Collective Security

15
Collective security
Rule 76 – United Nations Security Council

Should the United Nations Security Council determine that a cyber
operation constitutes a threat to the peace, breach of the peace, or act
of aggression, it may authorise non-forceful measures, including cyber
operations, in response. If the Security Council considers such meas-
ures to be inadequate, it may decide upon forceful measures, includ-
ing cyber measures.
1. This Rule is based on Chapter VII of the United Nations Charter.
Article 39 of the Charter empowers the Security Council to ‘determine
the existence of any threat to the peace, breach of the peace, or act of
aggression and [to] make recommendations, or decide what measures
shall be taken in accordance with Articles 41 and 42, to maintain or
restore international peace and security’. To date, the Security Council
has never determined that a cyber operation constitutes a threat to the
peace, breach of the peace, or act of aggression. However, it is incon-
trovertible that the Security Council has the authority to do so.
2. Although the Security Council typically exercises its authority
under Article 39 with regard to specific incidents or situations, it has
labelled two significant phenomena as threats to the peace – inter-
national terrorism848 and the proliferation of weapons of mass destruc-
tion.849 The Security Council could equally decide that particular types
of cyber operations amount to a threat to the peace, breach of the peace,
or act of aggression in abstracto, that is, without reference to particular
acts that have occurred or are about to occur. For instance, it is within
the authority of the Security Council to determine that cyber operations
directed at national banking systems or critical national infrastructure
qualify as such.
848
See, e.g., SC Res. 1373, UN Doc. S/RES/2001 (28 September 2001).
849
See, e.g., SC Res. 1540, UN Doc. S/RES/1540 (28 April 2004).
357
Downloaded from https://www.cambridge.org/core. IP address: 5.108.156.156, on 07 Jan 2022 at 18:02:12, subject to the Cambridge Core terms of
use, available at https://www.cambridge.org/core/terms. https://doi.org/10.1017/9781316822524.021
358 international peace and security
3. Once it has made the Article 39 determination, the Security
Council may consider taking measures pursuant to Article 41. That
Article provides that the Council ‘may decide what measures not involv-
ing the use of armed force are to be employed to give effect to its
decisions, and it may call upon the Members of the United Nations to
apply such measures. These may include complete or partial interruption
of economic relations and of rail, sea, air, postal, telegraphic, radio, and
other means of communication, and the severance of diplomatic rela-
tions’. Non-forceful measures are those that do not rise to the level of a
use of force (Rule 68). The list of measures referred to in Article 41 of the
Charter is not exhaustive.850
4. The reference to ‘complete or partial interruption of . . . postal,
telegraphic, radio and other means of communication’ in Article 41 is
especially important in the cyber context. This provision, in light of the
Council’s wide margin of discretion, confirms that the Security Council
may decide upon a complete or partial interruption of cyber communi-
cations with a State or non-State actor.851
5. All United Nations Member States are obliged to implement
Security Council decisions (as distinct from recommendations) under
Chapter VII of the UN Charter.852 Generally, Security Council reso-
lutions leave it to States to decide upon the specific means by which
they fulfil their obligation to implement the Council’s decisions at the
domestic level. In the case of sanctions involving cyber communi-
cations, domestic implementation would be indispensable. For
instance, it may be necessary to require Internet service providers
(government and private alike) to adopt restrictive measures such as
domain name blacklisting or packet routing filtering in order to
comply with a binding Security Council resolution. Accordingly,
States might have to adopt domestic legislation or regulations that
compel Internet service providers subject to their jurisdiction (Rule 8)
to take the necessary action.
850
Tadić, decision on the defence motion for interlocutory appeal, para. 35.
851
For example, in 2001, the Monitoring Mechanism on Sanctions against UNITA raised
