¹ Samantha BESSON, “Sovereignty” (2011) 1 Max Planck Encyclopedia of Public International Law at para. 114.

² The Island of Palmas Case (Netherlands v. United States of America), [1928] II Report of International Arbitral Awards 831 at 839.

³ Nicholas TSAUGOURIAS, “Law, Borders and the Territorialisation of Cyberspace” (2017) 15 Indonesian Journal of International Law 523 at 539.

⁴ Yassin A. ABDELKARIM, “Demarcation of Cyberspace: Political and Legal Effects of Applying the Concept of Sovereign States’ Interests” (2024) 2 Journal of Digital Technologies and Law 262 at 264.

⁵ Michiel FOULON and Gustav MEIBAUER, “How cyberspace affects international relations: The promise of structural modifiers” (2024) Contemporary Security Policy 1 at 429.

⁶ The White House, “National Cybersecurity Strategy” (March 2023) at 2.

⁷ Phillip OSBORN, “Cyber Border Security–Defining and Defending a National Cyber Border” (2017) 13 Homeland Security Affairs; J. AGNEW, Globalization & Sovereignty: Beyond the Territorial Trap, 2nd ed. (New York: Rowman & Littlefield, 2017); David R. JOHNSON and David POST, “Law and borders: The rise of law in cyberspace” (1996) Stanford Law Review 1367; Jinghan ZENG, Tim STEVENS, and Yaru CHEN, “China’s solution to global cyber governance: Unpacking the domestic discourse of ‘internet sovereignty’” (2017) 45 Politics & Policy 432.

⁸ D.T. KUEHL, “From Cyberspace to Cyber power: Defining the Problem” in F. KRAMER, S. STARR, and L. WENT, eds., Cyber power and National Security National Defense University Press (Nebraska: Nebraska University Press, 2009), 28.

⁹ Harriet MOYNIHAN, “The Application of International Law to State Cyberattacks” Chatham House (2 December 2019), online: Chatham House https://www.chathamhouse.org/2019/12/application-international-law-state-cyberattacks; Patrick W. FRANZESE, “Sovereignty in cyberspace: Can it exist” (2009) 64 Air Force Law Review 1; Jack L. GOLDSMITH, “Against cyberanarchy” (1998) 65 The University of Chicago Law Review 1199; D. AKANDE, A. COCO, and T. de SOUZA DIAS, “Old Habits Die Hard: Applying Existing International Law in Cyberspace and Beyond” Ejil: Talk (5 January 2021), online: Ejil: Talk https://www.ejiltalk.org/old-habits-die-hard-applying-existing-international-law-in-cyberspace-and-beyond/.

¹⁰ M. KREUZER, “Cyberspace is an Analogy, not a Domain: Rethinking Domains and Layers of Warfare for the Information Age” The Strategy Bridge (8 July 2021), online: The Strategy Bridge https://thestrategybridge.org/the-bridge/2021/7/8/cyberspace-is-an-analogy-not-a-domain-rethinking-domains-and-layers-of-warfare-for-the-information-age.

¹¹ Developments in the Field of Information and Telecommunications in the Context of International Security, 23 December 2015, GA Res. 70/237, UN Doc. A/RES/70/237 (2015) [Developments in the Field of Information and Telecommunication].

¹² Resolution adopted by the General Assembly on 24 December 2024, Countering the use of information and communications technologies for criminal purposes, UN Doc. A/RES/79/243 (2024) [UNGA Resolution on the use of information and communications technologies].

¹³ Tsaugourias, supra note 3 at 551.

¹⁴ Letter dated 9 January 2015 from the Permanent Representatives of China, Kazakhstan, Kyrgyzstan, Russian Federation, Tajikistan and Uzbekistan to the United Nations addressed to the Secretary-General A/69/723, 13 January 2015.

¹⁵ “Why Does Cyber Sovereignty Matter” China Daily (16 December 2015), online: China Daily http://www.chinadaily.com.cn/business/tech/2015-12/16/content_22728202.htm.

¹⁶ “International Strategy of Cooperation on Cyberspace” Xinhuanet (1 March 2017), online: Xinhuanet http://www.xinhuanet.com//english/china/2017-03/01/c_136094371.htm.

¹⁷ “Joint statement between the presidents of China and Russia” China Daily (June 2016), online: China Daily https://www.chinadaily.com.cn/china/2016-06/26/content_25856778.htm.

¹⁸ L. TOPOR, “Cyber Sovereignty: The Case of Cyber Borders and Cyber Blocs” Columbia|SIPA (7 March 2023), online: Columbia|SIPA https://jia.sipa.columbia.edu/news/cyber-sovereignty-case-cyber-borders-and-cyber-blocs.

¹⁹ Nur RO’IS, “The Urgency of Cyber Sovereignty Resilience for Indonesia (Comparative Study with the People’s Republic of China)”, Proceedings of the 3rd International Conference on Social and Islamic Studies, Alauddin University, Occasional Paper, 2023, at 222.

²⁰ R. DEIBERT, J. PALFREY, and R. ROHOZINSKI, et al., eds., Access Controlled: The Shaping of Power, Rights, and Rule in Cyberspace (Massachusetts: MIT Press, 2010) at 124.

