosive • Modelling and Simulation
Devices • Mountain Warfare
• Counter Intelligence • Naval Mine Warfare
• Crisis Management and Disaster • Operations in Confined and
Response Shallow Waters
• Defence Against Terrorism • Security Force Assistance
• Energy Security • Stability Policing
• Explosive Ordnance Disposal • Strategic Communications
by Anupam Tiwari
CYBER Interventions
by Anupam Tiwari
ESTABLISHED on 14 May 2008, it
received full accreditation by NATO and
attained the status of International
Military Organisation on 28 October
2008
by Anupam Tiwari
NATO CCD COE
i.e. NATO Cooperative Cyber Defence
Centre of Excellence
Located in Tallinn, Estonia
by Anupam Tiwari
“DIRECT RESULT of the cyberattacks was
the creation of the NATO Cooperative
Cyber Defence Centre of Excellence in
Tallinn, Estonia”
by Anupam Tiwari
NATO CCD COI
by Anupam Tiwari
NATO CCD COI
by Anupam Tiwari
TALLINN MANUAL
Tallinn Manual originally entitled,

“Tallinn Manual on the International Law
applicable to Cyber Warfare”
by Anupam Tiwari
TALLINN MANUAL
Tallinn Manual has WORKED TO PROVIDE A

GLOBAL NORM in cyber space by applying
existing international law to cyber warfare
The manual suggests that states do not

have SOVEREIGNTY OVER THE INTERNET,
but that they do have SOVEREIGNTY OVER
COMPONENTS OF THE INTERNET in their
territory
by Anupam Tiwari
TALLINN MANUAL
The Tallinn Manual is an academic, non-
binding study on how international law (in
particular the jus ad bellum and jus in
bello) applies to cyber conflicts and cyber
warfare
by Anupam Tiwari
TALLINN MANUAL
The Tallinn Manual is an academic, non-
binding study on how international law (in
particular the jus ad bellum and jus in
bello) applies to cyber conflicts and cyber
warfare
by Anupam Tiwari
by Anupam Tiwari
Jus ad bellum
"refers to the CONDITIONS under which

STATES may RESORT to WAR or to the use
of armed force in general.“
These rules FOCUS on certain CRITERIA

for what makes a war just
by Anupam Tiwari
Jus in bello
International humanitarian law, or jus in bello,
is the law that governs the way in which
warfare is conducted
IHL is purely humanitarian, seeking to

limit the suffering caused
Independent from questions about the

justification or reasons for war, or its
prevention, covered by jus ad bellum
by Anupam Tiwari
STATE vs NON STATE ACTORS
NON-STATE ACTORS include organizations and

individuals that are not affiliated with, directed by,
or funded through the government
In United States law, a STATE ACTOR is a person who

is acting on behalf of a governmental body, and is
therefore subject to limitations imposed on
government by the United States Constitution
by Anupam Tiwari
LEX LATA
Is a Latin expression that means "the law

as it exists”
by Anupam Tiwari
LEX FERENDA
Is a Latin expression that means "future law" used in

the sense of "what the law should be"
by Anupam Tiwari
SOVEREIGNTY
Sovereignty is the SUPREME AUTHORITY within a TERRITORY
In any state, sovereignty is assigned to the PERSON, BODY,

OR INSTITUTION that has the ULTIMATE AUTHORITY over
other people in order to ESTABLISH A LAW
In political theory, sovereignty is a SUBSTANTIVE TERM

designating SUPREME LEGITIMATE AUTHORITY
In international law, sovereignty is the Exercise of Power by A

State. De jure sovereignty refers to the legal right to do so; De
facto sovereignty refers to the factual ability to do so.
by Anupam Tiwari
DIGITAL SOVEREIGNTY
Idea to CONTROL AND GOVERN ACCESS,

Information, Communication, Network, and
Infrastructure in digital realm by international actors
Source: Couture, Stephane & Toupin, Sophie. 2019. “What Does the Notion of “Sovereignty”
by Anupam Tiwari
Mean When Referring to the Digital?”, New Media & Society, 21(10):2305-2322.
CYBERCRIME LEGISLATION
WORLDWIDE
by Anupam Tiwari
Cybercrime Legislation Worldwide
by Anupam Tiwari
United Nations Conference on Trade and Development
154 countries (80 per cent) have enacted CYBERCRIME

LEGISLATION
EUROPE has the HIGHEST ADOPTION RATE (93 per cent)

and ASIA and the Pacific the LOWEST (55 per cent)
Evolving cybercrime landscape and resulting skills gaps are a

SIGNIFICANT CHALLENGE for LAW ENFORCEMENT AGENCIES
and prosecutors, especially for cross-border enforcement
by Anupam Tiwari
by Anupam Tiwari
https://unctad.org/page/cybercrime-legislation-worldwide
by Anupam Tiwari
Legal frameworks addressing cyberspace are
well-developed in DEVELOPED countries
by Anupam Tiwari
In the federal level, U.S. has three fundamental regulations

enacted in HIPAA (1996), Gramm-Leach-Billey Act (1999), and
Homeland Security Act (2002)
by Anupam Tiwari

The Gramm-Leach-Bliley Act requires financial

institutions – companies that offer consumers
financial products to explain their information-
sharing practices to their customers and to
safeguard sensitive data by Anupam Tiwari

Prevent terrorist attacks within the United

States, reduce the vulnerability to terrorism, and
minimize damage and assist in recovery for
terrorist attacks
by Anupam Tiwari
In FRANCE, the national authority has enacted

and developed legal frameworks on
cyberspace since 1988
by Anupam Tiwari
In RUSSIA, the federal authority adopted the Russian Federal