the possibility of measures being taken to interrupt Internet connections with UNITA.
Monitoring Mechanism on Sanctions against UNITA Report, appended to Letter from
the Chairman of the Security Council Committee established pursuant to Resolution
864 to the President of the Security Council, paras. 64–69, UN Doc. S/2001/966 (12
October 2001).
852
UN Charter, Art. 25.
collective security 359
6. The second sentence of this Rule is based on Article 42 of the
Charter.853 Once the Security Council determines that a threat to the
peace, breach of the peace, or act of aggression exists and that non-
forceful measures would be inadequate, or have proven to be inadequate,
to maintain or restore international peace or security,854 it may authorise
the use of force (Rule 68), including by cyber means. Consider a situation
in which a State is developing a nuclear weapons capability. That State
has ignored demands by the Security Council to put an end to its
activities and has weathered economic sanctions authorised pursuant to
Article 41. The Security Council could authorise Member States to
conduct cyber operations against that State designed to disrupt the
weapons programme.
7. In the context of this Rule, the Security Council often provides
that ‘all necessary measures’ (or similar language) may be taken to
implement a resolution.855 The phrase implies the authority to employ
cyber operations at the use of force level against the State or entity that is
the object of the resolution in question. It also encompasses taking
kinetic action against the cyber capabilities of that State or entity. Of
course, any measures taken must fall within the scope of the resolution’s
mandate or authorisation. On the distinction between mandates and
authorisations, see Rule 77.
8. While Article 42 indicates that enforcement measures may be
taken by ‘air, sea or land forces of Members of the United Nations’, the
International Group of Experts agreed that any action undertaken on the
basis of this Rule may be implemented by, or against, cyberspace
capabilities.
853
Art. 42 of the UN Charter provides: ‘Should the Security Council consider that
measures provided for in Article 41 would be inadequate or have proved to be
inadequate, it may take such action by air, sea, or land forces as may be necessary to
maintain or restore international peace and security. Such action may include
demonstrations, blockade, and other operations by air, sea, or land forces of
Members of the United Nations.’
854
As the wording of this Rule makes clear, ‘measures not involving the use of armed force’
do not need to have been actually taken, i.e., the UN Security Council may immediately
resort to the measures envisioned under the second sentence of this Rule.
855
An example can be found in SC Res. 678, UN Doc. S/RES/678, para. 2 (29
November 1991), which provides: ‘Authorizes Member States co-operating with
the Government of Kuwait, unless Iraq on or before 15 January 1991 fully
implements . . . the above-mentioned resolutions, to use all necessary means to
uphold and implement resolution 660 (1990) and all subsequent relevant resolutions
and to restore international peace and security in the area.’
9. It is clear that, pursuant to Article 103 of the UN Charter, the
Security Council need not take into consideration the legal obligations of
Member States when acting under Chapter VII. In this context, it is
important to note that a State’s international law obligations are only
overridden by operation of the Article for such period as is necessary to
give effect to the Security Council resolution in question. It remains
uncertain whether other rules of international law limit the authority of
the Security Council to authorise or mandate action. For instance, con-
ducting cyber attacks against civilian objects would generally violate the
law of armed conflict (Rule 94), but it is unclear whether a Security
Council authorisation to conduct such attacks would, as a matter of law,
override the prohibition. Whatever the case, a Security Council decision
to disregard rules of international law should not be taken lightly. The
International Group of Experts agreed that under no circumstances may
the Security Council deviate from rules of a jus cogens nature.
10. Peace operations are dealt with more fully in Rule 78.
Rule 77 – Regional organisations

