Intelligence Sharing in Multinational Military Operations
[Editor’s Note: Articles of War is hosting this first in a series of four posts by Prof. Marko Milanovic on the International Law of Intelligence Sharing in Multinational Military Operations. Links to the remaining essays in the series, which will appear on EJIL Talk!, are provided below.]
The massive airlift by the United States and its allies that followed the Taliban’s victory in the Afghan war had a remarkable feature: the Taliban not only did not interfere with it, but actively assisted it. After two decades of fighting the Taliban, the United States found in them unlikely partners willing to provide, for a limited time, the first line of security in the evacuation effort prompted by their own victory. That cooperation involved daily contacts between the US and the Taliban at various levels, as well as meetings between US generals in the field and the CIA director with Taliban leadership. It also involved the US military sharing intelligence information with its erstwhile adversaries, for the purpose of preventing attacks against the Kabul airport by even more extreme ISIS militants (one of which, on 26 August, tragically got through, killing almost 200 people). As General McKenzie explained at a press briefing:
[W]e share versions of this information [about possible threats] with the Taliban. So that they can actually do some searching out there for us. And we believe that some attacks have been thwarted by them. Again, we’ve been doing this for a long [time], we’ve been doing this since the 14th [of August]. This is an attack that’s been carried out. We believe it’s possible that others have been thwarted. We cut down the information we give the Taliban, they don’t get the full range of information we have. But we give them enough to act in time and space to try to prevent these attacks.
The sharing of intelligence between the United States and the Taliban would have hardly been imaginable even a few months ago. But it happened, and it is perfectly understandable how and why it happened—the evacuation would have been impossible without it, and the Taliban wanted to buy a modicum of good will with the international community. The sharing of intelligence between partners in military operations, whether states or non-state actors, is a standard feature of such operations. Allies, formal or informal, do this all the time. They might share and receive discrete items of intelligence, create fusion centres, or provide each other access to their own electronic systems containing enormous amounts of information.
Intelligence sharing is indispensable to modern coalition warfare, but also in numerous other contexts, e.g. peacetime counterterrorism efforts. Yet such practices raise numerous, complex and underexplored questions of international and domestic law. In that regard, I have recently completed a project on the international legal aspects of intelligence sharing in multinational military operations (happily funded by a British Academy Mid-Career Fellowship), which resulted in a mammoth 60,000 word article—or an open-access short book, if you prefer—in International Law Studies (‘Intelligence Sharing in Multinational Military Operations and Complicity under International Law,’ (2021) 97 International Law Studies 1269). I am very grateful to the ILS editors for accommodating such a long piece, which was lengthy of necessity rather than verbosity (or so I hope). As part of the project I have had the benefit of extensive discussions with legal advisors from the governments, intelligence agencies and militaries of several states, as well as NGOs—I am very grateful to them for their comments.
In this series of four essays on EJIL: Talk! (the first of which is cross-posted on Articles of War), I aim to provide a more accessible account of the arguments I make in the ILS article. I will be dealing solely with questions of international law; those of domestic law (and policy) are just as relevant in practice.
There are two basic ways in which intelligence sharing (or the receipt of shared intelligence) can be contrary to international law. First, it can be unlawful as such, in the sense that a rule of international law may specifically prohibit the sharing of intelligence with a partner, regardless of how the partner intends to use that intelligence. For example, a treaty by which two states agreed to share intelligence with each other may prohibit the further disclosure of that intelligence to third parties. If state A shared intelligence with B, its treaty partner, and B then further shared it with C, which was not a party to the same arrangement, B could be violating a legal obligation of non-disclosure it had towards A, regardless of what C then did with that intelligence.
Second, the sharing or receiving intelligence may be unlawful not because they are prohibited as such, but because they become prohibited due to their connection with an unlawful act of a partner. In such cases intelligence sharing is a form of complicity in the partner’s wrongful act, which the shared intelligence facilitates—for example, state A shares intelligence with B that B then uses to unlawfully invade C, in breach of the prohibition on the use of force in Article 2(4) of the UN Charter.
With regard to the first type of illegality, intelligence sharing that is contrary to specific treaty rules is most likely in the context of longer-term cooperative arrangements such as the Five Eyes – for example, under Article 5(b) of the original UKUSA Agreement ‘[e]ach party shall seek the agreement of the other to any action with third parties, and will take no such action until its advisability is agreed upon.’ Any breach of such agreements is almost certainly going to be dealt with diplomatically and confidentially, and not in some kind of judicial proceeding.