Law on Personal Data no. 152 FZ since 2006
Russia controversially stipulates SECURITY concern as a

priority over PRIVACY RIGHTS and the U.S. have a
similar problem since Snowden’s issue rise into public
attention
Source: Kittichaisaree, Kriangsak. 2017. Public International Law of Cyberspace. New York:
by Anupam Tiwari
Springer.
INDONESIA is in worse condition–its proposed law on
cybersecurity was postponed to be adopted due to massive
student demonstrations in 2019 caused by human rights
concerns
Malaysia does not have a standalone cyber act or bill in

which it creates room for deep state’ intervention to citizen’s
data (ICLG, 2019).
Source : ICLG. 2019. Cybersecurity Laws and Regulations: Malaysia.

https://iclg.com/practice-areas/cybersecurity-laws-andregulations/malaysia
by Anupam Tiwari and Jakarta Globe. 2019. Cybersecurity Bill
Postponed Until Houses Next Term. https://jakartaglobe.id/context/cybersecurity-bill-postponed-until-houses-next-term/
by Anupam Tiwari
BUDAPEST CONVENTION is claimed to be the only

international treaty on cyberspace
Convention on Cybercrime of the Council of Europe (CETS

No.185), known as the Budapest Convention, is the only
binding international instrument on this issue
by Anupam Tiwari
Source: https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185
Serves as a GUIDELINE for any country developing

comprehensive national legislation against Cybercrime and as
a framework for international cooperation between State
Parties to this treaty
The Budapest Convention is supplemented by a Protocol on

Xenophobia and Racism committed through computer
systems
by Anupam Tiwari
Serves as a GUIDELINE for any country developing

comprehensive national legislation against Cybercrime and as
a framework for international cooperation between State
Parties to this treaty
The Budapest Convention is supplemented by a Protocol on

Xenophobia and Racism committed through computer
systems Refers to the fear or hatred of that which is perceived to
be foreign or strange.
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
"They are the founder members, they
will make the law and they will
change the law. We can become a
member but we cannot participate in
making or changing the law,”
https://www.outlookindia.com/newsscroll/india-cant-be-guest-member-of-eu-budapest-
convention-dr-gulshan-rai/1373827
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
https://www.nationaldefensemagazine.org/articles/2020/3/18/geneva-conventions-for-cyber-warriors-long-
by Anupam Tiwari
overdue
COMPLEXITIES & CHALLENGES
IN INTERNATIONAL CYBER
LAWs
by Anupam Tiwari
COMPLEXITIES & CHALLENGES OF INTERNATIONAL LAW
“Complexities & challenges of international law on

cyberspace are increasingly deprived by recent trend on
DIGITAL SOVEREIGNTY INTERPRETATIONS”
Source:
by Anupam Tiwari
https://www.e-ir.info/2020/03/14/international-law-on-cyber-security-in-the-age-of-digital-sove
In recent years, this idea has been gaining traction because of

three historical conjunctures in cyberspace: China and Russia
cyber alliance on digital sovereignty; Snowden and Wikileaks
cases; and the rise of GAFA
Source:
by Anupam Tiwari
In recent years, this idea has been gaining traction because of

three historical conjunctures in cyberspace: China and Russia
cyber alliance on digital sovereignty; Snowden and Wikileaks
cases; and the rise of GAFA
Source:
by Anupam Tiwari
CHINA AND RUSSIA CYBER ALLIANCE ON DIGITAL
SOVEREIGNTY
by Anupam Tiwari
SOVEREIGNTY
Source: by Anupam Tiwari

https://theglobalobservatory.org/2016/12/russia-china-digital-sovereignty-shanghai-cooperation-organizatio
SOVEREIGNTY
Officials and high-profile media figures from Russia and China

met in Guangzhou for the first ever CHINA-RUSSIA INTERNET
MEDIA FORUM in October 2016
Speakers congratulated each other and planned their

collective effort to combat attempts by “Western
mainstream media” to control the informational space
Discussions in detail about the countries’ overlapping

cybersecurity concerns

SOVEREIGNTY
Substantial degree of collaboration was formalized in the context of
heightened Russo-Chinese cooperation with signing of an agreement on
CYBERSECURITY COOPERATION PROVISIONS that primarily included to
limit the use of informational technology designed “to interfere in the
internal affairs of states; undermine SOVEREIGNTY, POLITICAL, ECONOMIC
and SOCIAL STABILITY; [and] DISTURB PUBLIC ORDER”

SOVEREIGNTY
Russian cybersecurity company Kaspersky Labs

reporting 194 Chinese cyberattacks in the first seven months —
compared to just 72 in 2015. These attacks targeted Russian
government agencies, the defense and aerospace industries,
and nuclear technology companies. And they’re probably
UNDERREPORTED: A Kaspersky Labs spokesperson told that
only around 10% of their corporate clients exchange data
related to hacks with their security network.

SOVEREIGNTY
“Despite the attacks, Russia and China have continued their

cybersecurity cooperation, at least publicly. As per Russian
Deputy Minister of Foreign Affairs , representatives of this
ministry and intelligence services hold consultations with
Chinese officials on cybersecurity issues twice a year. Still,
these exchanges do not amount to substantive agreements.”

SOVEREIGNTY
Russia seems impressed!!!!!
by Anupam Tiwari
SOVEREIGNTY
by Anupam Tiwari
The STRONG Chinese HOLD : GFWC
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
DEEP PACKET INSPECTION: Advanced method of examining

and managing network traffic. It is a form of packet filtering
that locates, identifies, classifies, reroutes or blocks packets
with specific data or code payloads that conventional packet
filtering, which examines only packet
by Anupam Tiwari headers, cannot detect
Chinese government uses Deep Packet Inspection to monitor
and censor network traffic and content that it claims is
harmful to Chinese citizens or state interests. This material
includes pornography, information on religion, and political
dissent
Chinese network ISPs use DPI to see if there is any