International organisations, arrangements, or agencies of a regional
character may conduct enforcement actions, involving or in response
to cyber operations, pursuant to a mandate from, or authorisation by,
the United Nations Security Council.
1. This Rule is based on Chapters VII and VIII of the UN Charter
whereby the Security Council may turn to regional arrangements or
agencies for enforcement action under its authority. While there is
general agreement that a regional organisation has the power to under-
take the type of non-forceful action referred to in Article 41 of the UN
Charter without Security Council authorisation, it is a point of conten-
tion in international law as to whether the regional arrangement or
agency may engage in the sort of enforcement actions encompassed in
Article 42 absent express prior authorisation. On the application of
Articles 41 and 42 in the cyber context, see Rule 76.
2. The term ‘regional’ is drawn from Article 52(1) of the UN Charter,
according to which the arrangements or agencies addressed in Chapter
VIII of the Charter are regional systems of collective security ‘appropriate
for regional action’. Qualification as a regional arrangement or agency is
not clear-cut. For instance, NATO has always taken the position that it is
not such an organisation because its purpose is primarily one of collective
defence as opposed to collective security. With respect to this Rule,
technical qualification as a regional organisation is irrelevant because
the Security Council may authorise the taking of enforcement measures
by any grouping of States, whether established in advance or on an ad hoc
basis, irrespective of any geographical or other limitations in the consti-
tutive instrument of the organisation.
3. The phrase ‘enforcement actions’ in this Rule derives from Article
53(1) of the UN Charter.856 It refers to the power conferred on the
Security Council under Articles 41 and 42, that is, to authorise or
mandate non-forceful or forceful measures in order to maintain or
restore international peace and security. Enforcement action must be
distinguished from action (including cyber operations) taken by regional
arrangements or agencies on the basis of collective self-defence (Rule 74).
4. The text of the Rule makes clear that enforcement actions by
regional arrangements or agencies may include cyber operations. It also
recognises that enforcement actions may be taken in response to situ-
ations consisting in part or in whole of cyber activities.
5. The terms ‘mandate’ and ‘authorisation’ respectively distinguish
situations in which the Security Council specifically designates a particu-
lar entity to conduct operations from those in which individual States or
regional entities act pursuant to a broader authorisation by the Security
Council that has not specifically designated them, such as an ad hoc
coalition. (See also discussion in Rule 78).
Rule 78 – Peace operations