²¹ “Russia: Growing Internet Isolation, Control, Censorship” Human Rights Watch (18 June 2020), online: Human Rights Watch https://www.hrw.org/news/2020/06/18/russia-growing-internet-isolation-control-censorship.

²² The Government of the Russian Federation, “Regulation on the Federal Service for Supervision of Communications, Information Technology, and Mass Media”, Statute of Roskomnadzor Regulation No. 228 of 16 March 2009.

²³ S. KERNER, “Great Firewall of China” TechTarget (June 2022), online: TechTarget https://www.techtarget.com/whatis/definition/Great-Firewall-of-China.

²⁴ R. CREEMERS, G. WEBSTER, and P. TRIOLO, “Translation: Cybersecurity Law of the People’s Republic of China (Effective 1 June 2017)” DIGICHINA (29 June 2018), online: DIGICHINA https://digichina.stanford.edu/work/translation-cybersecurity-law-of-the-peoples-republic-of-china-effective-june-1-2017.

²⁵ Simurgh ARYAN, Homa ARYAN, and J. Alex HALDERMAN, “Internet censorship in Iran: A first look,” (2013) in 3rd USENIX Workshop on Free and Open Communications on the Internet (FOCI 13); Barney WARF, “The Hermit Kingdom in cyberspace: unveiling the North Korean internet” (2015) 18 Information, Communication & Society 109; “Development of Clean Internet with the Help of 8000 Basij / 6 Steps to Clean and Halal Internet” Mehr News (1 June 2011), online: Mehr News https://www.mehrnews.com/news/1326215.

²⁶ C. MCGOOGAN, “North Korea’s internet revealed to have just 28 websites” Telegraph (21 September 2016), online: Telegraph https://www.telegraph.co.uk/technology/2016/09/21/north-koreas-internet-revealed-to-have-just-28-websites/; S. ASHER, “What the North Korean internet really looks like” BBC (21 September 2016), online: BBC http://www.bbc.com/news/world-asia-37426725.

²⁷ Permanent Mission of the Islamic Republic of Iran to the United Nations, “Statement by H.E. Mr. Majid Takht Ravanchi Ambassador and Permanent Representative of the Islamic Republic of Iran to the United Nations at the First Substantive Session of the Open-ended Working Group on Security of and in the Use of Information and Telecommunications Technologies”, 13 December 2021.

²⁸ “Important Statement of the General Staff of the Armed Forces about Cyber Threats” Khabar Online (27 September 2020), online: Khabar Online https://www.khabaronline.ir/news/1437194.

²⁹ “Syria: Freedom of the Net 2020” Freedom House (2020), online: Freedom House https://freedomhouse.org/country/syria/freedom-net/2020.

³⁰ “Belarus: Freedom of the Net 2023” Freedom House (2023), online: Freedom House https://freedomhouse.org/country/belarus/freedom-net/2023.

³¹ “Turkmen President Approves Law on Cybersecurity” Business Turkmenistan (7 September 2019), online: Business Turkmenistan https://business.com.tm/post/4365/turkmen-president-approves-law-on-cybersecurity.

³² Decree of the President of the Russian Federation, “Doctrine of Information Security of the Russian Federation”, Decree No. 646 of 5 December 2016.

³³ Information Office of the State Council of the People’s Republic of China, “The Internet in China” (June 2010).

³⁴ E.g.: The US Department of State, “United States International Cyberspace & Digital Policy Strategy” (July 2024), at 15; The European Commission, “The EU’s Cybersecurity Strategy for the Digital Decade”, 2020, at 4.

³⁵ “Policy Recommendations: Internet Freedom” Freedom House, online: Freedom House https://freedomhouse.org/policy-recommendations/internet-freedom.

³⁶ N. FICK, J. MISCIK, and A. SEGAL, et al., “Confronting Reality in Cyberspace”, Independent Task Force Report No. 80, Council on Foreign Relations, 2022, at 16 and 20.

³⁷ Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States submitted by participating governmental experts in the Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security established pursuant to General Assembly resolution 73/266, UN Doc. A/76/136 (2021) at 139 [The GGE’s official compendium of voluntary national contributions].

³⁸ Government of the United Kingdom, “Application of international law to states’ conduct in cyberspace: UK statement” GOV.UK (3 June 2021), online: GOV.UK https://www.gov.uk/government/publications/application-of-international-law-to-states-conduct-in-cyberspace-uk-statement/application-of-international-law-to-states-conduct-in-cyberspace-uk-statement.

³⁹ Federal Government of Germany, “On the Application of International Law in Cyberspace”, Position Paper, March 2021.

⁴⁰ Declaration for the Future of Internet, signed by 70 international partners, 25 April 2022.

⁴¹ European Parliament, “Digital sovereignty for Europe” (July 2020), at 1.

⁴² Ibid., at 5.

⁴³ Mark SCOTT, “XI. Why Europe’s Cloud Ambitions Have Failed” AINOW (15 October 2024), online: AINOW https://ainowinstitute.org/publication/xi-why-europes-cloud-ambitions-have-failed.

⁴⁴ Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [GDPR]; Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act); Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) No 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act); Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act); Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act).

⁴⁵ Government of the United Kingdom, “National Cyber Strategy 2022: Pioneering a cyber future with the whole of the UK” (15 December 2022).