sensitive keyword going through their network. If so,
the connection will be cut. People within China often
find themselves blocked while accessing Web sites
containing content related to Taiwanese and Tibetan
independence
Source: https://en.wikipedia.org/wiki/Deep_packet_inspection
by Anupam Tiwari
by Anupam Tiwari
GRASS MUD HORSE
Is a Chinese Internet meme created as a mocking
protest against Internet censorship and the Great
Firewall and means literally "fuck your mother“
It has become an Internet chat forum cult

phenomenon in China and has garnered
worldwide press attention, with videos, cartoons
and merchandise of the animal
by Anupam Tiwari
Source: https://en.wikipedia.org/wiki/Grass_Mud_Horse
SOVEREIGNTY
Rather than an alliance, Russia and China have a marriage of convenience that
reflects a shared priority: REGIME STABILITY
On the Russian side, this amounts in part to envy of China’s near-

comprehensive control of national cyberspace.
Russia mentions that efforts at monitoring by china at deep packet

inspection are well-established in Chinese internet infrastructure, and have
thus received a great deal of attention in Russia. Also China has employed
effectively to bypass encryption efforts, may be receiving similar attention
among officials in the Russian government.
Note: Given Russian hostility to consumer encryption, these tools are likely to be particularly

attractive to the state
SNOWDEN & ASSANGE
by Anupam Tiwari
SNOWDEN & ASSANGE
“ Whether Chelsea (formerly Bradley) Manning, Julian

Assange, and Edward Snowden are heroes or traitors is a
divisive question.”
Source: www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwiRvNz86KXwAhUlyzgGHc9dBDQQFjAAegQIBRAD&url=https%3A%2F
%2Fwww.aph.gov.au%2FDocumentStore.ashx%3Fid%3Db52d9a86-9d30-4029-9168-4c429289cb6e%26subId
%3D668365&usg=AOvVaw2mOCX2hF_X0dje4WPreixn by Anupam Tiwari
SNOWDEN & ASSANGE
“ Whether Chelsea (formerly Bradley) Manning, Julian

Assange, and Edward Snowden are heroes or traitors is a
divisive question.”
Well known, the WikiLeaks saga began in 2010 when Manning,

an intelligence
analyst for the US military in Iraq, downloaded the contents
of a secure military database and sent them to WikiLeaks
SNOWDEN & ASSANGE
Documents that Manning leaked to WikiLeaks included more

than 250 000 diplomatic cables from the US State Department,
around 500 000 secret military documents linked to the wars in
Iraq and Afghanistan, confidential files relating to nearly 800
detainees at Guantanamo Bay, and videos of US forces killing
Iraqi and Afghani civilians
SNOWDEN & ASSANGE
Documents that Manning leaked to WikiLeaks included more

than 250 000 diplomatic cables from the US State Department,
around 500 000 secret military documents linked to the wars in
Iraq and Afghanistan, confidential files relating to nearly 800
detainees at Guantanamo Bay, and videos of US forces killing
Iraqi and Afghani civilians
Published in stages on the WikiLeaks website and by

newspapers including The Guardian, The New York
Times, and Der Spiegel
SNOWDEN & ASSANGE
Manning was convicted by US military court of

multiple offences under the US Espionage Act and
sentenced to 35 years’ imprisonment 2010 onwards
until 2017 when her sentence was commuted
There after…suicide attempts, gender change etc and

In out In Out In Out …..continues
SNOWDEN & ASSANGE
Julian Assange, an Australian citizen and founder of

WikiLeaks, remains in London. Assange sought
asylum in June 2012 to evade sexual assault charges
in Sweden, although his larger concern is to avoid
extradition to the United States and possible
reprisals from the US government
SNOWDEN & ASSANGE
Julian Assange, an Australian citizen and founder of

WikiLeaks, remains in London. Assange sought
asylum in June 2012 to evade sexual assault charges
in Sweden, although his larger concern is to avoid
extradition to the United States and possible
reprisals from the US government
During the 2016 US elections, WikiLeaks hosted

emails sent /received by presidential candidate
Hillary Clinton while she was Secretary of State.
United States
SNOWDEN & ASSANGE
The emails had been released by the US State

Department under a Freedom of information request in
February 2016. WikiLeaks also created a SEARCH ENGINE
for the emails which became a major point of discussion
during the presidential election.
SNOWDEN & ASSANGE
The emails had been released by the US State

Department under a Freedom of information request in
February 2016. WikiLeaks also created a SEARCH ENGINE
for the emails which became a major point of discussion
during the presidential election.
In February 2016, Assange wrote: "I have had years of

experience in dealing with Hillary Clinton and have
read thousands of her cables. Hillary lacks judgment
and will push the United States into endless, stupid
wars which spread terrorism. ... she certainly should not
become president of the United States”
SNOWDEN & ASSANGE
On 4 January 2021, Judge Baraitser ruled that Assange

could not be extradited to the United States, citing
concerns about his mental health and the risk of suicide
in a US prison
JUDGE SIDED WITH THE US on every other point,

including whether the charges constituted political
offences and whether he was entitled to freedom of
speech protections
On the same day, President of Mexico said it was ready

to offer political asylum
SNOWDEN & ASSANGE
Meanwhile Edward Snowden released details

of PRISM, a worldwide data mining program
conducted by the US government’s National
Security Agency
SNOWDEN & ASSANGE
Meanwhile Edward Snowden released details

of PRISM, a worldwide data mining program
conducted by the US government’s National
Security Agency
SNOWDEN & ASSANGE
Continues…..
by Anupam Tiwari
GAFA PRIVACY, SECURITY & TAX
ISSUES
by Anupam Tiwari
GAFA PRIVACY, SECURITY & TAX
by Anupam Tiwari
The Indian context
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwit3cXrl5nwAhV64zgGHSjZD5cQFjABegQIBBAD&url=https
%3A%2F%2Fniti.gov.in%2Fsites%2Fdefault%2Ffiles%2F2019- by Anupam Tiwari
07%2FCyberSecurityConclaveAtVigyanBhavanDelhi_1.pdf&usg=AOvVaw3OYxN5diQ7XE-N04oCU6mm
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
Source: https://www.asianlaws.org/blog/the-ultimate-guide-to-global-cyber-laws/
by Anupam Tiwari
Cyber Law of Antigua and Barbuda
The Electronic Crimes Act 2013 penalizes several cyber

crimes including unauthorized access, identify theft,
electronic forgery, electronic fraud, misuse of encryption,
child pornography, electronic terrorism, false websites &
spam
The Electronic Crimes Act 2013 also enables

mobile phone tracking in emergencies
by Anupam Tiwari
Cyber Law of Australia
Australia has a VERY MATURE CYBER LAW ECOSYSTEM comprising
several Acts and Regulations
The Cybercrime Act 2001 was enacted by the Parliament of