One set of international legal rules that may prohibit intelligence sharing as such is, however, more likely to provoke litigation—international human rights law (IHRL), and specifically the right to privacy. (Domestically or within regional organizations such as the European Union the same applies for data protection law or other municipal privacy safeguards.) If state A shares with B intelligence that concerns a specific individual X, the sharing and receipt of that information may be contrary to X’s right to privacy even if the collection itself was not. Sharing the information, soliciting its collection or sharing, receiving it, processing it, all constitute discrete interferences with privacy that require justification within the IHRL framework, i.e. a showing that they are provided for by law, pursue a legitimate aim, and are necessary and proportionate to achieve that aim.
The recent judgments of the Grand Chamber of the European Court of Human Rights in Big Brother Watch v. UK and Centrum för rättvisa v. Sweden (discussed here) are good examples of how IHRL may regulate the sharing and receipt of intelligence regardless of how the partner uses that intelligence. In BBW, para. 362, the Court thus held that
it is now clear that some States are regularly sharing material with their intelligence partners and even, in some instances, allowing those intelligence partners direct access to their own systems. Consequently, the Court considers that the transmission by a Contracting State to foreign States or international organisations of material obtained by bulk interception should be limited to such material as has been collected and stored in a Convention compliant manner and should be subject to certain additional specific safeguards pertaining to the transfer itself. First of all, the circumstances in which such a transfer may take place must be set out clearly in domestic law. Secondly, the transferring State must ensure that the receiving State, in handling the data, has in place safeguards capable of preventing abuse and disproportionate interference. In particular, the receiving State must guarantee the secure storage of the material and restrict its onward disclosure. This does not necessarily mean that the receiving State must have comparable protection to that of the transferring State; nor does it necessarily require that an assurance is given prior to every transfer. Thirdly, heightened safeguards will be necessary when it is clear that material requiring special confidentiality—such as confidential journalistic material—is being transferred. Finally, the Court considers that the transfer of material to foreign intelligence partners should also be subject to independent control.
The Court also found that Sweden failed to implement proper safeguards when sharing intelligence with its partners, inter alia because the domestic legal framework did not provide that Swedish agencies had to establish that it was necessary and proportionate to share information implicating the privacy interests of a specific individual nor assess whether their partner had minimum safeguards in place (CFR, paras. 326-330, 371). Most states arguably do not have a domestic legal framework regulating the sharing of intelligence that would satisfy IHRL requirements in terms of regulatory quality and clarity and effective domestic oversight, and thus expose themselves to legal liability for violating the privacy of individuals by sharing information pertaining to them.
A couple of caveats, however, with regard to the regulation of intelligence sharing under IHRL. First, the question of extraterritoriality looms large here and remains unresolved so far, even if the overall trend is to find that IHRL applies to state conduct affecting individuals outside its territory (see more here in the context of cyber operations in particular). Second, the right to privacy will inhibit the sharing or receipt of intelligence only if the information being shared falls within the scope of that right. A substantial part of intelligence activities has nothing to do with the privacy interests of individuals—for example, sharing information about the location of a state’s military assets or weapons research does not implicate anyone’s privacy. This is true even if the mode of the collection of the information (e.g. the hacking of an official’s phone or computer) did implicate their privacy interests (e.g. because some of the data on the phone or computer was personal). Third, there is no jurisprudence on how the right to privacy would apply vis-à-vis intelligence sharing in the context of armed conflict or in military operations more generally. One would reasonably expect the relevant privacy guarantees to be applied more flexibly in the context of a military operation when compared to situations of relative normalcy, but this issue remains untested. Again, the privacy guarantees would only apply in the first place if the nature of the shared information was such that it actually implicated the privacy interests of individuals.
The primary focus of my ILS paper is on the second type of illegality—one where intelligence sharing may lead to complicity in a partner’s violation of international law. I will turn to complicity in my subsequent posts on the series. The upshot of my argument is that states can indeed be complicit in a partner’s wrongful act, such as the torture of an individual, when sharing or when receiving intelligence, if the requisite elements of liability are met—for example, if the assisting state is aware of a risk that the intelligence it shares with a partner would facilitate torture, proceeds to share the intelligence despite that risk, the torture occurs and is in fact facilitated by the shared intelligence (e.g. in a rendition operation).
Marko Milanovic is Professor of Public International Law and Co-Director of the Human Rights Law Centre at the University of Nottingham School of Law. He is co-editor of EJIL: Talk!, the blog of the European Journal of International Law, as well as a member of the EJIL’s Editorial Board.
Additional Series Posts