Publication records

The legal implications of digital information warfare in the context of armed conflict have so far received only scarce attention. This paper aims at filling this gap by exposing some of the legal issues arising in relation to mis- and disinformation tactics during armed conflict in order to serve as a starting point for further debate in this respect:

What, if any, limits exist concerning (digital) information operations in armed conflict? Does the humanitarian legal framework adequately capture the humanitarian protection needs that arise from these types of (military) conduct? Where and how to draw the line between effects and side-effects of digitalised information warfare that should remain either within or without the protective ambit of international humanitarian law (IHL)? What are, or what should be, the limits of disinformation campaigns, “fake news”, deep fakes and the systematic manipulation of a given information space in times of armed conflict?

This article presents a novel way to conceptualize the protection of data in situations of armed conflict. Although the question of the targeting of data through adversarial military cyber operations and its implications for the qualification of such conduct under International Humanitarian Law has been on scholars’ and states’ radar for the last few years, there remain a number of misunderstandings as to how to think about the notion of “data.” Based on a number of fictional scenarios, the article clarifies the pertinent terminology and makes some expedient distinctions between various types of data. It then analyzes how existing international humanitarian and international human rights law applies to cyber operations whose effects have an impact on data. The authors argue that given the persisting ambiguities of traditional concepts such as “object” and “attack” under international humanitarian law, the targeting of content data continues to fall into a legal grey zone, which potentially has wide-ranging ramifications both for the rights of individual civilians and the functioning of civilian societies during situations of conflict. At the same time, much legal uncertainty surrounds the application of human rights law to these contexts, and existing data protection frameworks explicitly exclude taking effect in relation to issues of security. Acknowledging these gaps, the article attempts to advance the debate by proposing a paradigm shift: Instead of taking existing rules on armed conflict and applying them to “data,” we should contemplate applying the principles of data protection, data security, and privacy frameworks to military cyber operations in armed conflict.

Adversarial military cyber operations carried out during armed conflict can affect the functioning of civilian societies in unprecedented ways, challenging the protected reach of international humanitarian law (IHL). In light of this, the article argues for the recognition of new protection needs to shield critical societal processes from cyber threats in conflict situations. Although experts and states generally agree that cyber operations are subject to IHL, the digital transformation has added novel vulnerabilities that do not easily map onto the law’s traditional rationale of providing baseline protection against the ramifications of kinetic warfare, such as to minimise death, injury, and destruction among the civilian population. Today’s military cyber capabilities have the potential to severely impact essential societal processes across economic, financial, scientific, cultural, and healthcare domains as well as public information spaces. While such consequences may be more diffuse and intangible, in an interconnected world they can affect entire societies and cause systemic disruption on a major scale. Recognising this paradigm shift, the article calls for a more comprehensive understanding of what protection of the civilian population in twenty-first century warfare entails. It submits that certain societal processes and functions must be considered assets so essential as to require legal protection under IHL irrespective of possible physical aspects. In order to meaningfully expand IHL’s traditionally narrow focus on objects, kinetic warfare, and physical destruction, the article intends to initiate a discussion about adding the protection of essential societal processes as a new protection dimension to the law of armed conflict.

Cyberattacks have become part of every company’s daily routine. Every business leader must therefore prepare for a situation in which their company is successfully attacked. Defending against a cyberattack requires many parallel activities – assessing the impact, implementing technical defense measures, collecting evidence, rebuilding reliable IT systems and business processes, and communicating with customers and partners. The article describes five lessons that will help business leaders on Day X to successfully manage a serious and complex cyberattack.

The article explores the question whether contemporary forms of interfering with democratic decision-making processes in other countries, primarily carried out through digital means as part of a larger effort to distort the online information ecosystem, can amount to a violation of standing rules of international law.

Although the question of the targeting of data through adversarial military cyber operations and its implications for the qualification of such conduct under International Humanitarian Law has been on scholars’ and states’ radar for the last few years, there remain a number of misunderstandings as to how to think about the notion of “data.” Based on a number of fictional scenarios, the article clarifies the pertinent terminology and makes some expedient distinctions between various types of data. It then analyzes how existing international humanitarian and international human rights law applies to cyber operations whose effects have an impact on data. The authors argue that given the persisting ambiguities of traditional concepts such as “object” and “attack” under international humanitarian law, the targeting of content data continues to fall into a legal grey zone, which potentially has wide-ranging ramifications both for the rights of individual civilians and the functioning of civilian societies during situations of conflict. At the same time, much legal uncertainty surrounds the application of human rights law to these contexts, and existing data protection frameworks explicitly exclude taking effect in relation to issues of security. Acknowledging these gaps, the article attempts to advance the debate by proposing a paradigm shift: Instead of taking existing rules on armed conflict and applying them to “data,” we should contemplate applying the principles of data protection, data security, and privacy frameworks to military cyber operations in armed conflict.

This paper explores how governments may efficiently inform the public about an epidemic to induce compliance with their confinement measures. Using an information design framework, we find the government has an incentive to either downplay or exaggerate the severity of the epidemic if it heavily prioritizes the economy over population health or vice versa. Importantly, we find that the level of economic inequality in the population has an effect on these distortions. The more unequal the disease's economic impact on the population is, the less the government exaggerates and the more it downplays the severity of the epidemic. When the government weighs the economy and population health sufficiently equally, however, the government should always be fully transparent about the severity of the epidemic.

 

View all ESMT Working Papers in the ESMT Working Paper Series here. ESMT Working Papers are also available via SSRN, RePEc, EconStor, and the German National Library (DNB).

Multi-sided platform markets have tendency to “tip”, that is, one MSP takes it all or dominates the market by far. Due to dynamics of these markets it is however challenging to identify which markets will tip and the characteristics of tipping candidates ex-ante (before tipping). The European Commission has expressed the need for a new competition tool to identify and assess the likelihood of tipping. Based on a review of factors that foster and mitigate tipping we propose four key questions that may help in ranking multi-sided platform markets by the likelihood of tipping. Tipping is less likely if there are factors that 1) diminish the value of a growing multi-sided platform, 2) ease smaller rivals’ user acquisition, 3) make smaller rivals attractive to at least some users, and 4) make none of the established platforms stronger via activities in another market.

In this short paper, we discuss the impact of data analytics in services and delineate future research directions for the field. After illustrating how data analytics are transforming different service sectors, we consider the provision of data analysis as a service in its own right. We discuss how the very nature of data and certain features of the machine learning method give rise to new issues and pitfalls for the management of these services, which delineates as many future research directions. We also discuss the co-production of services by humans and machines, and call for more research on responsible data analytics services to tackle some of the most pressing ethical issues in our societies.

Copyright © 2020, INFORMS