Australia primarily to amend the LAW RELATING TO
COMPUTER OFFENCES
The Criminal Code Act 1995 penalizes Unauthorised access, modification

or impairment; with intent to commit a serious offence; Unauthorised
access or modification of restricted data; and Possession of hacking
tools
The Mutual Assistance in Criminal Matters Act 1987 allows for

international assistance in criminal matters to be provided and
obtained by Australia
by Anupam Tiwari
The Enhancing Online Safety Act 2015 establishes an eSafety
Commissioner and contains provisions relating to CYBER BULLYING
The Extradition (Cybercrime) Regulation 2013 read in conjunction

with section 5 of the Extradition Act 1988, DEFINES EXTRADITION
COUNTRIES
The Privacy Act 1998 sets up a scheme for notification of eligible

data breaches
The Spam Act 2003 sets up a scheme for REGULATING

COMMERCIAL EMAIL and other types of commercial
electronic messages
by Anupam Tiwari
The Telecommunications Act 1997 sets up a system for regulating tele-

communications. The Telecommunications (Interception and Access) Act 1979
establishes a system of preserving certain stored communications that are
held by a carrier. The purpose of the preservation is TO PREVENT THE
COMMUNICATIONS FROM BEING DESTROYED before they can be accessed
under certain warrants issued under the Act
by Anupam Tiwari
SYDNEY: Australia Thursday
Cyber Law of Australia passed controversial laws
allowing spies and police to
snoop on the encrypted
communications of
suspected terrorists and
criminals, as experts warned
the "unprecedented
powers" had far-reaching
implications for global
cybersecurity. There has
been extensive debate
about the laws and their
reach beyond Australia's
shores in what is seen as
the latest salvo between
global governments and
tech firms over national
security and privacy.

https://ciso.economictimes.indiatimes.com/news/australia-passes-cyber-snooping-laws-wi
“ The Australian political digital infrastructure is a target in an ongoing nation

state cyber competition which falls just below the threshold of open conflict “
Cyber power states capable of adopting “sophisticated”

measures might include the United States, Israel, Russia,
perhaps Iran and North Korea. Suspicion currently falls on
China.
Source:
https://theconversation.com/a-state-actor-has-targeted-australian-political-parties-bu
by Anupam Tiwari
t-that-shouldnt-surprise-us-111997
Cyber Law of the Commonwealth
The Commonwealth of Nations is a sui generis political

association of 53 member states, nearly all of them former
territories of the British Empire
by Anupam Tiwari
Cyber Law of Council of Europe
The European Union (EU) is a political and economic union of

28 member states – Austria, Belgium, Bulgaria, Croatia,
Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland,
France, Germany, Greece, Hungary, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal,
Romania, Slovakia, Slovenia, Spain, Sweden and the UK
by Anupam Tiwari
Cyber Law of GCC countries
Cooperation Council consisting Bahrain, Kuwait, Oman, Qatar, Saudi
Arabia, and the United Arab Emirates
The purpose of the Arab Convention on Combating Information

Technology Offences is to enhance and strengthen cooperation between
the Arab States in the area of combating
by Anupam Tiwari information technology offences
Cyber Law of United Nations

The United Nations is an international organization
founded in 1945 and is currently made up of 193
Member States.
by Anupam Tiwari
~400 pages
by Anupam Tiwari
~100 pages
by Anupam Tiwari
~100 pages
by Anupam Tiwari
~120 pages
by Anupam Tiwari
at
https://cyberlaw.ccdcoe.org/wiki/Main_Page
by Anupam Tiwari
The Cyber Law Toolkit is a dynamic interactive

web-based resource for legal professionals who
work with matters at the intersection of
international law and cyber operations
Consists of 19 hypothetical scenarios that contain a description

of cyber incidents inspired by real-world examples,
accompanied by DETAILED LEGAL ANALYSIS
by Anupam Tiwari
Aim of the ANALYSIS is to examine the

applicability of international law to the scenarios
and the issues they raise
Product of a yearlong project supported by the UK Economic

and Social Research Council. Partner institutions include the
University of Exeter, NATO Cooperative Cyber Defence Centre
of Excellence (CCDCOE), and the Czech National Cyber and
Information Security Agency (NCISA)
by Anupam Tiwari
19 HYPOTHETICAL SCENARIOS
by Anupam Tiwari
by Anupam Tiwari
https://cyberlaw.ccdcoe.org
/wiki/Main_Page
by Anupam Tiwari
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks have

been designed by the U.S. Department of Commerce, European
Commission and Swiss Administration to provide companies on
both sides of the Atlantic with a mechanism to comply with
data protection requirements when transferring personal data
from the European Union and Switzerland to the United States
in support of transatlantic commerce
by Anupam Tiwari
On July 16, 2020, the Court of Justice of the European Union issued
a judgment declaring as “invalid” the European Commission’s
Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection
provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-
U.S. Privacy Shield Framework is no longer a valid mechanism to comply
with EU data protection requirements when transferring personal data
from the European Union to the United States
by Anupam Tiwari
INTERNATIONAL LAWS ON CYBER SPACE : CHALLENGES
&
CHALLENGES
by Anupam Tiwari
STOP
WAIT
GO
by Anupam Tiwari
CYBER WARFARE CONTEXT
by Anupam Tiwari
by Anupam Tiwari
REASONABLE
ABSOLUTE
by Anupam Tiwari
Michael N. Schmitt
BIG DIFFERENCES between