⁴⁶ Innovation, Science and Economic Development Canada, “Canada’s Digital Charter in Action: A Plan by Canadians, for Canadians” (2019).

⁴⁷ Australian Government, “International Cyber and Critical Technology Engagement Strategy” (April 2021).

⁴⁸ Germany Federal Ministry for Economic Affairs and Climate Action, “Digital Strategy 2025” (2016).

⁴⁹ French Government, “French National Digital Security Strategy” (2015).

⁵⁰ NATO Standardization Office, “Allied Joint Doctrine for Cyberspace Operations”, Allied Joint Publication-3.20, 1st ed., Version 1 (2020), at 20.

⁵¹ Declaration for the Future of Internet, supra note 40.

⁵² GDPR, supra note 44.

⁵³ Government of the United Kingdom, supra note 45.

⁵⁴ Innovation, Science and Economic Development Canada, supra note 46.

⁵⁵ French Government, supra note 49.

⁵⁶ Australian Government, supra note 47.

⁵⁷ “Personal Information Protection Law of the People’s Republic of China” PIPL, online: PIPL https://personalinformationprotectionlaw.com/.

⁵⁸ Ibid.

⁵⁹ B. ALLYN, “Legal experts say a TikTok ban without specific evidence violates the First Amendment” NPR (14 May 2024), online: NPR https://www.npr.org/2024/05/14/1251086753/tiktok-ban-first-amendment-lawsuit-free-speech-project-texas#:˜:text=Legal%20experts%20say%20a%20TikTok%20ban%20without%20specific%20evidence%20violates%20the%20First%20Amendment&text=Michael%20Dwyer%2FAP-,TikTok%20sued%20the%20Biden%20administration%20in%20response%20to%20a%20new,in%20the%20next%2012%20months.

⁶⁰ “US bans sale of Huawei, ZTE tech amid security fears” BBC (26 November 2022), online: BBC https://www.bbc.com/news/world-us-canada-63764450.

⁶¹ N. YOUSIF, “Meta’s news ban in Canada remains as Online News Act goes into effect” BBC (19 December 2023), online: BBC https://www.bbc.com/news/world-us-canada-67755133.

⁶² A. DESMARAIS, “Human rights NGOs say social media platforms continue to censor pro-Palestine content” Euronews (7 October 2024), online: Euronews https://www.euronews.com/next/2024/10/07/human-rights-ngos-say-social-media-platforms-continue-to-censor-pro-palestine-content.

⁶³ The White House, supra note 6 at 29.

⁶⁴ National centre of Incident readiness and Strategy for Cybersecurity, “Japan’s Cybersecurity Strategy 2021 (Overview)”(28 September 2021) at 1.

⁶⁵ A. RAGHURAMAN, “India’s data localization pivot can revamp global digital diplomacy” Atlantic Council (5 December 2022), online: Atlantic Council https://www.atlanticcouncil.org/blogs/southasiasource/indias-data-localization-pivot/.

⁶⁶ Besson, supra note 1 at para. 70.

⁶⁷ Case Concerning Military and Paramilitary Activities in and Against Nicaragua (Nicaragua v. United States), [1986] I.C.J. Rep. 14 at 111.

⁶⁸ The Case of the S.S. “Lotus” (France Republic v. Turkish Republic), Judgment No. 9, [1927] PCIJ Series A. – No. 10 at 18 et seq.

⁶⁹ The Island of Palmas, supra note 2 at 838.

⁷⁰ Developments in the field of information and telecommunications in the context of international security, GA Res. 58/32, UN Doc. A/RES/58/32 (2003).

⁷¹ Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, UN Doc. A/68/98 (2013); Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, UN Doc. A/70/174 (2015) [GGE 2015].

⁷² GGE 2015, supra note 71 at 12, para. 27.

⁷³ Advancing responsible State behaviour in cyberspace in the context of international security, GA Res. 73/266, UN Doc. A/RES/73/266 (2018).

⁷⁴ Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security, UN Doc. A/76/135 (2021).

⁷⁵ Developments in the field of information and telecommunications in the context of international security, GA Res. 73/27, UN Doc. A/RES/73/27 (2018).

⁷⁶ Final Substantive Report, Open-ended working group on developments in the field of information and telecommunications in the context of international security, UN Doc. A/AC.290/2021/CRP.2 (2021), at 5-6, paras. 34-7.

⁷⁷ Developments in the Field of Information and Telecommunication, supra note 11; Developments in the field of information and telecommunications in the context of international security, and advancing responsible State behaviour in the use of information and communications technologies, GA Res. 76/19, UN Doc. A/RES/76/19 (2021).

⁷⁸ Developments in the field of information and telecommunications in the context of international security, GA Res. 75/240, UN Doc. A/RES/75/240 (2020).

⁷⁹ Statement by delegation of I.R. Iran before the Ninth Substantive meeting of the Open-Ended Working Group (OEWG) on the security of and in the use of information and communications technologies 2021–2025, December 2024, at 3.

⁸⁰ China’s Contribution to the Initial Pre-Draft of OEWG Report, at 4.

⁸¹ Compendium of statements in explanation of position on the final report, Open-ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security, UN Doc. A/AC.290/2021/INF/2/Add.1 (2021), at 4.