When conducting peace operations, States may engage in cyber oper-
ations in conformity with the peace operation’s mandate or author-
isation and applicable international law.
1. ‘Peace operations’, for the purposes of this Manual, comprise both
peacekeeping and peace enforcement operations.857 Peace operations can
consist of both military and civilian components, while their forces can
include military, law enforcement, and support personnel. Such
856
This phrase or equivalent phrases were also used in UN Charter, Arts. 2(5) and (7), 5,
11(2), 45, 48–50. None of these provisions contains a definition.
857
The term ‘peace operations’ also encompasses ‘peace building’ operations, that is, those
operations intended to reduce the risk of lapsing into conflict. They involve
strengthening national capacities for conflict management and laying the foundation
for sustainable peace and development. See Capstone Doctrine, at 18.
operations may, under the circumstances described below, employ cyber
operations to fulfil their mandate or authorisation.
2. ‘Peacekeeping’ operations may be conducted pursuant to a man-
date issued, or authorisation granted, by an appropriate international
organisation. Of particular note are those mandated or authorised by the
UN Security Council under Chapter VI of the UN Charter. Peacekeeping
operations may also be conducted by States acting on their own accord,
either individually or in a coalition with other States.
3. By contrast, a mandate or authorisation issued by the Security
Council under Chapter VII of the UN Charter (Rule 76) is a fundamental
precondition for ‘peace enforcement’ operations. Such operations may,
when consistent with the mandate or authorisation or as necessary in
self-defence, engage in cyber operations at the use of force level (Rule 68).
4. Mandates or authorisations to conduct peace enforcement oper-
ations may also be granted in conformity with the constituent treaty of a
regional organisation under Chapter VIII of the UN Charter. The
approval of the Security Council is, pursuant to Article 53(1) of the UN
Charter, necessary. On the specific case of regional organisations, see
Rule 77.
5. National self-defence operations under Article 51 of the UN
Charter, whether exercised individually by a single State or collectively
by a coalition of States or a military alliance, are addressed in Rules
71–75. They are not ‘peace operations’ in the sense of this Chapter.
6. On the terms ‘mandate’ and ‘authorisation’, see Rule 77. Note that
mandates may be granted to forces under UN command and control,858
a regional organisation (Rule 77), an ad hoc coalition, or an
individual State.
7. Cyber operations undertaken during a peace operation must be
conducted within the scope of the operation’s mandate or authorisation.
Mandates and authorisations typically set forth the tasks allocated to a
peace force, as well as those measures that the peace force may take to
perform the tasks, but are unlikely to expressly mention the use of cyber
operations.
8. In some cases, the use of cyber means may be the most effective
means of carrying out specific tasks delineated in the mandate or author-
isation, as when it is necessary to temporarily disable command and
858
Note that States retain ‘full command’ over forces they contribute to an operation
directed by the UN or a regional organisation. However, they are normally placed under
the operational control of the UN or regional organisation conducting the operation.
control systems in order to fulfil it. Since a mandate or authorisation is
unlikely to specifically address cyber operations, any assessment of the
lawfulness of such operations will likely require its interpretation by the
peace force.
9. Consider a case in which the peace operation’s mandate includes
promoting a safe and secure environment and creating the conditions for
a lasting political solution to a conflict by monitoring a ceasefire agree-
ment. Such a mandate could be interpreted to permit the monitoring of
the parties’ cyber communications to ensure that they are not engaged in
activities contrary to the agreement. Similarly, monitoring data traffic
coming into and out of the peace operation’s networks would generally
be consistent with the need to maintain good network security and,
therefore, to accomplish the peace operation’s mission, as would passive
monitoring of the electromagnetic spectrum.
10. The International Group of Experts cautioned that cyber activ-
ities conducted pursuant to a mandate or authorisation must be consist-
ent with not only its express terms, but also its object and purpose. To
illustrate, if a peace operation is being conducted to monitor a ceasefire
between parties, it would usually exceed the scope of the underlying
mandate or authorisation to conduct cyber operations on behalf of one
side to the conflict. As a general matter, peace operations typically have
the aim of maintaining or restoring international peace and security (on
the notion of international peace and security, see also Rule 65) and
therefore cyber operations that only exacerbate a situation are
impermissible.
11. The operation’s rules of engagement are also likely to govern
the permissibility of engaging in cyber operations in furtherance of the
peace operation’s mandate or authorisation. Additionally, States contrib-
uting forces to a peace operation may make their agreement to contribute
subject to national ‘caveats’ that restrict particular activities of their forces.
12. It is essential to distinguish between peacekeeping and peace
enforcement operations when assessing the lawfulness of a cyber oper-
ation conducted by a peace force. ‘Peacekeeping’ operations are governed
by the principles of: (1) consent (of the territorial State); (2) impartiality;
and (3) the use of force, including by cyber means, only in self-defence.859
859
Report of the Special Committee on Peacekeeping, UN Doc. A/57/767, para. 46 (29
