Jan Martin Lemnitzer (@JanLemnitzer) holds a PhD from the London School of Economics and has taught international politics and history at the LSE, Oxford (ChristChurch and Pembroke College) and the University of Southern Denmark and was Director of Studies at the ChangingCharacter of War programme, Oxford University. He is currently teaching cyber security atCopenhagen Business School’s Department of Digitalization. His book Power, Lawand the End of Privateering was published with Palgrave Macmillan in 2014. Hehas organized the Danish Tech ambassador’s 2018 Cyber Security conference andhis recent research focuses on cyber security politics, in particular cyberdiplomacy, norm creation, cyber insurance and cyber risk management. He is thefounder and CEO of JML Cyber Policy Consulting.
Due Diligence in Cyber space: are we heading for a Cyber Alabama?
Due diligence duties should be at the heart of the debate about responsible state behaviour in cyber space, but states are still arguing whether due diligence rule applies at all and whether it is a binding obligation. In the Tallinn memorandum, states made sure that it primarily spells out what can NOT be expected of them. This is not surprising since due diligence norms are not usually created at multilateral gatherings. Instead, they are forged by fire during international crises when one state calls out another for behaving irresponsibly. Moreover, historical interpretations of due diligence duties were much stricter and demanding than what is currently discussed in cyberspace. This paper presents two historical examples (the Alabama arbitration and the Corfu Channel Case) to highlight these stricter standards and then develops two modern scenarios based on them to show what the application of the higher historical standards would look like. In this way, the historical examples help us to not only predict the procedure in which due diligence norms in cyberspace will be developed, but also provide clear pointers as to their likely content.