⁸² The Republic of Cuba, “Position Paper of the Republic of Cuba on the Application of International Law to Information and Communication Technologies in Cyberspace”, Position Paper, 28 June 2024, at 1.

⁸³ Compendium of statements in explanation of position on the final report, Open-ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security, UN Doc. A/AC.290/2021/INF/2 (2021), at 54 [The OEWG’s compendium of statements, 2021].

⁸⁴ Compendium of statements in explanation of position on the adoption of the progress report of the open-ended working group as contained in A/79/214, annex, Open-ended working group on security of and in the use of information and communications technologies 2021–2025, UN Doc. A/AC.292/2024/INF/5 (2024), at 13 [The OEWG’s compendium of statements, 2024].

⁸⁵ The OEWG’s compendium of statements, 2021, supra note 83 at 63.

⁸⁶ Statement by the Russian Interagency Delegation at the Ninth Session of the UN Open-Ended Working Group on Security of and in the Use of ICTs 2021–2025, 4 December 2024, at 1.

⁸⁷ The OEWG’s compendium of statements, 2024, supra note 84 at 23–27.

⁸⁸ The OEWG’s compendium of statements, 2021, supra note 83 at 88.

⁸⁹ The OEWG’s compendium of statements, 2024, supra note 84 at 4.

⁹⁰ The Republic of Austria, “Position Paper of the Republic of Austria: Cyber Activities and International Law”, Position Paper, April 2024, at 3.

⁹¹ The Kingdom of Belgium, “Open-Ended Working Group (OEWG) on security of and in the use of information and communications technologies 2021-2025” (4–8 March 2024), at 2.

⁹² The OEWG’s compendium of statements, 2021, supra note 83 at 20.

⁹³ Comments by Chile on the Initial Pre-Draft of the Report of the OEWG, at 2.

⁹⁴ Colombia’s comments on the initial “Pre-draft” of the report of the OEWG on developments in the field of information and telecommunications in the context of international security, 16 April 2020, at 1.

⁹⁵ The OEWG’s compendium of statements, 2021, supra note 83 at 28.

⁹⁶ Comments submitted by the Czech Republic in reaction to the initial “pre-draft” report of the Open-Ended Working Group on developments in the field of information and telecommunications in the context of international security, at 2.

⁹⁷ The OEWG’s compendium of statements, 2021, supra note 83 at 34.

⁹⁸ Ibid., at 37.

⁹⁹ Set of draft key EU messages for 30 March 2022, Open-Ended Working Group (OEWG) on security of and in the use of information and communications technologies 2021 – 28 March 2025–1 April 2022, at 3.

¹⁰⁰ France’s response to the pre-draft report from the OEWG Chair, at 2.

¹⁰¹ Comments from Germany on initial “Pre-draft” of the report of the OEWG on developments in the field of information and telecommunications in the context of international security and non-paper listing specific language proposals under agenda item “Rules, norms and principles” from written submissions received before 2 March 2020, 6 April 2020, at 2.

¹⁰² Ireland, “Open-Ended Working Group (OEWG) on security of and in the use of information and communications technologies 2021-2025, Ninth Substantive Session” (2–6 December 2024), at 2.

¹⁰³ The OEWG’s compendium of statements, 2024, supra note 84 at 12.

¹⁰⁴ Comments from Italy on the Initial “Pre-Draft” Report of the Open-Ended Working Group on developments in the Field of Information and Telecommunication in the Context of International Security, at 2.

¹⁰⁵ The OEWG’s compendium of statements, 2021, supra note 83 at 51.

¹⁰⁶ The Kingdom of the Netherlands’ response to the pre-draft report of the OEWG, at 6.

¹⁰⁷ The OEWG’s compendium of statements, 2021, supra note 83 at 60.

¹⁰⁸ Ibid., at 75.

¹⁰⁹ The OEWG’s compendium of statements, 2024, supra note 84 at 18.

¹¹⁰ Ibid., at 22.

¹¹¹ The United Kingdom, “OEWG – Intersessional: How International Law Applies to the Use of ICTs by States” (May 2023) at 2.

¹¹² The OEWG’s compendium of statements, 2021, supra note 83 at 82.

¹¹³ Ibid., at 85.

¹¹⁴ “(5th meeting) Open-ended working group on Information and Communication Technology (ICT) – Fourth Substantive Session” UN Web TV (8 March 2023), online: UN Web TV https://webtv.un.org/en/asset/k19/k191pqmwp8.

¹¹⁵ Preliminary Considerations of Venezuela to the Initial Pre-Draft of the Report of the OEWG on Developments in the Field of Information and Telecommunications in the Context of International Security, at 3.

¹¹⁶ Indonesia’s Response on the Pre-Draft Report of the UN OEWG on the developments in the field of ICT in the context of international security, at para. 5(a).

¹¹⁷ Nicaragua’s considerations on the initial document of the Open-Ended Working Group on Progress in the Field of Information and Telecommunications in the Context of International Security, at 2.

¹¹⁸ China’s Contribution to the Initial Pre-Draft of OEWG Report, supra note 80 at 5.

¹¹⁹ Commentary of the Russian Federation on the Initial “Pre-Draft” of the Final Report of the United Nations Open-ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security, at 1.

¹²⁰ Preliminary Reflection by the Islamic Republic of Iran on the Initial “Pre-draft” of the report of the OEWG on developments in the field of information and telecommunications in the context of international security, at 3–4.