March 2003). It should be noted that peace operations must particularly comply with the
principle of impartiality in situations involving two or more parties, as in monitoring a
ceasefire.
13. Of particular importance is the requirement of consent. Any
cyber operations conducted by the peacekeeping force must fall within
the scope of the host State’s consent. For instance, a State that consents to
the presence of a peacekeeping force may prohibit active cyber defence
operations by that force. The host State’s consent (Rule 19) must be in
conformity with international law and will not override the international
or domestic law obligations of a troop contributing State. The require-
ment of consent is without prejudice to the right of the peacekeeping
force and its individual members to engage in self-defence.
14. The aforementioned three traditional peacekeeping requirements
do not apply to ‘peace enforcement’ operations mandated or authorised
by the UN Security Council under Chapter VII of the UN Charter. On
such mandates or authorisations, see Rule 76.
15. The lawfulness of a cyber operations at the use of force level
depends on the precise mandate or authorisation granted by the Secur-
ity Council. If the Security Council has authorised forceful enforcement
measures in general under Chapter VII, cyber operations that are
necessary to support kinetic operations are lawful. For instance, if a
peace enforcement operation has received a mandate or authorisation
to conduct forceful measures, and aerial bombing is needed, the peace
force may engage in those cyber operations necessary to pinpoint
targets and bring down air defences. Sometimes, however, the Security
Council resolution limits the peace enforcement operation, including
any forceful activities, to the protection of certain objects and persons
or to the performance of certain specific tasks.
16. The Experts noted in this regard that irrespective of whether the
mandate or authorisation permits cyber operations that qualify as a use
of force, a peacekeeping or peace enforcement force may conduct those
forceful operations that are necessary in individual or unit self-defence
against an ongoing or imminent attack.
17. UN-led peace operations may also employ force, whether kinetic
or cyber in nature, as required to counter armed attempts to interfere
with the execution of the mandate or authorisation (‘defence of the
mandate’).860 The forceful interference must be at a level that endangers
the accomplishment of the peace operation’s mission. For instance, if a
forceful kinetic or cyber operation compromises the command and
control systems of the peace operation, the peace force would be entitled
860
Capstone Doctrine, at 34.
to use kinetic or cyber force to terminate the cyber operation. This
conclusion is without prejudice to any international or domestic legal
limitations that might otherwise apply in the situation at hand. The
International Group of Experts cautioned that States take slightly differ-
ent approaches to the parameters of permissible action in defence of the
mandate or authorisation.
18. Many contemporary peace operations are mandated or author-
ised (in addition to those actions necessary to fulfil the core mission) to
protect civilians within the capabilities of the mission and without
prejudice to the primary responsibility of the host State to protect its
inhabitants. Cyber activities, including those that cross the use of force
threshold, that are instrumental to this task are lawful.
19. This raises the issue of whether a peace force may come to the
assistance of others, such as a civilian population, by using cyber force
when the use of force for this purpose is not expressly mandated or
authorised. Consider a situation in which social media is being used to
incite violence against a local ethnic group. The Experts concurred that it
would be appropriate in these circumstances to target the offending
social media accounts by cyber means, even if the cyber operation in
question qualifies as a use of force.861 Some of the Experts were of the
view that the authority to defend the targeted ethnic group by cyber
means is also to be found in the legal notion of ‘coming to the defence of
others’ that appears in the domestic law of many States. They addition-
ally pointed to the fact that most rules of engagement for peace oper-
ations presently allow for the resort to force in order to protect the
civilian population, thereby denoting the general lawfulness of taking
such measures.
20. In addition to compliance with the mandate or authorisation,
peace operations and their related cyber operations must comport with
other applicable international law. The two most pertinent legal regimes
for peace operations are international human rights law (Chapter 6) and
the law of armed conflict (Part IV). Certain aspects of international
human rights law are particularly relevant in this context. The Inter-
national Group of Experts agreed that cyber operations conducted by
troops or police of contributing nations are generally subject to inter-
national human rights law norms vis-à-vis persons within their power or
control (Rule 34). International human rights law will also be applicable
861
Other legal regimes, such as the law of armed conflict, may apply in such situations.
if a peacekeeping or peace enforcement operation exercises effective
control or administrative authority over territory, as in the case of United
Nations transitional authority. Certain controversies surrounding the
scope of applicability of international human rights law are discussed
in Rule 34.
21. As to peace operations undertaken by international organisa-
tions, the Experts agreed that international human rights law provisions
in treaties are generally inapplicable to the organisations by virtue of the
fact that they cannot become Parties to the instruments (although the
forces of troop or police contributing nations will continue to be bound
by treaties creating obligations for their State). Nevertheless, inter-