THEORY & PRACTICAL realizations
by Anupam Tiwari
Michael N. Schmitt
SMALLER vs BIGGER
Countries
by Anupam Tiwari
Michael N. Schmitt
Version 1: The lawyer authors premised cloud as

something up in the sky, not aware of internet cables
Self confessed by author at

by Anupam Tiwari
https://www.youtube.com/watch?v=w38HSUlnX6U 26:03
To prove it
by Anupam Tiwari
FEW EXAMPLES : CHALLENGES IN CLARITY
“….act in a reasonable way to defy threat”
“….will be binding if it is made in good faith”
“….when reasonable then….”
“….when appropriate, it acts…..”
“….when it is inevitable, then…..”
“….it is obvious but under limits…..”

by Anupam Tiwari
by Anupam Tiwari
G E S
G E S 648 PA
303 PA
by Anupam Tiwari
Charter of the United Nations: Article 51
“Nothing in the present Charter shall impair the inherent right

of individual or collective self-defence if an armed attack
occurs against a Member of the United Nations, until the
Security Council has taken measures necessary to maintain
international peace and security
by Anupam Tiwari
Source : https://legal.un.org/repertory/art51.shtml
Charter of the United Nations: Article 51
“Nothing in the present Charter shall impair the inherent right

of individual or collective self-defence if an armed attack
occurs against a Member of the United Nations, until the
Security Council has taken measures necessary to maintain
international peace and security
by Anupam Tiwari
Source : https://legal.un.org/repertory/art51.shtml
TALLINN MANUAL 1.0
As per Schmitt, the group for Tallinn manual

Version 1.0 came up in 14 seconds as per
knowledge CENTRAL to him that mostly
included his own peers, friends and extended
friends
by Anupam Tiwari
ed , t hen
re a tta ck
b s ite s a
0 0 0 w e c h o f
If > = 1 0 d a br e a
… ns id e r e
b e c o
it will y… .
e re ig n t
so v
by Anupam Tiwari
ed , t hen
re a tta ck
b s ite s a
0 0 0 w e c h o f
If > = 1 0 d a br e a
… ns id e r e
b e c o
it will y… .
e re ig n t
so v
…Ok…we will attack 9999 websites
by Anupam Tiwari
“Whatever you agree to or propose in the

policy/rule/standard , do not agree/propose to anything
that might strike at your state in future circumstances”
“BIND every CONCEIVABLE ADVERSARY as hard

as you can”
by Anupam Tiwari
ABSENCE of effective international legal instruments on

cyberspace has largely been discussed in theoretical and
policy-making debates as the complexities in cyberspace
render difficult for actors to come into agreements, let alone
making agreeable binding law
by Anupam Tiwari
STATES must take more influential roles in formulating

international law on cyberspace
Those who insist that cyberspace should remain a FREE and

DIFFUSED DOMAIN
3
Importance of THE INTERNATIONAL INSTITUTION and rule-
based multilateralism in managing
by Anupam Tiwari
cyberspace
International actors have not come into agreement

on the status of cyberspace whether it is global
commons, belongs to physical states’ territory, or
based on their national origins
As a result, it creates MAJOR CHALLENGES to

determine JURISDICTION of international cyber
law until today
Source: Liaropoulos, Andrew. 2017. “Cyberspace Governance andTiwari

by Anupam State Sovereignty”, in Democracy and an Open-Economy
World Order, ed. George Bitros & Nicholas Kyriazis. Cham: Springer.
Further COMPLICATED by the fact that in the past few years

several international actors, mostly state actors, promote the
idea of DIGITAL SOVEREIGNTY to promote their interest to
take back control on information, communication, data, and
infrastructure related to the internet
Consequently, this creates harder

challenges on possible future international law on
CYBERSECURITY
Source: Gueham, Farid. 2017. Digital Sovereignty – Steps Towards a New System of Internet
by Anupam Tiwari
Governance. Paris: Fondapol
When does STATE SPONSORSHIP of NON-

STATE CYBER OPERATIONS result in the two
states being “at war”?
by Anupam Tiwari
by Anupam Tiwari
Cyber attacks on the US banking sector have been attributed

primarily to the Izz ad-Din al-Qassam Cyber Fighters, a group
that launched them in response to the YouTube release of the
movie “Innocence of Muslims” and its alleged insult to the
Prophet Mohammed. Whether the Iranian government played
a part, and if so how, REMAINS UNCERTAIN.
Source: Ellen Nakashima, “Iran Blamed for Cyberattacks on US Banks and Companies,” The Washington Post, September 21,
2012, l; Jeb Boone,“Who Are the Izz Ad-Din Al-Qassam Cyber Fighters?”
by Anupam GlobalPost, November 9, 2012,
Tiwari
http://www.globalpost.com/dispatches/globalpost-blogs/thegrid/who-are-the-izz-ad-din-al-qassam-cyberfighters
PLEASE BEAR WITH LONG TEXT
“A state agent hacks into a computer belonging to a private company
in another state in order to extract a ransom. The control and authority
over the computer are with the private company that owns the computer.
The computer and its contents have no relationship with the state’s
exercise of its powers save for such purposes as criminal law
enforcement. As per xxx Law, a state’s inherently sovereign powers
relate to areas over which a state has exclusive control, including state
infrastructure, rather than private citizens. If this is correct, such cyber
activity would not violate the independent powers of the state in which
the computer is located and neither could the activity be construed
as intervention, regardless of whether it is coercive”
by Anupam Tiwari
Source: https://www.chathamhouse.org/2019/12/application-international-law-state-cyberattacks/4-application-law-case-studies
A state agent remotely shuts down the operation of a dominant internet
platform provider (such as Facebook) in another state, such that the entire
population of the latter state is unable to access the platform for three
days. On the basis of the above, only if the shutting down of the company
had a direct effect on the territorial state’s exercise of its inherently
sovereign functions. Would the state-sponsored cyber activities constitute
a violation of the territorial state’s sovereignty? If, for example, the
platform provider operated a portal on which a significant proportion
of the population were exclusively dependent to submit welfare claims,
that could be regarded as constituting a violation of sovereignty and the
non-intervention principle.
by Anupam Tiwari
“In 2014, the Sands Casino in the US suffered a cyberattack, which