¹²¹ Pakistan’s inputs in response to the letter dated 11 March 2020 from the Chair of the Open-ended Working Group on developments in the field of information and telecommunications in the context of international security (OEWG), at para. 11.

¹²² Zimbabwe’s Considerations on the Initial Pre-Draft of the Open-Ended Working Group (OEWG) on Developments in the Field of Information and Telecommunications in the Context of International Security, at 2–3.

¹²³ Letter dated 15 May 2023 from the Permanent Representatives of Belarus, the Democratic People’s Republic of Korea, Nicaragua, the Russian Federation and the Syrian Arab Republic to the United Nations addressed to the Secretary-General, UN Doc. A/77/894 (2023).

¹²⁴ Ibid.

¹²⁵ The OEWG’s compendium of statements, 2024, supra note 84 at 20.

¹²⁶ The OEWG’s compendium of statements, 2021, supra note 83.

¹²⁷ The United States’ Comments on the Chair’s Pre-draft of the Report of the UN Open Ended Working Group (OEWG), at 2–3.

¹²⁸ Joint comments from the EU and its Member States on the initial “pre-draft” report of the Open-Ended Working Group on developments in the field of Information and Telecommunication in the context of international security, at 4.

¹²⁹ France, Egypt, Argentina, Colombia, Ecuador, Gabon, Georgia, Japan, Morocco, Norway, Salvador, Singapore, the Republic of Korea, the Republic of Moldova, The Republic of North Macedonia, the United Kingdom, the EU and its member States (Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, France, Finland, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden.), “The future of discussions on ICTs and cyberspace at the UN” (10 August 2020).

¹³⁰ General Assembly Seventy-seventh Session, 46th plenary meeting, UN Doc. A/77/PV.46 (2023), at 6-7.

¹³¹ Draft Annual Progress Report, Open-ended working group on security of and in the use of information and communications technologies 2021–2025, UN Doc. A/AC.292/2024/CRP.1 (2024), at 36, para. 8.

¹³² Ibid., at para. 9.

¹³³ Ibid., at 36, para. 11.

¹³⁴ Ibid., at para. 9.

¹³⁵ The Czech Republic, “Position paper on the application of international law in cyberspace”, Position Paper, 26 February 2024, at 3, para. 4.

¹³⁶ The Federal Government of Germany, “On the Application of International Law in Cyberspace”, Position Paper, March 2021, at 3.

¹³⁷ New Zealand, “The Application of International Law to State Activity in Cyberspace”, 1 December 2020, at 2–3, para. 14.

¹³⁸ Council of the European Union, “Declaration on a Common Understanding of International Law in Cyberspace”, 18 November 2024, at 4.

¹³⁹ The Republic of Austria, “Position Paper of the Republic of Austria: Cyber Activities and International Law”, Position Paper, April 2024, at 4.

¹⁴⁰ “International Law applicable in cyberspace” Government of Canada (22 April 2022), online: Government of Canada https://www.international.gc.ca/world-monde/issues_development-enjeux_developpement/peace_security-paix_securite/cyberspace_law-cyberespace_droit.aspx?lang=eng.

¹⁴¹ Ministry of Foreign Affairs of Costa Rica, “Costa Rica’s Position on the Application of International Law in Cyberspace”, Position Paper, 21 July 2023, at 6.

¹⁴² Jeppe M. KJELGAARD, Ulf MELGAARD, “Denmark’s Position Paper on the Application of International Law in Cyberspace” (2023) 92 Nordic Journal of International Law 446 at 448-449.

¹⁴³ Irish Department of Foreign Affairs, “Position Paper on the Application of International Law in Cyberspace”, Position Paper, 6 July 2023, at 2.

¹⁴⁴ Roy SCHONDÖRF, “Israel’s perspective on key legal and practical issues concerning the application of international law to cyber operations” (2021) 97 International Law Studies 395 at 402.

¹⁴⁵ Italian Ministry for Foreign Affairs and International Cooperation, “International Law and Cyberspace”, Position Paper, at 4.

¹⁴⁶ Ministry of Foreign Affairs of Japan, “Basic Position of the Government of Japan on International Law Applicable to Cyber Operations”, Position Paper, 16 June 2021, at 3.

¹⁴⁷ Government of the Kingdom of the Netherlands, “Appendix: International law in cyberspace” (26 September 2019) at 2.

¹⁴⁸ The GGE’s official compendium of voluntary national contributions, supra note 37 at 67-68.

¹⁴⁹ Ministry of Foreign Affairs of Poland, “The Republic of Poland’s position on the application of international law in cyberspace”, Position Paper, 29 December 2022, at 3.

¹⁵⁰ Government Offices of Sweden, “Position Paper on the Application of International Law in Cyberspace”, Position Paper, July 2022, at 2.

¹⁵¹ The GGE’s official compendium of voluntary national contributions, supra note 37 at 140.

¹⁵² Ministry of Foreign Affairs of the People’s Republic of China, “China’s Views on the Application of the Principle of Sovereignty in Cyberspace” (2021) at 3.

