Lieber Studies Big Data Volume – Big Data and Armed Conflict – Legal Issues Above and Below the Armed Conflict Threshold
Editor’s note: This is the first post in a symposium addressing themes from a new book entitled Big Data and Armed Conflict: Legal Issues Above and Below the Armed Conflict Threshold, the ninth in the Lieber Institute’s Lieber Studies series with Oxford University Press. This post is drawn from this new book, which seeks both to define the important legal questions related to the growing use of “big data” in extraterritorial military operations and to begin to provide answers.
Consider the following hypothetical. Ukrainian military officials are evaluating whether to launch a cyber-operation to delete large quantities of data stored on a server run by a Russian company, located in Russia. Some of the data feeds into Russian weapons systems that operate within the armed conflict in Ukraine. But the proposed operation would also likely delete some civilian data that is stored on the same server. What body or bodies of international law, if any, would apply to this operation? International humanitarian law (IHL), also known as the law of armed conflict (LOAC)? The jus ad bellum? International human rights law? And, under any of these bodies of law, how would existing rules apply to the data-deletion operation? For example, under IHL, is data-deletion an “attack,” such that the rules that govern attacks would apply? If so, how should principles such as the principle of distinction and the principle of proportionality apply to such operations?
Or consider the efforts by Ukrainian officials to investigate and prosecute war crimes. Large quantities of data retrieved from a variety of sources such as satellites, social media, and crowdsourced information might be used to build a case against a particular perpetrator. Yet, private companies might own significant quantities of this data, creating challenges for prosecutors seeking to access it. Even if prosecutors can obtain the data, how do they verify that it is accurate? And, as such data becomes more and more central to building war crimes cases, what happens to the investigations of war crimes for which there is unlikely to be an abundance of data, such as rapes in detention?
These questions are just a small sampling of the issues we tackle in our new book, Big Data and Armed Conflict, Legal Issues Above and Below the Armed Conflict Threshold, published as part of the West Point Lieber Institute’s Lieber Studies series by Oxford University Press.
As the above questions illustrate, data is emerging as a key component of military operations, both on and off the battlefield. Large troves of data generated by new information technologies such as mobile Internet, cloud storage, social networking, and the “Internet of Things,” as well as the advanced analytics used to process that data—often termed “big data”—are growing ever more important to a wide range of military functions.
Big Data and Battlefield Operations
On the battlefield, big data is being deployed, and has the potential to be deployed, for an astonishing array of purposes. Increasingly, weapons systems depend on unfathomably large quantities of data to operate. And technologies that process and analyze large quantities of data, including artificial intelligence (AI) and machine learning, can exponentially increase military capabilities. As contributor Asaf Lubin has noted, militaries are using big data and associated technologies “to improve their procurement, transportation, and redeployment of material and personnel” as well as to engage in a variety of battlefield functions, for example, to “launch targeted killing operations and automate the collection and analysis of military intelligence.”
Likewise, contributor Mark Visger observes that military forces can gain advantages by targeting adversaries’data and data systems, and acquiring, distorting, or deleting that data. Big data is also increasingly essential to military detention operations. According to contributor Fionuala Ni Aolain, government and intergovernmental authorities are using biometric data gathered on detainees and others to track and monitor those individuals in counterterrorism initiatives around the globe. And, as contributor François Delerue has observed, all of this data must be stored. Militaries have therefore been housing huge data sets in massive data centers around the globe.
Indeed, some wartime uses of big data may sound like the stuff of science fiction, but they are in fact just over the horizon. For example, targeting systems could deploy AI-enabled facial recognition technology on a vast scale, which in turn would rely on enormous data sets of facial images. And, as contributors Noam Lubell and Katya Al-Khateeb have noted, brain-computer interface (BCI) technology allows computer systems to download and upload large quantities of data from armed forces in the field, thereby enhancing the performance of those forces by enabling “a wide range of super-human abilities such as extra-sensorial perception, superstrength, or super-precision.” Big data therefore has the potential not only to revolutionize the tools armed forces use to fight, but to transform members of the armed forces themselves.
Big Data and Adversarial Operations Below the Armed Conflict Threshold
Beyond the battlefield, big data lies at the epicenter of adversarial activities below the armed conflict threshold. As noted by contributor Ido Kilovaty, the size and importance of this data mean that operations to acquire, alter, or delete such data are having a larger and larger impact. Big data has become the fuel of an emerging AI “arms race” among the United States, China, Russia, and others. Because machine learning systems train using enormous data sets, an endless cycle is created: data powers AI systems, which in turn target data, which in turn power AI systems. This relentless quest for more data creates enormous incentives for cyberattacks. As contributors Gary Corn and Eric Jensen emphasize, big data has powered AI systems that are engaging in malicious cyber and information operations aimed at data itself. And, as highlighted by contributors Duncan Hollis and Tsvetelina Van Benthem, data is increasingly critical for threat assessments as well.
Big Data in Humanitarian Operations and Atrocity Investigations
Big data is also increasingly used in humanitarian operations on, and adjacent to, the battlefield. Humanitarian organizations are deploying technologies dependent on big data to monitor humanitarian crises and deliver aid. As contributor Galit Sarfaty notes, such data includes “data exhaust (e.g., cell phone records), online activity (e.g., social media), sensing technologies (e.g., satellite data), and crowdsourced information.” Big data analytics can then use that information to facilitate early warning systems and provide real-time awareness of atrocities.
In addition, big data is now a key tool to investigate and prosecute those responsible for wartime atrocities. Whether gleaned from social media or from sensing and “smart technologies,” a variety of global actors are gathering and using vast data sets in war crimes accountability efforts. Governmental, intergovernmental, and nongovernmental war crimes investigators are also purposefully compiling large quantities of information by digitizing found or exfiltrated documents and scraping social media platforms. It is therefore not an exaggeration to say that big data has the potential to disrupt and radically change how atrocities are investigated and prosecuted.