is suspected to have been carried out by Iran. Notwithstanding the
extensive damage done to the operation (including the wiping of hard
drives and permanent erasure of a vast quantity of essential data), the
US did not frame the operation as a violation of international law; the FBI
investigated it in conjunction with local state police, but no further action
was taken”
This kind of activity WOULD BE A CRIMINAL ACT UNDER THE DOMESTIC

LAW of almost any country..but then international cyber space…???!!!!!
by Anupam Tiwari
In November 2014 , Sony PicturesSony’s US affiliate was
hacked and confidential data extracted from its servers,
followed by the release of a huge quantity of personal data
More than 70 per cent of Sony’s

computers were rendered inoperable
by the malware
Evidence suggests that the motive for the attack was

to persuade Sony not to release a film (‘The Interview’)
about North Korea, to which North Korea objected
by Anupam Tiwari
The US attributed the cyberattack to North Korea
Incident constitutes an exercise of law enforcement power on the part

of North Korea (assuming that criticizing North Korea’s leader, Kim Jong-
un, is a criminal offence)
That would fit the definition of violation of sovereignty used above
Secretary of State said that the hack ‘violated international norms but NO
ACTION except few sanctions effected and criticism of North Korea
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
Cody Wilson
by Anupam Tiwari
Cody Wilson
Click, Print, Shoot!
Unimaginable as it may
sound, Cody Wilson, a law
student at the University
of Texas has made it
possible. Wilson created
the world’s first entirely
3d printed gun and named
it “The Liberator” as a
homage to the one-shot
pistols designed to be air-
dropped by the Allies over
France during its Nazi
occupation in World War
II by Anupam Tiwari
Three days after the plans were

released, the United States
Department of State demanded
that IT must retract the plans from
public availability. However, the
plans were downloaded over
100,000 times within those two
days. Later, the design even
appeared on The Pirate Bay and
the plans for the gun remain
available across the internet even
today
by Anupam Tiwari
“To prove their responsibility requires evidence

of reports received, orders given and how
policies were set.”People with such information
should contact the investigators through secure
means of communication, he added, citing apps
such as Signal
by Anupam Tiwari or a ProtonMail account.
Supposedly Iran conducted distributed denial of service campaign in 2011–

13 against the US financial sector which involved a sophisticated, globally
distributed network of compromised computer systems (a botnet),
reaching a cumulative total of 176 days of attacks
Harm sustained by US financial institutions targeted by the

operation ran into tens of millions of dollars
But how it ended up was with certain individuals involved indicted by the
US government in 2016 for attacking critical infrastructure
by Anupam Tiwari
A state could use cyber operations to manipulate another country’s electoral
infrastructure
For example, a hacking operation that tampers with the election results; changing
the status of voters on the roll so that their vote is listed only as provisional;
or deleting voters’ names from the electoral roll.
In 2014 cyberattackers accessed the computer of Ukraine’s Central

Election Commission and changed the result of the presidential election
to show the winner as a far-right candidate
In 2016, the website of Ghana’s Central Election Commission was hacked and false
results announced from the Commission’s Twitter account while votes were still
being counted
by Anupam Tiwari
“In response to cyberattacks
on their election
infrastructure, some states
have designated their
electoral infrastructure
as critical national
infrastructure. This brings
electoral infrastructure
within the scope of the
consensus report of the 2015
UN Group of Governmental
Experts”
by Anupam Tiwari
Source: https://leidensecurityandglobalaffairs.nl/articles/turning-down-the-heat-on-cyber-norms
States have peddled propaganda in other states for centuries

and advent of the internet has made this further easier. For
example through the use of bots operated from outside the
territory to circulate posts on social media about a particular
electoral candidate without the consent of the target state.
In the non-cyber context, if the information circulated
as propaganda is factual and neutral, such activity is not
by Anupam Tiwari
considered to be a breach of the non-intervention principle
…………….
Source: For an excellent review of State and non-State activities in cyberspace, see Kenneth Geers etal., World War C:
Understanding Nation-State Motives Behind Today’s Advanced
by AnupamCyber Attacks (Fire-Eye Labs), accessed January 31, 2014,
Tiwari
http://www.fireeye.com/resources/pdfs/fireeye-wwc-report.pdf.
Experts that drafted the Tallinn Manual struggled with the

application of the principle of sovereignty
While all AGREED that a cyber operation by another state that caused
damage to cyber infrastructure violated the territorial state’s
sovereignty, whereas mere CYBER MONITORING DID NOT
BUT
DISAGREED over whether PLACING MALWARE INTO CYBER
INFRASTRUCTURE or altering or destroying data qualified as a violation
by Anupam Tiwari
Experts that drafted the Tallinn Manual struggled with the

application of the principle of sovereignty
By this logic,
A cyber operation by State A that alters critical data stored in a
server on State B’s territory violates State B’s sovereignty.
BUT
However, if State B stored the same data in State C, State A’s
operation would only violate State C’s sovereignty
by Anupam Tiwari
Source site: https://www.yjil.yale.edu/grey-zones-in-the-international-law-of-cyberspace/
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
As Russia operates in this GRAY ZONE which does
not have clear laws established they get two
advantages:
by Anupam Tiwari
advantages:
Firstly : Makes it hard globally to condemn and

blame them DIRECTLY, also a GLOBAL CONSENSUS is
NOT reached to conclude that what they have done
is wrong
by Anupam Tiwari
advantages:
Firstly : Makes it hard globally to condemn and

blame them DIRECTLY, also a GLOBAL CONSENSUS is
NOT reached to conclude that what they have done
is wrong
Secondly, it COMPLICATES the RESPONSE option i.e.