national organisations, as legal persons, may be bound by customary
international human rights law (Chapter 6).862 For instance, if an inter-
national organisation’s peace force exercises the requisite control over
particular territory and it is necessary to conduct cyber operations such
as disrupting the use of social media that is being used for command and
control purposes, the cyber operations must be carried out in compliance
with the requirements of international human rights law. This is without
prejudice to the applicability of the law of armed conflict when it has the
character of lex specialis during an armed conflict.
22. The International Group of Experts agreed that a peace operation’s
cyber operations have to comply with the law of armed conflict (Part IV)
once its force becomes, and for such time as it remains, party to an
international (Rule 82) or non-international armed conflict (Rule 83).863
In such a situation, the peace force may conduct cyber operations consist-
ent with the law of armed conflict, but it will not be protected from attack,
whether through cyber means (Rule 92) or otherwise, by the law of armed
conflict.
23. The determination of whether, and for what time, a peace force
becomes a ‘party to an armed conflict’ can involve complex issues of fact
and law and is subject to a degree of controversy. It is clear that a peace
862
See, e.g., United Nations Safety Convention, Art. 20(a); Optional Protocol to the United
Nations Safety Convention, Art. II(1); Decision No. 2005/24 of the Secretary-General’s
Policy Committee on Human Rights in Integrated Missions (2005); Capstone Doctrine,
at 14–15, 27.
863
The conclusion that the law of armed conflict binds a UN force when it is party to an
armed conflict is supported by a number of instruments. See, e.g., United Nations Safety
Convention, Arts. 2(2), 20; UN Secretary General’s Bulletin: Observance by United
Nations Forces of International Humanitarian Law, ST/SGB/1999/13 (6 August 1999);
Capstone Doctrine, at 15.
force qualifies as a party to an armed conflict when the force’s kinetic or
cyber operations reach the threshold of an international or non-
international armed conflict in their own right (Rules 82 and 83,
respectively).
24. The International Group of Experts agreed that a peace force
may also sometimes become a party to an armed conflict even if its
support to one or more of the parties to the conflict falls short of the
actual use of force, as in the case of providing direct logistical support or
tactical intelligence. Whether other forms of support that do not reach
this level render the force a party to the conflict is unsettled in inter-
national law and should be assessed on a case-by-case basis. The Experts
agreed, however, that mere deviation from a mandate or authorisation, or
the fact that an activity exceeds the consent of the host State in a
peacekeeping operation, does not alone render a peace force a party to
an armed conflict.
25. The use of force (kinetic or cyber) in self-defence does not
render a peace force a party to an armed conflict unless it reaches the
threshold of armed conflict. Each case must be assessed on its merits.
For instance, the International Group of Experts agreed that self-
defence at the individual (personal) level does not result in a peace
force becoming a party. However, if unit level self-defence or defence
against forcible attempts to prevent the execution of the peace force’s
mandate or authorisation take place on a systematic and recurring
basis, the peace force may become a party to an armed conflict. To
illustrate, if a mandate provides for the disarmament of parties to an
earlier armed conflict, and one of them forcibly resists being disarmed,
the resulting violence between the resisting party and the peace force
could reach the non-international armed conflict threshold. Once a
peace force becomes a party, the rules of either international or non-
international armed conflict will apply equally to all parties with
respect to their cyber operations in the same manner as in any other
armed conflict.
26. In determining the precise contours of the legal framework
applicable to cyber operations deriving from the law of armed conflict,
international human rights law, and other applicable legal regimes, it
must be emphasised that the individual troop or police contributing
States and the international organisation(s) involved may enjoy rights
and bear obligations under international law that differ. Of particular
note is the fact that during a peace enforcement operation in the
context of armed conflict, different contributing nations conducting
cyber operations may be subject to differing provisions of the law of
armed conflict, international human rights law, or other treaty law
based on their respective Party or non-Party status, as well as to
divergent obligations under domestic law. The forces involved may
not escape the obligation to comply with treaty obligations binding
their State based on their involvement in the operation, except when
their actions are consistent with a Chapter VII mandate or authorisa-
tion. Although beyond the scope of this Manual, the nature of com-
mand and control arrangements is of particular relevance in this
regard. On the issue of the responsibility of an international organisa-
tion, such as NATO, see Section 4 of Chapter 4.
27. Cyber operations must respect the law of the State where the
operation is being conducted, except when activities provided for are
consistent with a Chapter VII mandate or authorisation under Chap-
ter VII or otherwise provided for in an agreement with that State, as in
a basing or status of forces agreement. This obligation arises because
such operations may only be conducted with the consent of the State
concerned. Peace forces contributed by a State must also comply with
the domestic law of that State.
Rule 79 – Peace operations personnel, installations, materiel,