Big Data and the Challenges of Applying Existing Bodies of International Law
The growing use of big data therefore raises a wide variety of international legal issues and challenges, both with regard to armed conflicts and extraterritorial military and other adversarial actions that might fall below the armed conflict threshold. A significant scholarly and policy literature has touched on some of these issues, primarily in the context of evaluating AI and its application to weapons systems. And debates about cyber operations above and below the armed conflict threshold have grappled with some international legal issues related to the targeting of data. This book, however, is perhaps the first effort to focus specifically on big data within military operations and to analyze the variety of legal challenges and issues arising under IHL and related bodies of international law, including the jus ad bellum and international human rights law (IHRL).
Big Data and International Humanitarian Law
To begin with, the increasing role of big data across such a broad variety of operations presents enormous challenges for the interpretation and application of IHL. To what extent, and how, does IHL apply to the variety of military operations that involve data, such as targeting? These questions are particularly complex when such operations do not have kinetic effects that can be analogized to more conventional military operations. To what extent do IHL principles and rules even govern such operations? For example, should operations against data be deemed “attacks,” under IHL and therefore subject to the IHL rules governing such “attacks”? Is data an “object” under IHL targeting rules? And assuming IHL rules apply, how do they apply? When is data civilian, and when is it military in character? Can data centers be lawfully targeted if such centers house civilian and military data or they are located outside the battlefield? Should harm to civilian data, without any corresponding “kinetic effects,” be included as civilian harm in an analysis of the principles of distinction and proportionality? When do operations against data constitute perfidy? How should data poisoning operations be analyzed? And how does IHL encompass the ever-growing role of big data in humanitarian relief operations and the efforts of governments and other actors to investigate and prosecute war crimes?
Relatedly, the collection and use of large data sets in weapons systems and for other purposes raise significant questions about data acquisition, retention, and privacy as well as bias. Do IHL rules and principles that govern targeting and other operations encompass such concerns? For example, to what extent does IHL’s principle of distinction impose an obligation to weed out such biases? Does the IHL principle of feasible precautions require testing of algorithms used to distill big data in some circumstances to ensure there are no systemic problems that could lead to mistaken targeting of civilians? Is the use of big data to operate a particular weapons system itself a weapon that must undergo weapons review procedures? Are there any transparency or “explainability” rules that derive from IHL in this domain, or which should be adopted as a matter of policy?
Big Data and the Jus ad Bellum
Below the armed conflict threshold, adversarial actions reliant on, or aimed at, big data generate challenging questions under the jus ad bellum as well. When do operations against data constitute a prohibited threat or use of force, or amount to an armed attack? When do such operations fall within the generally acceptable domain of cyber espionage? In what circumstances do operations aimed at acquiring, altering, or deleting data interfere with sovereignty? And, in the case of IHL, are norms regarding privacy or bias incorporated within the jus ad bellum?
Big Data and International Human Rights Law
The role of “big data” on the battlefield also raises important questions under IHRL, which protects privacy rights and prohibits discrimination and bias. To what extent do these and other IHRL norms apply to operations that use or target data on the battlefield? This question implicates complex issues related to the extraterritorial application of IHRL rules, as well as the intersection of IHRL and IHL within armed conflict zones. If States interpret IHL narrowly to exclude operations that target data or that use data in ways that infringe on privacy or entail bias, does IHRL fill those gaps? Or might IHRL principles and values influence the understanding of IHL principles such as civilian harm? And, below the armed conflict threshold, to what extent do IHRL rules such as privacy rights and bias prohibitions govern data-based operations such as, for example, extraterritorial data acquisition and retention?
Finally, it is significant that States (and non-State actors) may well interpret these various questions differently. And of course, because non-State actors play such important roles in producing, collecting, and storing data, the doctrine of State responsibility may come under pressure as well. In the end, the very uncertainty about the scope and content of international legal norms governing big data poses its own challenges, not only for the application of these bodies of law independently, but also for questions related to how these bodies of law intersect. Indeed, it may be that the rules incorporated within any of these three bodies of law are inadequate to address a context in which private companies, non-State actors, and individuals are generating, collecting, owning, or seeking access to “big data.” And what about the increasing number of countries that reject the rules of the international law-based order altogether?
Collectively, the chapters in this book—authored by a diverse group of leading experts in the field—grapple with these questions. The book also contains a chapter that sets forth a scenario, created by Mark Visger and the book editors in partnership with the U.S. Army Cyber Institute, to focus attention on the way in which legal issues related to big data could arise in a real-world conflict situation. Professor Michael Schmitt, one of the contributors, offers a thoughtful breakdown and analysis of these legal issues.
Notably, many of the questions tackled in the book are what we might call “translation questions.” How do we translate existing rules and principles to this new context, where data permeates every aspect of military operations on and off the battlefield? But on some level, there are perhaps even deeper questions about whether the use and importance of data in military operations destabilizes the international legal order itself. The impact of big data on the battlefield exposes gaps and interpretive ambiguities in existing legal frameworks that generate critiques of those frameworks as inadequate. Accordingly, while big data holds enormous promise, it also has the potential to disrupt modern warfare and the legal regimes that seek to regulate it. This book confronts these issues directly, offers a range of approaches and ideas to this timely issue, and hopefully offers an initial road map for scholars, policy makers, and advocates to follow as they address the enormous challenges still to come.
Laura A. Dickinson is the Oswald Symister Colclough Research Professor of Law and Professor of Law at The George Washington University Law School.
Photo credit: Pexels