no legal frames by Anupam Tiwari
by Anupam Tiwari
Democratic National Committee cyber attacks took
place in 2015 and 2016, in which Russian computer
hackers infiltrated the Democratic National
Committee (DNC) computer network, leading to a
data breach
Cybersecurity EXPERTS, as well as the U.S.

government, determined that the cyberespionage
was the WORK OF RUSSIAN INTELLIGENCE agencies
by Anupam Tiwari
On December 9, 2016, CIA concluded Russia
conducted the cyberattacks and other
operations during the 2016 U.S. election to
ASSIST DONALD TRUMP in winning the
presidency
Multiple U.S. intelligence agencies

CONCLUDED that Russian government
provided WikiLeaks with the stolen
emails from the DNC, as well as stolen
emails
by Anupam Tiwari from Hillary Clinton
So proven on one side
technically that this is violation
of US SOVEREIGNITY
But then it lacked clarity as per

Russian side, so US could only
EXPEL DIPLOMATS and IMPOSE
SANCTIONS by Anupam Tiwari
So as per Schmitt, RUSSIA likes Gray Areas to
operate in
by Anupam Tiwari
CYBERSPACE Anonymity
RELATIVE ANONYMITY of the Internet allows for a near

perfect deniability, as was the case in Estonia
All one has to do is either originate the attack

from or ROUTE the traffic through a country
that is not willing to cooperate
Makes it almost IMPOSSIBLE to bring the attackers to JUSTICE,

especially when considering the lack of common international
legal grounds for these new types of attacks and conflicts
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
TALLINN MANUAL 2.0
“Ultimately, Tallinn Manual 2.0 must be understood only

as an expression of the opinions of the two
International Groups of Experts as to the state of the
law. This Manual is meant to be a reflection of the law
as it existed at the point of Manual’s adoption by the
two International Groups of Expert in June 2016. In is
not a ‘best practices’ guide, does not represent
‘progressive development of the law’, and is policy and
politics-neutral. In other words, Tallinn Manual 2.0 is
intended as an objective restatement of the lex lata”
Lex lata (also called de lege lata) is a Latin expression that means "the law as it exists"
by Anupam Tiwari
TALLINN MANUAL 1.0 vs 2.0
The first Tallinn Manual dealt with the law applicable

to armed conflict
and
The second deals with a much broader type of cyber

operations—those both in and out of armed conflict
by Anupam Tiwari
TALLINN MANUAL: EXPERT GROUPS
The first group included the law of armed conflict (LOAC)

experts primarily from the Western Hemisphere. In
response to criticism, the international group of experts for
Tallinn 2.0 was broader both in origin (including members
from Thailand, Japan, China, and Belarus) and substantive
expertise (including experts in human rights, space law,
and international telecommunications law)
by Anupam Tiwari
The International Committee of the Red Cross (ICRC) was
invited to send observers to both groups, as were other states
and organizations
Also, the Manual is divided into FOUR PARTS
 Part one deals with general international law and cyberspace.
 The second part covers specialized regimes of international law and

cyberspace.
 Third concerns international peace and security and cyber activities

are highlighted, which is drawn mostly from Tallinn 1.0.
 The last part is the rest of Tallinn 1.0 and applies to the law of cyber
armed conflict.
by Anupam Tiwari
In many cases, its panel of drafters was
unable to reach a consensus, illustrating the
complexities that still haunt the cyber world.
by Anupam Tiwari
It finds that its panelists “were incapable of

achieving consensus as to whether remote
cyber espionage reaching a particular
threshold of severity violates international
law
by Anupam Tiwari
Countermeasures to a CYBER OPERATION
RULE NINE establishes that the mere fact alone that a cyberattack
originates in a state’s territory and that a cyberattack is routed through a
state’s cyber infrastructure is NOT ENOUGH to attribute that attack to the
state in question. Therefore, rule nine regulates a victimized state’s
potential countermeasures to a cyber operation.
by Anupam Tiwari
Countermeasures to a CYBER OPERATION
RULE NINE establishes that the mere fact alone that a cyberattack
originates in a state’s territory and that a cyberattack is routed through a
state’s cyber infrastructure is NOT ENOUGH to attribute that attack to the
state in question. Therefore, rule nine regulates a victimized state’s
potential countermeasures to a cyber operation.
“[a] State injured by an internationally wrongful act may resort to

proportionate countermeasures, including cyber countermeasures,
against the responsible State.”
by Anupam Tiwari
Protection of the PoW in the CYBER ERA
“Prohibited cyber actions include posting defamatory information that
reveals embarrassing or derogatory information or their emotional state.
This would embrace, for example, posting information or images on the
Internet that could be demeaning or that could subject prisoners of war or
interned protected persons to public ridicule or public curiosity… guard
against intrusion by public and private actors into the communications,
financial assets, or electronic records of prisoners of war or interned
protected persons.”
Experts interpret traditional Geneva Convention protections for

prisoners of war in the cyber era
by Anupam Tiwari
Source: Tallinn Manual 2.0 page 522
“Though both the Manuals are non-binding instruments, the

