Statement by Finland on behalf of the Nordic Countries at the OEWG on security of and in the use of information and communications technologies

Read the statement by Finland on behalf of the Nordic Countries at the OEWG on security of and in the use of information and communications technologies, How international law applies to the use of information and communications technologies by States - Item 5 (e), delivered by Ms. Tarja Fernández, Ambassador for Cyber Affairs, Ministry for Foreign Affairs of Finland, on December 12, 2023

Mr Chair,

Thank you for giving me the floor. I will speak on behalf of Denmark, Iceland, Norway, Sweden and my own country, Finland in our national capacities, focusing on international law. The Nordic countries fully align themselves with the EU statement already delivered by our colleague from the EEAS.

 

The Nordic countries welcome that a session of the OEWG has again been dedicated to international law, and in particular to how it applies to the use of information and communications technologies by States.

Mr Chair,

Let us at the outset reiterate that international law, including the UN Charter, applies in cyberspace, as affirmed by the previous OEWG and endorsed by the General Assembly. We welcome that the Annual Progress Report so clearly reaffirms this.

The Nordic countries hold the view that the applicability of international law does not depend on the technological means employed, but applies across domains.

 

While the Nordic countries are aware that States may hold differing views on how some rules developed for the kinetic world shall be interpreted and implemented in the cyber context, we also acknowledge that many states, including the Nordics, still work on establishing their own national views on specific questions. While the existing rules and principles of international law are applicable in cyberspace, the application of certain provisions may give rise to practical problems due to the specific characteristics of cyberspace. Therefore, it is necessary to continue in-depth discussions on these specific questions of application of international law the cyber context.

Turning now to your questions Mr Chair, I would like to start by addressing the first one regarding convergences in States’ perspectives on how international law applies in the use of ICTs. The second Annual Progress Report shows that States have found convergence on a number of core obligations that apply to States’ behaviour in cyberspace. This includes the UN Charter-based obligations, such as the prohibition of the use of force, non-intervention, and the obligation to settle disputes peacefully.

There also seems to be convergence in the perceived need to understand the consequences of breaches of these obligations. Therefore, we continue to hold the view that it would be useful to discuss the law of state responsibility as this could help in clarifying, for instance what options a State has to address an internationally wrongful act committed against it.

We have noticed an increase in views that IHL belongs to the areas of law that this OEWG should discuss. Of course, cyberattacks conducted in the context of an armed conflict are subject to the same restrictions and regulations under international humanitarian law as conventional attacks, including the principles of humanity and military necessity, as well as distinction, proportionality and precaution. However, the unique characteristics of cyberspace, such as interconnectedness and anonymity, may affect how international humanitarian law is interpreted and applied to certain cyber means and methods warfare. We are therefore particularly pleased with the increased convergence on the need to address IHL in our work.

 

Mr Chair,

I would now like to turn to your second question on possible unique features relating to the use of ICTs that require a distinction in terms of how international law applies as compared to other domains. The starting point of a response is the established acquis of the successive GGEs and OEWGs that international law applies in cyberspace. However, we need to discuss and achieve common understandings on how the law applies to the State use of the ICTs.

Mr Chair,

Now regarding your third question on whether there are ‘gaps’ in how international law applies to the use of ICTs, and if so, what can be done to bridge those gaps? The answer is clear: cyberspace is not an unregulated arena or a domain with legal gaps that would need to be filled. All States have agreed that international law is applicable and essential to maintaining peace, security and stability in the ICT environment. However, States are encouraged to develop national positions on the application of international law to the use of ICTs, as this will contribute to common understandings on the interpretation of the law.

 

Mr Chair,

Finally, I would like to address your fourth question on capacity building, which is essential in ensuring that all States are able to participate on equal footing in the discussions and contribute towards common understandings on how international law applies to State use of ICTs. The Nordic countries believe that developing and publishing national positions on how international law applies in cyberspace is particularly helpful for this, and should be encouraged. The second Annual Progress Report stressed the urgent need for continued capacity-building efforts on international law. Such a need has also been indicated in the interventions of several States. With a view to cooperating and connecting demand with concrete capacity building activities and existing initiatives, we would welcome a discussion onwhat areas of international law and cyber additional capacity would be most needed.

 

Thank you, Mr Chair.