In a Significant and much appreciated effort on the part of NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE), a manual titled the Tallinn Manual on the International Law Applicable to Cyber Warfare (PDF) has been released.
The effort is Significant as it is the first Coordinated and Collaborative effort in the direction of tackling the menaced of Cyber Warfare at the International Level. However, this effort of NATO is also “Highly Risky” and “Pre Mature” as “International Consensus” is not an essential part of this effort.
There is no second opinion that we need International Regulations against Cyber Warfare as Cyber Warfare against India is also a big nuisance. The problem in achieving this “Laudable Objective” is that we have no International Cyber Law Treaty and International Cyber Security Treaty.
Even NATO is aware of these “Limitations” and this is the reason why the Tallinn Manual is not an Official Document, but instead an Expression of Opinions of a Group of Independent Experts acting solely in their Personal Capacity. It does not even represent the views of the Centre, its Sponsoring Nations, or NATO. It is also not meant to reflect NATO Doctrine. Nor does it reflect the position of any Organisation or State represented by Observers.
Obviously, we should consider the Manual as nothing more than personal Opinions of few Individuals and should not base our Acts or Omissions on the basis of this Manual. Before forming our Judgement on the basis of this Manual we must ask few questions. These are:
(1) How NATO or those related to this Manual would “Enforce” it?
(2) Why should it be considered to be “Binding and Enforceable” at the International level?
(3) What if People, Institutions and States “Defy” this Manual?
There are Thousands of such Questions and “Jurisdictional Issues” that need to be answered and resolved before we consider a Manual like this to be even “Considered” much less “Adopted”.
In my personal opinion, this Manual is “Premature” and “Undesirable” at this stage when we have no “Universally Acceptable” Cyber Law and Cyber Security Norms. Jumping at the Apex without sorting out the controversial issues existing at the Ground Level is a bad idea and NATO has exactly done so.