Israel’s Hebrew University of Jerusalem has set up a team of legal and technology experts to tackle the challenges posed by the new digital world and cyber-warfare to legal systems around the world. The aim will be to come up with new legal blueprints that can be adapted by Israel and countries worldwide.
The team is part of the Hebrew University’s international cybersecurity center, which was set up in 2015 to advance cyber-research and cybersecurity in Israel and the world. The center, which received an NIS 5 million ($1.3 million) grant for the task, is funded jointly by the university, Germany’s Fraunhofer Institute for Secure Information Technology SIT, and the Israeli Prime Minister’s Office.
The aim of the project is to enhance Israel’s leading position in the world not only in cybersecurity but in cyber-law as well.
Legal systems globally have been created on the assumption that each state legislates and enforces the rule of law within its own boundaries. However, with the advent of the digital age, legal systems around the world need reform, said Prof. Yuval Shany, a former dean of the Faculty of Law at the Hebrew University of Jerusalem and an expert in international law and international human rights law, who will lead the team of 12 researchers.
“We have now moved into a reality in which the old model doesn’t work anymore,” he said in an interview. “The interactions today don’t happen mostly within physical territory but in a cyberspace. The reality is very different from that in which our laws were created for and are enforced upon.”
The idea, he said, is to undertake a wide-ranging and in-depth study of the issues and set out a legal blueprint or framework that can be adopted — and where necessary adapted — by countries around the world as a basis for the new cyber reality.
There are some research centers in the US doing similar work, but none of them has taken on the wide spectrum of legal and extra-legal subjects the Hebrew University team is planning to tackle, he said.
The group of researchers will deal with issues such as what the responsibility of the state is regarding cyber offenses; how to define the right to privacy in the cyber realm; and what characterizes cyber-crime and cyber-terror. It will also focus on the legal protection against threats to human rights and national infrastructure as a result of the misuse of cyberspace.
Research into these matters require “out of the box thinking,” said Shany. “Israel is considered a cyber-power technologically, and now we have the tools to upgrade the legal understanding of the field.”
The project will be divided into three sub-groups.
One will relate to international law and address the questions: Can current rules that regulate armed conflict between countries apply to cyber-warfare? And if not, what are the rules — including human rights rules — that should apply?
The next will address the issue of privacy and intellectual property and examine the questions: when information flows from one location to another, in cyberspace and stored in the cloud, who is responsible for this information? Who does it belong to? If an idea is created online, who holds the right to its intellectual property?
The third sub-group will deal with profiling cyber-criminals: Who are these criminals and what deterrents can be put in place against cyber-terror and cyber-crime?
The team of 12 researchers, most of them from the Hebrew University of Jerusalem, will include retired general Danny Efron, a former Military Attorney General in the Israeli Army; Prof. Oren Gross of the University of Minnesota; Prof. Michael Schmitt, US Naval War College the drafter of the Tallinn Manual on Cyber Warfare. They will be joined in their task by computer engineering and other experts, local and foreign, to help them understand the challenges of the job.
At the end of the two-year project Shany hopes there will be a three-year extension.
“In the longer term it won’t be possible to regulate such complex legal matters — in which so many interested parties are involved in so many geographical areas — without international agreements,” Shany said. “But that won’t be easy, because there are just too many players and interests involved. So, like in other areas of the law and specifically in international law, we often need to develop our rules in an incremental way, starting from one sub-sector to another, identifying common themes and implementing existing conventions. I don’t think that realistically in the coming years we will see a huge global cyber convention that will regulate all the relevant areas. We are really not there yet.”