Document Type


Publication Date


Publication Information

10 Notre Dame J. Int'l & Comp. L. 1 (2020).


State cyber misconduct is on the rise, and it can be difficult to differentiate between malicious governmental cyber conduct and active cyber defense. Though some argue that cyberspace is a law-free zone, offensive cyberattacks are almost always unlawful regardless of their purpose. This Article contends that international law can provide for legal boundaries in cyberspace and analogizes cyber misconduct to government actions such as espionage. So long as conditions provided by international law (such as notice, necessity, and proportionality) are met, countermeasures to malicious cyber operations are generally lawful. Cases of urgency may be an exception to this general rule but should not involve the use of force. Moreover, a government planning to take countermeasures must have clear and convincing evidence regarding the state to whom the wrong is attributable and identify the wrongdoer with a requisite level of legal certainty. It is difficult to prove lawful use of cyber misconduct in response to cyber misconduct, but this Article contends that responses consistent with the rule of law exist.


Reprinted with permission of Notre Dame Journal of International and Comparative Law.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.