¹⁵³ “Declaration of General Staff of the Armed Forces of the Islamic Republic of Iran Regarding International Law Applicable to the Cyberspace” NourNews (18 August 2020), online: NourNews https://nournews.ir/En/News/53144/General-Staff-of-Iranian-Armed-Forces-Warns-of-Tough-Reaction-to-Any-Cyber-Threat.

¹⁵⁴ African Union Peace and Security Council, “Common African Position on the Application of International Law to the Use of Information and Communication Technologies in Cyberspace”, Position Paper, 29 January 2024, at 17.

¹⁵⁵ The GGE’s official compendium of voluntary national contributions, supra note 37 at 18.

¹⁵⁶ Ministère des Armées, “Droit International Applique Aux Operations Dans Le Cyberspace” (2019), at 6.

¹⁵⁷ M. SCHMITT, ed., The Tallinn Manual on the International Law Applicable to Cyber Warfare (New York: Cambridge University Press, 2013).

¹⁵⁸ M. SCHMITT, ed., The Tallinn Manual on the International Law Applicable to Cyber Operations (New York: Cambridge University Press, 2017).

¹⁵⁹ Ibid., at 11.

¹⁶⁰ Ibid., at 12.

¹⁶¹ Moynihan, supra note 9 at 7; Kristen EICHENSEHR, “Review of The Tallinn Manual on the International Law Applicable to Cyber Warfare (Michael N. Schmitt ed., 2013)” (2014) 108 American Journal of International Law 585 at 586–7.

¹⁶² Schmitt, supra note 157 at 8.

¹⁶³ J.M. HENCKAERTS and L. DOSWALD-BECK, eds., Customary International Humanitarian Law (New York: Cambridge University Press, 2005).

¹⁶⁴ Eric T. JENSEN, “The Tallinn Manual 2.0: Highlights and Insights” (2016) 48 Georgetown Journal of International Law 735 at 738; Dieter FLECK, “Searching for international rules applicable to cyber warfare – a critical first assessment of the New Tallinn manual” (2013) 18 Journal of Conflict and Security Law 331 at 335; Eichensehr, supra note 161 at 585; Terence CHECK, “Analyzing the Effectiveness of the Tallinn Manual’s Jus Ad Bellum Doctrine on Cyberconflict, a NATO-Centric Approach” (2015) 63 Cleveland State Law Review 495 at 504.

¹⁶⁵ Papawadee TANODOMDEJ, “The Tallinn Manuals and the Making of the International Law on Cyber Operations” (2019) 13 Masaryk University Journal of Law and Technology 67 at 75.

¹⁶⁶ Jensen, supra note 164.

¹⁶⁷ Ibid.

¹⁶⁸ M. SCHMITT, “Tallinn Manual 2.0 on the International Law of Cyber Operations: What It Is and Isn’t” Just Security (9 February 2017), online: Just Security https://www.justsecurity.org/37559/tallinn-manual-2-0-international-law-cyber-operations/.

¹⁶⁹ Ibid.

¹⁷⁰ Dan EFRONY and Yuval SHANY, “A Rule Book on the Shelf? Tallinn Manual 2.0 On Cyberoperations and Subsequent State Practice” (2018) 112 The American Journal of International Law 583 at 588.

¹⁷¹ Tanodomdej, supra note 165 at 77.

¹⁷² Ministry of Foreign Affairs of the Republic of Estonia, “Tallinn Workshops on International Law and Cyber Operations, Compendium of reports”(2023).

¹⁷³ “The Tallinn Manual” CCDCOE, online: CCDCOE https://ccdcoe.org/research/tallinn-manual/.

¹⁷⁴ Countering the use of information and communications technologies for criminal purposes, GA Res. 74/247, UN Doc. A/RES/74/247 (2019).

¹⁷⁵ “The hypocrisy of Russia’s push for a new global cybercrime treaty” The Interpreter (7 March 2022), online: The Interpreter https://www.lowyinstitute.org/the-interpreter/hypocrisy-russia-s-push-new-global-cybercrime-treaty.

¹⁷⁶ Convention on Cybercrime, 23 November 2001, 2296U.N.T.S. 167 (entered into force 1 July 2004) [Budapest Convention].

¹⁷⁷ Ibid.

¹⁷⁸ T. HASSAN, “Upcoming Cybercrime Treaty Will Be Nothing But Trouble” Human Rights Watch (7 August 2024), online: Human Rights Watch https://www.hrw.org/news/2024/08/07/upcoming-cybercrime-treaty-will-be-nothing-trouble.

¹⁷⁹ “Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes” UNODC, online: UNODC https://www.unodc.org/unodc/en/cybercrime/ad_hoc_committee/home.

¹⁸⁰ UNGA Resolution on the use of information and communications technologies, supra note 12.

¹⁸¹ “Russia unveils bid to fight cybercrime and Samsung Pay faces patent issue” Tass (30 July 2021), online: Tass https://tass.com/pressreview/1320973.

¹⁸² UNGA Resolution on the use of information and communications technologies, supra note 12, at 2.

¹⁸³ Countering the use of information and communications technologies for criminal purposes, Report of the Third Committee, UN Doc. A/79/460 (2024), at 8 [Report of the Third Committee].

¹⁸⁴ Ibid., at 29.

¹⁸⁵ Franzese, supra note 9 at 33 et seq.

¹⁸⁶ Goldsmith, supra note 9 at 1215.

