Malicious cyber activities are pervasive in the lives of individuals and in the national security discussions of national governments across the globe. It is rare for a day to pass without some cyber event reaching the national news. These malicious cyber activities are attributed to both state and non-state actors such as transnational criminal groups, terrorist organizations, and individuals.

In response to this widespread phenomenon, including a specific major cyber incident in Estonia in 2007, the Cooperative Cyber Defense Center of Excellence in Tallinn, Estonia hosted a multi-year process designed to provide the views of a group of renowned experts on the application of international law to cyber activities. The first Tallinn Manual dealt with the law applicable to armed conflict. The second, and recently published, Tallinn Manual (known as Tallinn 2.0) deals with a much broader type of cyber operations—those both in and out of armed conflict.

This Article briefly summarizes the key points in the Tallinn Manual 2.0, including identifying some of the most important areas of non-consensus among the Experts who wrote the Manual. The Article then offers some insights into where international law on cyber operations will need to go in the future.

Keep Reading The Tallinn Manual 2.0