This is a fast-changing security environment and nothing is changing faster than cyber. That has a domino effect across our traditional understanding of how and when to intervene if a country or entity behaves with such reckless disregard for international norms that it opens itself to remedial action by states upholding the global legal order.

Responsibility to Protect (or R2P in the jargon) is not a new idea. It emerged in the 1990s as a response to genocide in Bosnia and Rwanda, as the world grappled with methods of response. The key element is a now-established means to intervene — sometimes but not always with the support of the United Nations — to counter a regime’s engagement in such egregious acts that outside parties have a right, if not an obligation, to intervene.

The United Nations describes this idea as follows:

“The responsibility to protect embodies a political commitment to end the worst forms of violence and persecution. It seeks to narrow the gap between Member States’ pre-existing obligations under international humanitarian and human rights law and the reality faced by populations at risk of genocide, war crimes, ethnic cleansing and crimes against humanity.”

Traditionally, this has been invoked through humanitarian action such as refugee camps, supplying a population at risk, and legal action against the perpetrators, and is often followed by armed forces on the ground to ensure stability and safety, for example through the Western intervention in Northern Iraq to protect Kurds in 1991

This right cannot simply be limited to the physical world; it must necessarily apply to other areas of human activity, including the cyber world where the imperatives of humanitarianism must also apply. And just as in the physical realm, repressive regimes lose their sovereign right to freedom of action when it is being used to trample on the rights of people at home or abroad.

The good news is that any intervention does not need to be military, as in the West’s air campaign in Libya in 2011. The only boots on (or above) the ground would be digital, significantly lowering the costs of action. In turn, that would allow much less escalatory — albeit contested — exchanges between the perpetrating and responding states. The growing digital footprint of repressive regimes also creates an opportunity for early prevention and interception against the perpetration of atrocities. Russian soldiers and officers use digital means, cell phones, and digital communication to coordinate, give orders and report; and digital gadgets collect connections, locations, and data. Added to this mix is the likelihood that the Russian military information systems are likely not properly updated and maintained, and are likely vulnerable to attempts to extract the information.

Remember too that war crimes prosecutions after the 1990s Bosnian war were often made difficult by a lack of physical evidence. Thirty years on, there is now an enormous Russian digital footprint, which combined with poor digital discipline means the international community should be much better able to hold Russian war criminals to account. (There will be much work to do — Ukrainian prosecutors said that in November, they had almost 45,000 war crimes logged.)

Get the Latest
Sign up to receive regular emails and stay informed about CEPA's work.

Western states have been building significant cyber arsenals in recent years, in part to deter hostile acts by states including Russia and China. Cyber operations are designed to strengthen a country’s defenses and domestic security, but are also a weapon. In the same way that an otherwise harmless computer can be used for warfare, instruments of war can be used to protect the innocent and safeguard human rights.

A humanitarian cyber intervention would penetrate the information systems of the target state, along with its command structure and communications. In this author’s personal view, Russia has through its atrocities against the Ukrainian population and through the endangerment of its own people, meets the threshold to be considered culpable, and against which others can act to protect human life.

During the occupation of parts of Ukraine, pro-Russian cell phone providers have been established. The vast majority of Russian soldiers crossing Ukrainian borders in February carried mobile phones which they used for inter-military communications, and to reach home.

Consider too the Russian military and Donbas puppet regime computer systems, the equipment of the Russian occupation authorities, the logistic bases, and the authorities on the home front. For example, the forced movement of thousands of Ukrainian children to be absorbed by Russian families might normally be hard to trace, but in cyber the evidence is there in bucketloads. In 2022, capturing digital evidence for war crimes prosecutions should be a top priority. Digital sovereignty is clearly less critical than the need to right Russian wrongs.

Any Russian counterargument that it is a sovereign state suffering a hostile act would fail for one reason — there is no damage. Accountability for genocidal actions is not damaged by such an intervention; it is enhanced. Humanitarian cyber operations cannot reasonably be considered an act of war.

Exposing human rights crime in progress would also serve as a deterrent to future abusers and might lessen the impact of crimes in real time. Humanitarian cyber operations enable faster responses, the retrieval of information necessary for the world community’s decision-making, and remove the secrecy surrounding the genocidal acts of totalitarian and repressive regimes.

Humanitarian cyber operations can act as a deterrent because perpetrators will be held accountable. The international humanitarian law is dependent on evidence gathering, and laws might not be upheld if evidence gathering fails, even if the international community promotes decisive legal action.

Humanitarian cyber operations can support the prosecution of crimes against humanity, generate high-quality evidence and deliver justice to perpetrators. Cyber counter-attacks would be inevitable, but would also expose the truth that authoritarian regimes seek to protect the abusers they empower.

There is an opportunity here for humanity.

Jan Kallberg, Ph.D., LL.M., is an Assistant Professor in the Department of Mathematical Sciences at the United States Military Academy and a Scientist in the Insider Threat Research program. He is also a  Non-resident Senior Fellow with the Transatlantic Defense and Security program at the Center for European Policy Analysis (CEPA). Follow him at cyberdefense.com and @Cyberdefensecom.

The views expressed are those of the author and do not reflect the official policy or position of the United States Military Academy, the Department of Defense, or the US Government.

Europe’s Edge is CEPA’s online journal covering critical topics on the foreign policy docket across Europe and North America. All opinions are those of the author and do not necessarily represent the position or views of the institutions they represent or the Center for European Policy Analysis.

Europe's Edge
CEPA’s online journal covering critical topics on the foreign policy docket across Europe and North America.
Read More