units, and vehicles
(a) As long as they are entitled to the protection afforded civilians
and civilian objects under the law of armed conflict, United
Nations personnel, installations, materiel, units, and vehicles,
including computers and computer networks that support United
Nations operations, must be respected and protected and are not
subject to cyber attack.
(b) Other personnel, installations, materiel, units, or vehicles, includ-
ing computers and computer networks, involved in a humanitar-
ian assistance or peacekeeping mission in accordance with the
United Nations Charter are protected against cyber attack under
the same conditions.
1. This Rule is drawn from a number of sources. The obligation to
respect and protect United Nations personnel, installations, materiel,
units, or vehicles, and by extension their computers and computer
networks, derives in great part from the United Nations Safety Conven-
tion. Article 7(1) specifies that United Nations personnel, units, vehicles,
equipment, and premises ‘shall not be made the object of attack or of any
action that prevents them from discharging their mandate’ and that
Contracting Parties have a duty to ensure the safety and security of
United Nations personnel. The further extension of protection from
attack to those involved in a humanitarian or peacekeeping operation
finds support in Article 8(2)(b)(iii) and 8(2)(e)(iii) of the Rome Statute.
This Rule is applicable in both international and non-international
armed conflicts as customary law.864
2. The notion of ‘respect’ in lit. (a) of this Rule encompasses an
obligation to refrain from interference with the fulfilment of the
mandate. For instance, directing cyber operations against the imple-
menting force’s networks would be in violation of the Rule.865 The
obligation refers only to United Nations personnel as defined under
international law866 and to the installations, materiel, units, or
vehicles, including computers and computer networks, that support
United Nations operations. It does not apply to those persons and
objects referred to in lit. (b).867
3. The obligation to ‘respect’ United Nations personnel also means
that it is prohibited to attack, threaten, or harm them in any way,
864
See also UK Manual, paras. 14.9, 14.15; AMW Manual, commentary accompanying
Rule 98(b–c); NIAC Manual, para. 3.3; ICRC Customary IHL Study, Rule 33.
865
AMW Manual, commentary accompanying Rule 98(a); ICRC Customary IHL Study,
commentary accompanying Rule 33.
866
United Nations Safety Convention, Art. 1(a). The Article defines ‘United Nations
personnel’ as: ‘(i) Persons engaged or deployed by the Secretary-General of the United
Nations as members of the military, police or civilian components of a United Nations
operation; (ii) Other officials and experts on mission of the United Nations or its
specialised agencies or the International Atomic Energy Agency who are present in an
official capacity in the area where a United Nations operation is being conducted.’
867
Art. 1(c) defines a ‘United Nations operation’ as: ‘an operation established by the
competent organ of the United Nations in accordance with the Charter of the United
Nations and conducted under United Nations authority and control: (i) Where the
operation is for the purpose of maintaining or restoring international peace and security;
or (ii) Where the Security Council or the General Assembly has declared, for the
purposes of this Convention, that there exists an exceptional risk to the safety of the
personnel participating in the operation.’
In addition, Art. II of the Optional Protocol to the United Nations Safety Convention
expands the term ‘United Nations operation’ to include: ‘all other United Nations oper-
ations established by a competent organ of the United Nations in accordance with the
Charter of the United Nations and conducted under United Nations authority and control
for the purposes of: (a) Delivering humanitarian, political or development assistance in
peace building, or (b) Delivering emergency humanitarian assistance.’ Optional Protocol to
the United Nations Safety Convention, Art. II.
including through cyber operations. The prohibition extends to per-
sons or locations placed under United Nations protection within the
