With the Pentagon finally officially indicating China is responsible for cyberattacks on the United States, Duncan Hollis, professor of Law at Temple University, is available to talk about the legal implications on China’s actions. His four main points:

1) The U.S. effort to pin China with responsibility for launching cyber operations against the United States is a significant step; prior accusations had come from third parties or speeches by individual government officials.

2) Unfortunately, saying China “did it” is unlikely to change China’s behavior– China’s been accused of similar operations by other governments in the past with little apparent effect.

3) Nor is it clear that the general U.S. accusation means much legally. China may be violating U.S. laws, but it’s less clear that its violating international law. Spying – which is mostly what China’s being accused of – is not illegal under international law. Indeed, States have long looked the other way at espionage presumably so they can do it too (and it’s clear the U.S. is doing similar cyber-operations to others, presumably including China, albeit we don’t know with what success).

4) But even if the U.S. accusation is unlikely to have much effect, there are real dangers here. At some point, China’s snooping could technically constitute a true cyberattack – the same technology used to steal secrets from a power plant or U.S. dam could also be repurposed to disrupt or even destroy it. And it’s not at all clear where the line between spying and attacking lies, which leaves open the possibility that what one side thinks is permissible spying the other treats as an illegal act of war.

Duncan Hollis is a leading thinker on the different ways law can regulate cyberthreats, including national and transnational approaches to cybercrime, cyberespionage, and cyberwar. Before entering the academy, Professor Hollis spent more than six years working in the U.S. State Department Office of the Legal Adviser. In that role, he served as a member of the U.S. delegation that negotiated the final clauses of the 2000 Council of Europe Convention on Cybercrime. Since then, Professor Hollis has written extensively on law’s relationship to cyberthreats, lecturing across the globe from Harvard Law School to the American Chamber of Commerce in Tokyo. He is a regular participant in various inter-disciplinary workshops on cyber policy, including the MIT/Harvard Program on Explorations in Cyber International Relations, the University of Toronto’s Cyber Dialogue, and the United States Naval Academy’s McCain Conference on Ethics in Cyberspace. Professor Hollis is an elected member of the American Law Institute and a regular contributor to Opinio Juris, one of the leading blogs on international law and international relations.

MEDIA CONTACT
Register for reporter access to contact details