¹⁸⁷ Moynihan, supra note 9 at 14.

¹⁸⁸ Tsaugourias, supra note 3 at 539–40.

¹⁸⁹ Zeng, Stevens, and Chen, supra note 7 at 449.

¹⁹⁰ Johnson and Post, supra note 7 at 1370.

¹⁹¹ Y.A. ABDELKARIM GADALLA, “An Investigation into the Contribution of the Judiciary in Securing the State’s Cyber Borders”, Leeds Becket University, Master of Laws Dissertation, November 2021, at 7.

¹⁹² Johnson and Post, supra note 7 at 1368.

¹⁹³ Ibid.

¹⁹⁴ Naser GAROUSI, “Challenges of Cyberspace for Territorial Sovereignty” (2021) 8 Natural Volatiles and Essential Oils 15278 at 15281.

¹⁹⁵ New Zealand Foreign Affairs & Trade, “The Application of International Law to State Activity in Cyberspace”(1 December 2020) at para. 13.

¹⁹⁶ Government of the Kingdom of the Netherlands, supra note 147 at 2.

¹⁹⁷ The GGE’s official compendium of voluntary national contributions, supra note 37 at 76.

¹⁹⁸ Federal Department of Foreign Affairs, “Switzerland’s position paper on the application of international law in cyberspace” (May 2021) at 2.

¹⁹⁹ E. MILANO, “Unlawful territorial situations: Reconciling effectiveness, legality and legitimacy in international law”, London School of Economics and Political Science, PhD Thesis, 2004, at 71.

²⁰⁰ Ibid.

²⁰¹ L. OPPENHEIM and H. LAUTERPACHT, International Law: A Treatise, 8th ed. (London: Longmans, Green & Co., 1955) at 452.

²⁰² V. RUSINOVA, “Application of Sovereignty to Information and Communications Technologies” in François DELERUE and Aude GÉRY, eds., International Law and Cybersecurity Governance (EU: EU Cyber Direct, 2022), 48.

²⁰³ C. SCHMITT, Constitutional Theory (Durham, NC: Duke University Press, 2008) at 124.

²⁰⁴ Rusinova, supra note 202 at 49.

²⁰⁵ Rusinova, supra note 202.

²⁰⁶ P. CORNISH, “Governing Cyberspace through Constructive Ambiguity” (2015) 57 Survival 153 at 153.

²⁰⁷ Rusinova, supra note 202.

²⁰⁸ Abdelkarim, supra note 4 at 278; G.I. ZEKOS, Political, Economic and Legal Effects of Artificial Intelligence (New York: Springer, 2022) at 348.

²⁰⁹ Rusinova, supra note 202.

²¹⁰ O. SENDER and M. WOOD, “Chapter 2: Extraterritorial Jurisdiction and the Limits of Customary International Law” in Austin PARRISH and Cedric RYNGAERT, eds., Research Handbook on Extraterritoriality in International Law (Edward Elgar Publishing, 2023), 31.

²¹¹ Ibid., at 35-41.

²¹² League of Nations, Committee of Experts for the Progressive Codification of International Law, “Criminal Competence of States in Respect of Offences Committed Outside Their Territory” (1926) 20 American Journal of International Law, Supplement 252 at 252.

²¹³ Institut de Droit International, “Yearbook of the Institute of International Law” (2001) Vol 69, Session of Vancouver, Preparatory Work and Deliberations of the Institute 92, at 115.

²¹⁴ Sender and Wood, supra note 210 at 39.

²¹⁵ Report of the International Law Commission, Fifty-eighth Session (1 May–9 June and 3 July–11 August 2006), UN Doc. A/61/10, at 522.

²¹⁶ Report of the Third Committee, supra note 183 at 14.

²¹⁷ E. SCHER-ZAGIER, “The New UN Cybercrime Treaty Is a Bigger Deal Than Even Its Critics Realize” Lawfare (2 October 2024), online: Lawfare https://www.lawfaremedia.org/article/the-new-un-cybercrime-treaty-is-a-bigger-deal-than-even-its-critics-realize.

²¹⁸ Ibid.

²¹⁹ Report of the International Law Commission, supra note 215 at 522.

²²⁰ R. CREEMERS, G. WEBSTER, and P. TRIOLO, “Translation: Cybersecurity Law of the People’s Republic of China (Effective 1 June 2017)” DigiChina (29 June 2018), online: DigiChina https://digichina.stanford.edu/work/translation-cybersecurity-law-of-the-peoples-republic-of-china-effective-june-1-2017.

²²¹ Tidal Music AS v. The Public Prosecution Authority, [2019] HR-2019-610-A (case no. 19-010640STR-HRET).

²²² LinkedIn Corporation, Appeal ruling of the IC in civil cases of the Moscow City Court dated 24 April 2017 in case No. 33-15365/2017, Russia v. LinkedIn Corporation.

²²³ Federal Government of Germany, “On the Application of International Law in Cyberspace”, Position Paper, March 2021, at 8, fn. 9.

²²⁴ Ministère des Armées, supra note 156 at 6.

²²⁵ EU Council, EU Council decision (CFSP) 7299/19 concerning restrictive measures against cyber-attacks threatening the Union or its Member States, 14 May 2019.