Group of International Experts claimed that they reflected the
lex lata applicable to cyber operations. However, this claim is
questionable due to the dominating role of a few Western
states in the drafting process and the linked neglect of the
practice of “affected states” in cyber operations”
Source:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjMtO2QsaXwAhXOfH0KHax
vBUcQFjAFegQICxAD&url=https%3A%2F%2Fjournals.muni.cz%2Fmujlt%2Farticle%2Fdownload%2F11810%2F10665&usg=AOvV
by Anupam Tiwari
aw3Gi6biqps0IhNUez2Aimzo
Do we need a Tallinn Manual 3.0?
Criticism in the previous efforts was many states felt sidelined as their
viewpoints were not taken into consideration. Therefore, many experts
suggest that we NEED A TALLINN MANUAL 3.0, taking into account the
private interests and the interests of the Non-NATO member states from a
much broader spectrum
Another challenge highlighted in the previous capacity building effort was that
“the states didn’t want anyone to tell them what to do in the cyberspace.”
They want to leverage the cyberspace to fight a proxy war. Therefore, Tallinn
Manual 3.0 must be made with defined mechanisms of accountability, and all
the ambiguities must be addressed. Also, it must take into account incidents of
cyber-espionage and deem the act wrongful

https://medium.com/@cyberdiplomacy/tallinn-manual-a-brief-review-of-the-international-law-applicable-to-cyber-operatio
POSSIBLE WAYS OUT?
by Anupam Tiwari
The Paris Call for Trust and Security in Cyberspace of 12
November 2018 is a call to come together to face the new
threats endangering citizens and infrastructure
Based around nine common principles to secure

cyberspace, which act as many areas for discussion
and action
by Anupam Tiwari
The Paris Call invites all cyberspace actors to
work together and encourage States to
cooperate with private sector partners, the
world of research and civil society
The supporters of the Paris Call commit to working

together to adopt responsible behavior and
implement within cyberspace the fundamental
principles which apply in the physical world
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
by Anupam Tiwari
REALISATIONS AND STATE
LOT’s of efforts taking place globally but CONSENSUS missing
among all
All efforts in ISOLATION while least ISOLATION efforts

expected
SERIOUS TRANSPARENT efforts required for true realisation of

global cyber hygiene
GLOBAL COMMONS criteria for CYBER SPACE

A term typically used to describe international, supranational,
and global resource domains in which common-pool
resources are found. Global commons include the earth's
shared natural resources, such as the high oceans, the
atmosphere and outer space and the Antarctic in particular.
by Anupam Tiwari
NO END TO LEARNING THE WORLD AROUND ME
THANK YOU
anupamtiwari@protonmail.com
by Anupam Tiwari

TALLINN MANUAL and GLOBAL CYBER WARFARE POLICIES

Uploaded by

Document Information

Copyright

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

TALLINN MANUAL and GLOBAL CYBER WARFARE POLICIES

Uploaded by

Copyright:

Module 19

Cyber Warfare & Tallinn

NOTE: Questions can be posted in the chat window or can be taken on at

FOR AUDIENCE RETENTION,SLIDES ARE

Bitcoin & other crypto-currencies E-commerce Software licenses

Cryptography Electronic & Digital Signatures Telemedicine Online education

Cyber Crime Investigation and Forensics Video conferencing

Cyber Insurance Online share trading, banking, and tax filing

Hacking, malware, ransomware, and other Extradition of cyber criminals

Bitcoin & other crypto-currencies E-commerce Software licenses

Cryptography Electronic & Digital Signatures Telemedicine Online education

Cyber Crime Investigation and Forensics Video conferencing

Cyber Insurance Online share trading, banking, and tax filing

Hacking, malware, ransomware, and other Extradition of cyber criminals

STEP 3 : Global view : Awesome CONFUSION

STEP 2 : Connecting DOTS: Little CONFUSION

STEP 1 : Simple Understanding: No CONFUSION

HOME to the NATO Cyber Defence Centre of Excellence &

The Tallinn Manual is an academic, non-binding

While as on date the strength is 30

NATO's essential and enduring purpose is TO

COLLECTIVE DEFENCE is at the heart of the

 Deterring SOVIET EXPANSIONISM

 FORBIDDING revival of nationalist MILITARISM in

 Encouraging European POLITICAL INTEGRATION

NATO's Headquarters are located in Haren, Brussels, Belgium,

The monument depicting a Soviet soldier

For the local Russian minority it

Over years, the STATUE had become a

Work began on the 26th of April 2007 and during the

POLITICAL DIFFERENCES over the interpretation of the

This came amidst the COUNTRY‘s DISAGREEMENT

The events caught INTERNATIONAL

Research has also shown that large conflicts took

Attacks originated in Guangdong, China

Believed to be associated with a STATE-SPONSORED

Titan Rain hackers GAINED ACCESS to many United

Vast majority of the malicious traffic

Malicious traffic contained clear indications of

On 2 May 2007, a criminal investigation was

As a number of attackers turned out to be within the

On 28 June, RUSSIAN SUPREME Procurature REFUSED

On 24 January 2008, Dmitri Galushkevich, a

Dmitri Galuškevitš conviction was POSSIBLE because

Since 2008, RUSSIAN AUTHORITIES have been

On 14 June 2007, DEFENCE MINISTERS of NATO org

The assessment resulted in a report issued

Developed into the creation of a cyber defense policy

The report OUTLINED

The manual includes a total of NINETY-FIVE "BLACK-

Located in Tallinn, Estonia

Tallinn Manual originally entitled,

Tallinn Manual has WORKED TO PROVIDE A

The manual suggests that states do not

"refers to the CONDITIONS under which

These rules FOCUS on certain CRITERIA

IHL is purely humanitarian, seeking to

Independent from questions about the

NON-STATE ACTORS include organizations and

In United States law, a STATE ACTOR is a person who

Is a Latin expression that means "the law

Is a Latin expression that means "future law" used in

In any state, sovereignty is assigned to the PERSON, BODY,

In political theory, sovereignty is a SUBSTANTIVE TERM

In international law, sovereignty is the Exercise of Power by A

Idea to CONTROL AND GOVERN ACCESS,

154 countries (80 per cent) have enacted CYBERCRIME