context of the mandate.
4. The reference to ‘protect’ in lit. (a) refers to the duty to take those
feasible steps necessary to ensure that others do not attack, threaten,
harm, or interfere with them. The obligation means that States are under
an obligation to take all appropriate and feasible measures to ensure the
safety and security of such personnel.868 In this regard, the International
Group of Experts agreed that States must take necessary measures to
ensure the safety and security of UN and associated personnel against
cyber attacks869 and to cooperate with the peace operation in preventing
cyber attacks against them and their official premises, private accommo-
dation, or means of transportation.870 The obligation to cooperate
entails, inter alia, the duty to take all practicable measures to prevent
preparations in their respective territories for the commission of cyber
attacks within or outside the territory of the State Party in question and
the duty to exchange information and coordinate administrative and
other measures to prevent the commission of such attacks.871
5. Lit. (b) applies to personnel who do not qualify as United Nations
personnel. It also applies to operations that are not United Nations
operations in the sense of Article 1(c) of the United Nations Safety
Convention because they are not ‘conducted under United Nations
authority and control’.
6. Although not conducted under United Nations authority and
control, the mission in question must be ‘in accordance with the United
Nations Charter’ for lit. (b) to apply.872 This will usually mean that the
Security Council has authorised the mission. Additionally, the purpose of
such a mission must either be to deliver humanitarian assistance or
conduct peacekeeping (Rule 78). Humanitarian assistance and peace-
keeping operations presuppose consent by the host nation and any States
that are parties to the conflict.
7. During an armed conflict, members of a peace force enjoy the
protections afforded by the law of armed conflict to civilians (Rule 94),
including protection from cyber attacks (Rule 92), unless the force
868
United Nations Safety Convention, Art. 7(2).
869
United Nations Safety Convention, Art. 7(2).
870
United Nations Safety Convention, Arts. 9, 11.
871
United Nations Safety Convention, Art. 11.
872
Rome Statute, Art. 8(2)(b)(iii), 8(2)(e)(iii).
becomes a party to the conflict (Rule 78).873 This is so for members of
forces under both lit. (a) and lit (b). Individual civilian or military
members of a peace force nevertheless lose protection from attack even
when the operation to which they are attached is not a party to an armed
conflict if, and for such time as, they take a direct part in hostilities on an
individual basis (Rule 97), whether by cyber or non-cyber means.
8. This situation must be distinguished from that in which personnel
of a peace operation use force solely in the exercise of their right to
personal self-defence or to defend the unit from attack. The majority of
the Experts was also of the view that the threshold of direct participation
in the hostilities is not necessarily reached by the mere fact that peace
force personnel resort to cyber or kinetic force in defence of the mandate
or authorisation, provided that the resort to force is limited to such
purpose and that the mandate or authorisation is not for activities that
would themselves reach the armed conflict threshold.874
873
Note that their protection may actually be greater than that of civilians pursuant to,
when applicable, the United Nations Safety Convention, Art. 7. Moreover, both the
ICRC Customary IHL Study and the Rome Statute provide for a special status with
regard to peace operations. ICRC Customary IHL Study, Rule 33; Rome Statute, Art. 8
(2)(b)(iii), 8(2)(e)(iii).
874
Prosecutor v. Sesay Kallon and Gbao, Trial Chamber judgment (Spec. Ct. for Sierra
Leone, 2 March 2009), paras. 577–579.

Collective Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Collective Security

Uploaded by

Copyright:

Available Formats

15

Rule 76 – United Nations Security Council

Rule 77 – Regional organisations

Rule 78 – Peace operations

Rule 79 – Peace operations personnel, installations, materiel,

You might also like