²²⁶ Directive (EU) 2019/713 of the European Parliament and of the Council of 17 April 2019 on combating fraud and counterfeiting of non-cash means of payment and replacing Council Framework Decision 2001/413/JHA, at Art. 13(3).

²²⁷ Criminal Procedure Code of the Kingdom of Belgium (1808, as amended 2019), Article 88.

²²⁸ Prosecution v. T, Judgement of the Højesteret (Denmark’s Supreme Court), [2012] U 2012.2614H.

²²⁹ “Wetboek van Strafvordering” Overheid.nl (1 January 2023), online: Overheid.nl https://wetten.overheid.nl/BWBR0001903/2023-01-01#BoekEerste_TiteldeelIV_AfdelingTweede_Paragraaf1_Artikel67.

²³⁰ The Case of Unknown Storage Location (H v. The Attorney General), Judgement by the Swedish Supreme Court, [2023] Ö 5686-22.

²³¹ Foreign Email Seizure and Search, Supreme Court of Korea, Case No. 2017Do9747, Decided 29 November 2017, The Republic of Kora v. (the anonymous defendant).

²³² W v. Ireland, [1983] App. No. 9360/81, 5 E.H.R.R. 504, para. 14.

²³³ Al-Skeini and Others v. The United Kingdom, Concurring Opinion of Judge Bonello, European Court of Human Rights, Grand Chamber, 7 July 2011, at para. 11.

²³⁴ Microsoft Ireland, No. 17-2, slip op. at 3 (17 April 2018) (per curiam) (vacating and remanding judgment), United States v. Microsoft Corporation.

²³⁵ Clarifying Lawful Overseas Use of Data (CLOUD) Act, 115th Congress 2d Session, in the Senate of the United States, March 2018.

²³⁶ US Department of Justice, “Deputy Assistant Attorney General Richard W. Downing Delivers Remarks at the 5th German-American Data Protection Day on ‘What the U.S. Cloud Act Does and Does Not Do’”, Office of Public Affairs (16 May 2019), online: Office of Public Affairs https://www.justice.gov/opa/speech/deputy-assistant-attorney-general-richard-w-downing-delivers-remarks-5th-german-american.

²³⁷ Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings, L 191/118, 28 July 2023; Directive (EU) 2023/1544 of the European Parliament and of the Council of 12 July 2023 laying down harmonised rules on the designation of designated establishments and the appointment of legal representatives for the purpose of gathering electronic evidence in criminal proceedings, L 191/118, 28 July 2023.

²³⁸ Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings, L 191/118, 28 July 2023, Art. 1(1).

²³⁹ Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings, L 191/118, 28 July 2023, Art. 17(6)(c).

²⁴⁰ T. WAHL, C. RIEHLE, A. PINGEN, et al., “News–European Union” Eucrim–European Law Forum: Prevention, Investigation, Prosecution, 2023/2 at 168; M. MURODILLAEVA, “The CLOUD Act: Old Laws and New Problems” IOWA (2 May 2024), online: IOWA https://jgrj.law.uiowa.edu/news/2024/05/cloud-act-old-laws-and-new-problems.

²⁴¹ Barcelona Traction Case (Belgium v. Spain), Opinion of Fitzmaurice, [1970] I.C.J. Rep. 3 at 105; Restatement (Third) of Foreign RELS. L. U.S. § 403 (AM. L. INST. 2018); Restatement (Fourth) of Foreign RELS. L. U.S § 405 (AM. L. INST. 2022).

²⁴² The Government of the Netherlands, “Memorie van Toelichting Wet Computercriminaliteit III [Explanatory Memorandum Computer Crime III Act]”, 28 December 2015.

²⁴³ Osborn, supra note 7 at 4.

²⁴⁴ Ibid., at 6.

²⁴⁵ S. VIÑA, “Protecting Our Perimeter: ‘Border Searches’ Under the Fourth Amendment”, Congressional Research Service, The Library of Congress, 17 May 2005, at 7.

²⁴⁶ Ibid.

²⁴⁷ Osborn, supra note 7 at 6.

²⁴⁸ Ibid.

²⁴⁹ Yassin A. ABDELKARIM, “A literature review of the evolution of sovereignty and borders concepts in cyberspace” (2024) 5 International Cybersecurity Law Review 365 at 368.

²⁵⁰ “Glossary” FFIEC, online: FFIEC https://ithandbook.ffiec.gov/glossary.

²⁵¹ “What is a firewall?” CISCO, online: CISCO https://www.cisco.com/site/us/en/learn/topics/security/what-is-a-firewall.html#jump-anchor-4.

²⁵² “The Role of Internet Service Providers (isps)” Faster Capital, online: Faster Capital https://fastercapital.com/topics/the-role-of-internet-service-providers-(isps).html.

²⁵³ K. SCARFONE and P. MELL, “Guide to Intrusion Detection and Prevention Systems (IDPS)” (2007) NIST Special Publication 800-94 at 2-6.

²⁵⁴ Joint Task Force, “Security and Privacy Controls for Information Systems and Organizations” (2020) NIST Special Publication 800-53 Revision 5 at 297-305.

²⁵⁵ B. LUTKEVICH, “access control list (ACL)” TechTarget (February 2022), online: TechTarget https://www.techtarget.com/searchnetworking/definition/access-control-list-ACL.